Deploying Docker Containers on UKCloud’s ?· DTR is perfect for: ... Commercially supported Docker…

  • Published on

  • View

  • Download

Embed Size (px)


  • Pure commitment.

    Deploying Docker Containers on

    UKClouds Compute Platform


  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 2


    The topic of Containerisation has gained recent

    prominence with customers wanting to extend their

    reach beyond virtualising a full machine via the

    deployment of encapsulated application containers

    within their own operating environment. This

    approach provides many of the benefits of loading an

    application onto a virtual machine; however, these

    applications can be run on any suitable physical or

    virtual machine without any worries about

    dependencies, all at a fraction of the normal

    computing resource cost. There currently is a wide

    choice of containerisation technologies; however,

    Docker has fast become the most widely adopted.

    The UKCloud IaaS platform is the ideal target for

    containerisation technologies such as Docker as we

    are able to provide a level of data security and

    assurance normally associated with Private Cloud or

    physical servers, whilst also leveraging all the

    efficiencies of Public Cloud.

    This Blueprint describes how customers can deploy

    the core components of Docker upon UKCloud IaaS

    enabling customers to explore the value proposition

    of containerisation, whilst also leverage the data

    security assurance that UKCloud is able to provide to

    the container services and associated image



    Overview 2

    What is Docker? 3

    How are Docker containers different to Virtual

    Machines? 3

    What are the features of Docker? 3

    What are the components of Docker? 4

    How do I run Docker within UKCloud? 5

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 3

    What is Docker?

    Docker is a containerisation technology which allows

    you to package an application with all of its

    dependencies into a standardised unit for software


    Docker containers wrap up a piece of software in a

    complete file system that contains everything it needs

    to run: code, runtime, system tools, and system

    libraries anything you can install on a server. This

    guarantees that it will always run the same,

    regardless of the environment it is running in.

    How are Docker containers different to Virtual Machines?

    Containers have similar resource isolation and

    allocation benefits as virtual machines but a different

    architectural approach allows them to be much more

    portable and efficient.

    What are the features of Docker?

    Lightweight - Containers running on a single

    machine all share the same operating system Kernel,

    so they start instantly and make more efficient use of

    RAM. Images are constructed from layered file

    systems so they can share common files, making

    disk usage and image downloads much more


    Open - Docker containers are based on open

    standards allowing containers to run on all major

    Linux distributions and Microsoft operating systems

    with support for every infrastructure.

    Secure - Containers isolate applications from each

    other and the underlying infrastructure while

    providing an added layer of protection for the


    Scalable - Docker containers spin up and down in

    seconds making it easy to scale an application

    service at any time to satisfy peak customer demand,

    and then just as easily spin down those containers to

    only use the resources you need, when you need it.

    Manageable - Docker makes it easy to identify

    issues and isolate the problem container, quickly roll

    back to make the necessary changes then push the

    updated container into production. The isolation

    between containers makes these changes less

    disruptive than traditional software models.

    Portable - Ship one or many containers to others or

    downstream service teams without worrying about

    different environment dependencies creating issues

    with your application. Other teams can easily link to

    or test against your app without having to learn or

    worry about how it works.

    Fast - Docker easily takes copies of your live

    environment and run on any new endpoint running

    Docker. Docker users on average ship software 7

    times more after deploying Docker in their


    Further details to aid in the understanding of Docker

    can be found at:


    Virtual Machines

    Each virtual machines includes the application, the necessary binaries and libraries and an entire guest operating system - all of which may be tens of GBs in size.

    Docker Containers

    Containers include the application and all of its dependencies, but share the kernel with other containers. They run as an isolated process in user space on the host operating system. Theyre also not tied to any specific infrastructure Docker containers run on any computer, on any infrastructure and in any cloud.

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 4

    What are the components of Docker?

    Docker is a collective term for multiple Docker

    products, a full list of which can be found at:

    For this document we will look at four of the main

    Docker products; Docker Engine, Docker Hub,

    Docker Registry and Docker Trusted Registry.

    1. Docker Engine

    At the core of the Docker platform is Docker Engine,

    a lightweight runtime and robust tool that builds and

    runs your Docker containers. Docker Engine runs on

    Linux to create the operating environment for your

    distributed applications. The in-host daemon

    communicates with the Docker client to execute

    commands to build ship and run containers.

    UKCloud support the running of Docker Engine within

    VMs provisioned upon our Compute platform. A full

    list of supported guest operating systems and simple

    installation instructions for Docker Engine can be

    found at

    2. Docker Hub

    The Docker Hub provides a multi-tenant cloud-based

    platform service hosted by Docker for distributed

    applications, including container image distribution

    and change management, user and team

    collaboration, and lifecycle workflow automation.

    3. Docker Registry

    Docker Registry is a stateless, highly scalable server

    side application that stores and lets you distribute

    Docker images with no Enterprise management

    features or commercial support. You should use the

    Registry if you want to:

    tightly control where your images are being stored

    fully own your images distribution pipeline

    integrate images storage and distribution into your in-house development workflow

    4. Docker Trusted Registry

    Docker Trusted Registry (DTR) is similar to Docker

    Registry in that it lets you run and manage your own

    Docker image storage service; however, it focuses

    on Enterprise features and can be deployed securely

    on your own virtual infrastructure behind your edge

    firewall. This allows you to securely store, push, and

    pull the images used by your enterprise to build, ship,

    and run applications. DTR also provides monitoring

    and usage information to help you understand the

    workloads being placed on it.

    Specifically, DTR provides:

    A commercially supported image registry to store, manage, and collaborate on Docker images

    Role-based access control (RBAC)

    Integration with LDAP and Active Directory

    Pluggable storage drivers

    Configuration options to let you run DTR in your particular enterprise environment.

    Easy, transparent upgrades

    Logging, usage and system health metrics

    DTR is perfect for:

    Providing a secure development environment

    Creating a streamlined build pipeline

    Building a consistent, high-performance test/QA environment

    Managing image deployment

    To get started with DTR please see the install page.

    Note: Docker Trusted Registry (DTR) is a

    commercial supported product from Docker. To get

    your copy of DTR, including a free trial, visit the

    Docker Subscription page.

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 5

    How do I run Docker within UKCloud?

    Docker Engine

    Docker Engine is supported natively by the following


    RPM: Fedora 20 +, Red Hat Enterprise Linux

    6.6 +, CentOS 6.5 +

    Debian: Ubuntu 12.04 +, Debian 7.7 +

    Note: Docker requires a 64-bit installation regardless

    of your Linux OS, in addition your kernel must be

    3.10 or higher.

    Installation Steps (Ubuntu Trusty 14.04 - LTS)

    1. Create a new VM following the Quick-Start Guide (a Small VM will suffice for initial testing)

    Figure1. vCloud Director VM configuration panel

    2. Log into your Ubuntu installation as a user

    with sudo privileges.

    3. Verify that you have wget installed.

    $ which wget

    4. If wget isnt installed, install it after updating

    your manager:

    $ sudo apt-get update

    $ sudo apt-get install wget

    5. Get the latest Docker package.

    $ wget -qO- | sh

    The system prompts you for

    your sudo password. Then, it downloads

    and installs Docker and its dependencies.

    Note: If your company is behind a filtering

    proxy, you may find that the apt-

    key command fails for the Docker repo

    during installation. To work around this, add

    the key directly using the following:

    $ wget qO |

    sudo apt-key add -

    6. Verify docker is installed correctly.

    $ sudo docker run hello-world

    This command downloads a test image and

    runs it in a container.

    Further installation details can be found at

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 6

    Docker Registry

    Docker Registry has shipped as standard from

    Docker 1.6.0, and to use the Registry is simply a

    case of starting the service on a VM that has Docker

    Engine installed and running as per the above.

    Start your registry:

    $ docker run -d -p 5000:5000 \ --

    restart=always --name registry


    You can now tag an image and push it:

    $ docker pull ubuntu && docker tag

    ubuntu localhost:5000/batman/ubuntu

    $ docker push


    Then pull it back:

    $ docker pull


    By default, your registry stores its data on the local

    file system, inside the container. In a production

    environment, its highly recommended to use another

    storage backend such as UKCloud Cloud Storage;

    further details can be found here.

    For enhance Enterprise features and a commercially

    supported version of Docker Registry customers can

    install Docker Trusted Registry using the steps

    outlined below.

    Docker Trusted Registry


    In order to run DTR, you will need to get a license,

    either by purchasing DTR or acquiring a trial license.

    To get your license, visit the Docker Subscription

    page and select the edition you would like acquire.

    Figure 3. Docker Trusted Registry licensing website

    Commercially supported Docker Engine 1.6.1 or later

    running on an Ubuntu 14.04 LTS, RHEL 7.1 or RHEL

    7.0 host. (See below for instructions on how to install

    the commercially supported Docker Engine.)

    Your Docker daemon needs to be listening to the

    Unix socket (the default) so that it can be bind-

    mounted into the DTR management containers,

    allowing DTR to manage itself and its updates. For

    this reason, your DTR host will also need internet

    connectivity so it can access the updates.

    Your host also needs to have TCP

    ports 80 and 443 available for the DTR container

    port mapping.

    Installation Steps (Ubuntu Trusty 14.04 - LTS)

    1. Download the commercially supported Docker Engine Bash installation script:

    a. Log in to the Docker Hub with the user-name used to obtain your license.

    b. Once youre logged in, go to the Licenses page in your Hub accounts Settings section (accessed via the gear icon at upper right).

    c. Click the button at the top right of the page that corresponds to your intended host operating system.

    d. Once the Bash setup script is downloaded, follow the steps below appropriate for your chosen OS.

    2. Copy the downloaded Bash setup script to your Ubuntu host.

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 7

    3. Run the following to install commercially supported Docker Engine and its dependencies:

    $ sudo apt-get update && sudo apt-

    get upgrade

    $ sudo apt-get install -y linux-


    $ sudo reboot

    $ chmod 755 docker-cs-engine-

    $ sudo ./

    $ sudo apt-get install docker-


    4. Lastly, confirm Docker is running with

    sudo service docker start.

    In order to simplify using Docker, you can get non-

    sudo access to the Docker socket by adding your

    user to the docker group, then logging out and

    back in again:

    $ sudo usermod -a -G docker $USER

    $ exit

    Note: you may need to reboot your server to update

    its LTS kernel.


    For further information about UKCloud and how we

    can help you, please send an email to

  • UKC-GEN-259 Deploying Docker Containers on UKClouds Compute platform 8

    UKCloud Ltd

    A8 Cody Technology Park

    Ively Road



    GU14 0LX

    +44 (0)1252 303300

    Reasonable efforts have been made to ensure the accuracy of the information contained in this document. No advice given or statements or recommendations made shall in any circumstances constitute or be deemed to constitute a warranty by UKCloud Ltd as to the accuracy of such advice, statements or recommendations. UKCloud Ltd shall not be liable for any loss, expense, damage or claim howsoever arising out of the advice given or not given or statements made or omitted to be made in connection with this document.

    No part of this document may be copied, reproduced, adapted or redistributed in any form or by any means without the express prior written consent of UKCloud Ltd.

    UKCloud Ltd 2016 All Rights Reserved.

    UKC-GEN-259 07/2016



View more >