Docker Container Management using Universal Control Plane

Docker recently announced Universal Control Plane (UCP) beta availability to the public. This tool delivers Enterprise-ready capabilities and is meant to be run in companies’ on-premises data centers and public cloud environments too.  The Beta access is a Christmas gift for both developers and operation engineers.

UCP looks promising in managing the entire lifecycle of Docker-based applications — automating the workflow between development and production — regardless of whether the containers run on hosted or in-house platforms.Developers can deploy applications in containers with the new tool, while operations people can use it to determine which data center infrastructure gets used.

The UCP is meant as one central system to cut across any cloud, any infrastructure and easily provision anything one need from a compute, network, storage and policy standpoint.

As Docker Inc. clearly states its capabilities in terms of:

  • Enterprise-ready capabilities such as LDAP/AD integration, on-premises deployment and high availability, scale, and load balancing.
  • For developers and IT ops, a quick and easy way to build, ship, and run distributed apps from a single Docker framework.Docker native solution using core Docker tools, API and vast ecosystem.
  • Fastest time to value with an easy to deploy and use solution for Docker management.

The control plane integrates the native Docker tools – Engine, Compose and Swarm – and integrates them on a graphical front end. I enrolled for beta access few days back and tried my hands in setting up UCP on my Google Cloud Engine. I had already 4 nodes swarm cluster running on recently purchased Google Cloud Engine. Here is the available Docker Swarm setup which I used to explore Universal Control Plane  and demonstrate how easily it manages and configures containers, hosts, and network flawlessly.

Setup:UCP_Note

Remember:- UCP requires a minimum of 1.50 GB, ensure that you don’t choose micro instances for setting up UCP.

1.Ensure that Docker 1.9.1 is installed on the nodes:

#wget -qO- https://get.docker.com/ | sh

Processing triggers for systemd (225-1ubuntu9) …
Processing triggers for man-db (2.7.4-1) …
Setting up docker-engine (1.9.1-0~wily) …
Installing new version of config file /etc/bash_completion.d/docker …
Installing new version of config file /etc/init.d/docker …
Installing new version of config file /etc/init/docker.conf …
Processing triggers for ureadahead (0.100.0-19) …
Processing triggers for systemd (225-1ubuntu9) …
+ sh -c docker version
Client:
Version:      1.9.1
API version:  1.21
Go version:   go1.4.2
Git commit:   a34a1d5
Built:        Fri Nov 20 13:20:08 UTC 2015
OS/Arch:      linux/amd64
Server:
Version:      1.9.1
API version:  1.21
Go version:   go1.4.2
Git commit:   a34a1d5
Built:        Fri Nov 20 13:20:08 UTC 2015
OS/Arch:      linux/amd64
If you would like to use Docker as a non-root user, you should now consider
adding your user to the “docker” group with something like:
sudo usermod -aG docker your-user
Remember that you will have to log out and back in for this to take effect!

The above single command is enough to install the latest 1.9.1 version on the nodes. Repeat the command on all the nodes to get UCP working.

2.Run the below command on one of the available node to setup UCP.

Machine: 10.240.0.5

root@docker-3:~# docker run –rm -it -v /var/run/docker.sock:/var/run/docker.sock –name ucp dockerorca/ucp install  -i
INFO[0000] Verifying your system is compatible with UCP
Please choose your initial Orca admin password:
Confirm your initial password:
INFO[0009] Pulling required images
Please enter your Docker Hub username: ajeetraina
Please enter your Docker Hub password:
Please enter your Docker Hub e-mail address: ajeetraina@gmail.com
INFO[0045] Pulling required images
WARN[0147] None of the hostnames we’ll be using in the UCP certificates [docker-3 127.0.0.1 172.17.42.1 10.240.0.5]
contain a domain component.  Your generated certs may fail TLS validation unless you only use one of these shortna
mes or IPs to connect.  You can use the –san flag to add more aliases
You may enter additional aliases (SANs) now or press enter to proceed with the above list.
Additional aliases:
INFO[0221] Installing UCP with host address 10.240.0.5 – If this is incorrect, please use the ‘–host-address’ flag
to specify a different address
WARN[0000] None of the hostnames we’ll be using in the UCP certificates [docker-3 127.0.0.1 172.17.42.1 10.240.0.5
10.240.0.5] contain a domain component.  Your generated certs may fail TLS validation unless you only use one of th
ese shortnames or IPs to connect.  You can use the –san flag to add more aliases
INFO[0005] Generating Swarm Root CA
INFO[0024] Generating UCP Root CA
INFO[0032] Deploying UCP Containers
INFO[0074] UCP instance ID: MKBT:XJMI:63OD:PKUY:BH7F:OCZL:7S6V:OIGV:4OAB:U2Y3:TYBF:EWN7
INFO[0074] UCP Server SSL: SHA1 Fingerprint=85:07:66:3B:D3:46:9D:3F:FE:4D:4A:22:59:D1:80:41:2A:57:DE:70
INFO[0074] Login as “admin”/(your admin password) to UCP at https://10.240.0.5:443
root@docker-3:~#

That’s it. You can now browse to the web browser to see the UCP working.

UCP_1

Once login, you will see the single host machine (as we haven’t still added any further nodes) as shown:

UCP-2

Adding Nodes to Docker UCP:

Machine:10.240.0.2

Run the below command to add more nodes:

root@docker-1:~# docker run –rm -it  –name ucp  -v /var/run/docker.sock:/var/run/docker.sock  dockerorca/ucp join  –url https://10.240.0.5:443  –san 10.240.0.2
–host-address 10.240.0.2 –interactive
Please enter the URL to your Orca Server: https://10.240.0.5:443
Orca server https://10.240.0.5:443
Subject: ucp
Issuer: UCP Root CA
SHA1 Fingerprint=85:07:66:3B:D3:46:9D:3F:FE:4D:4A:22:59:D1:80:41:2A:57:DE:70
Do you want to trust this server and proceed with the join? (y/n): y
Please enter your UCP Admin username: admin
Please enter your UCP Admin password:
INFO[0024] Pulling required images
Please enter your Docker Hub username: ajeetraina
Please enter your Docker Hub password:
Please enter your Docker Hub e-mail address: ajeetraina@gmail.com
INFO[0047] Pulling required images
WARN[0121] None of the hostnames we’ll be using in the UCP certificates [docker-1 127.0.0.1 172.17.42.1 10.240.0.2 10.240.0.2] contain a domain component.  Your gen
erated certs may fail TLS validation unless you only use one of these shortnames or IPs to connect.  You can use the –san flag to add more aliases
You may enter additional aliases (SANs) now or press enter to proceed with the above list.
Additional aliases:
WARN[0000] None of the hostnames we’ll be using in the UCP certificates [docker-1 127.0.0.1 172.17.42.1 10.240.0.2 10.240.0.2 10.240.0.2] contain a domain component
.  Your generated certs may fail TLS validation unless you only use one of these shortnames or IPs to connect.  You can use the –san flag to add more aliases
INFO[0000] This engine will join UCP and advertise itself with host address 10.240.0.2
INFO[0000] Verifying your system is compatible with UCP
^[[CINFO[0017] Starting local swarm containers
root@docker-1:~#

Wow !! You have now node added and displayed under UCP as shown:

UCP_2Nodes

Universal Control Plane is feature-rich and holds a set of GUI-based workflows, this control plane can reach into an enterprise registry and pull out specific containers and then allow the administrator to choose which infrastructure to run them on,that could be AWS, Azure, Google Cloud or on-premises OpenStack clouds.

In future, I am going to explore UCP further in terms of its integration with Docker Compose, Docker Engine and Docker Machine. Till then, keep Reading !!

Leave a Reply

Your email address will not be published. Required fields are marked *