Last Dockercon, dozens of new Docker CLI Plugin were introduced. All of these CLI plugins will be available in upcoming Docker Enterprise 3.0 GA release this year. Docker Desktop Enterprise 3.0 Public Beta was made available soon after Dockercon event during 2nd week of May 2019. This public beta consists of Desktop Enterprise 2.0.0.4-ent, Universal Control Plane 3.2, Docker Trusted Registry 2.7, and Engine Enterprise 19.03.0. Similar to previous deployments, Docker Enterprise components except Docker Engine are deployed as containers. Please note that only a limited subset of operating systems have been tested for the current beta release, including RHEL 7.6, and Ubuntu 16.04 and 18.04, and Windows Server 2019.
What is DCI all about?
One of the primary focus of this public beta is enhancement around expanding choices. Docker Certified Infrastructure(DCI) is Docker’s prescriptive approach to deploying Docker Enterprise Edition on a range of infrastructures. DCI is designed to automate and reliably deliver a secure, enterprise-ready container platform, integrated with your existing management and infrastructure tools.
Is DCI targeted only for Enterprise customers?
The short answer is “Yes”. DCI is installed in Docker Engine – Enterprise and Desktop Enterprise by default. DCI provides a declarative way to build and manage Docker clusters. It implements a Docker CLI plugin that exposes a `docker cluster` top-level command, and lets you define a cluster in a YAML file.
How does it work?
At a high-level, you define a cluster in a YAML file and instantiate it with `docker cluster create`. The DCI back-end then performs the hard work of building the cluster.
What Platform does it support?
DCI currently supports building and managing clusters on AWS during the Public beta with upcoming support Azure, and VMware vSphere by General Availability.
In my last blog, I talked about “What’s New in Docker Desktop Enterprise 3.0” which introduced a new way to build, share and run multi-service apps on any infrastructure with Docker Applications. Under this blog post, I will showcase how to get started with docker clusterCLI plugin
Pre-requisite:
- Install AWS CLI on your MacOS
[Captains-Bay]? > aws --version
aws-cli/1.11.107 Python/2.7.10 Darwin/17.7.0 botocore/1.5.70
[Captains-Bay]? >
- AWS Access Keys
If you already have an `~/.aws/credentials` file, you can skip this step. Use the `aws configure` command to specify your AWS credentials.
You will require a Docker ID with access to a Docker UCP subscription either:
- Docker Enterprise 3.0 Beta License for Docker Enterprise 3.0 Beta
- An active Docker Enterprise license (paid or trial) to install generally available Docker Enterprise version
Also, An AWS account with security credentials you will need AWS credentials with the following IAM policies:
- AmazonEC2FullAccess
- AmazonElasticFileSystemFullAccess
- AmazonRoute53DomainsFullAccess
- AmazonS3FullAccess
- IAMFullAccess (for creating instance profiles with roles and policies)
- Register for Public beta under https://beta.docker.com
- Under Docker Beta registration page, sign in with your DockerID
- Once you complete your registration, you will see the links for Docker Desktop Enterprise for Mac and Windows. Download your preferred software based on your desktop OS.
Installing Docker Desktop Enterprise
You can directly download Desktop Enterprise for Mac too with the below link:
https://download.docker.com/mac/enterprise/Docker.pkg
To install double click the .pkg file. For Mac administrators, the following command line options support fine tuning and mass installation, after which Docker Desktop Enterprise can be run from the Applications folder on each individual machine.
sudo installer -pkg Docker.pkg -target /The license file must then be either installed in the following location:
~/Library/Group Containers/group.com.docker/docker_subscription.lic
Or can be provided in the UI when starting the application for the first time (/Applications/Docker.app).
Click on “whale” icon which appear at the right top of the screen to verify if Docker Desktop Enterprise comes up well.
[Captains-Bay]? > docker version
Client: Docker Engine - Enterprise
Version: 19.03.0-beta4
API version: 1.40
Go version: go1.12.5
Git commit: d9934ea
Built: Tue May 14 06:40:00 2019
OS/Arch: darwin/amd64
Experimental: false
Server: Docker Engine - Enterprise
Engine:
Version: 19.03.0-beta4
API version: 1.40 (minimum version 1.12)
Go version: go1.12.5
Git commit: d9934ea
Built: Tue May 14 06:46:25 2019
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: v1.2.6
GitCommit: 894b81a4b802e4eb2a91d1ce216b8817763c29fb
runc:
Version: 1.0.0-rc8
GitCommit: 425e105d5a03fabd737a126ad93d62a9eeede87f
docker-init:
Version: 0.18.0
GitCommit: fec3683Login to Docker Hub
Login to Docker Hub with a Docker ID that has access to a Docker EE/UCP repository.
[Captains-Bay]? > docker login
Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one.
Username: ajeetraina
Password:
Login Succeeded
Testing the inbuilt docker cluster CLI Plugin
[Captains-Bay]? > docker cluster version
Version: v0.3.0
Commit: dc3d07a
Build: PluginCluster Declaration
It’s time to declare our cluster. We’ll use the following YAML file to deploy a new cluster to AWS. By default, `docker cluster create` will look for a cluster.yml file in the current working directory. Alternatively, you can give the file any name you choose. Let’s create a cluster.yml file with the following contents of a simple cluster definition. The below YAML will allow you to install Docker Enterprise 3.0 beta on 1 manager and 1 DTR node.
variable:
region: us-east-1
subscription_url: https://storebits.docker.com/ee/m/sub-zxxxx/ ## Don't forget to add / at the end as shown
ucp_password:
type: "prompt"
provider:
aws:
region: ${region}
cluster:
engine:
url: ${subscription_url}
version: "ee-test-19.03"
ucp:
version: "docker/ucp:3.2.0-beta4"
username: "admin"
password: ${ucp_password}
dtr:
version: "docker/dtr:2.7.0-beta4"
resource:
aws_instance:
managers:
quantity: 1
registry:
quantity: 1Let us go through each of the below section one by one –
The YAML has four top-level resources:
| – variable- provider – cluster – resource |
The `variable` section declares variables that will be used in the cluster declaration. The ucp_password uses type “prompt” to indicate that `docker cluster` will request a value at cluster creation.
The `provider` section declares that this cluster will be deployed in AWS, and references the region parameter.
The `cluster` section defines the Docker Engine and UCP versions to deploy. It also specifies the UCP admin credentials to apply to the cluster.
The `resource` section requests a single AWS instance to be configured as a UCP manager.
Spinning up Docker Enterprise 3.0 on AWS Platform
[Captains-Bay]? > docker cluster create -f cluster.yml --log-level debug
Please provide a value for ucp_password
DEBU[0009] Image Ref: sha256:ea8a7a832f839d48f478e37602cb7f67207be6f612c3a00aeafa42ca9f155214
DEBU[0009] Generating public/private rsa key pair.
DEBU[0010] Your identification has been saved in /data/keys/ssh/id_rsa.
DEBU[0010] Your public key has been saved in /data/keys/ssh/id_rsa.pub.
DEBU[0010] The key fingerprint is:
DEBU[0010] SHA256:CnQ4M5/f+2AOXj+azUVReBXXXXX cluster@a1f8091cbb6a
DEBU[0010] The key's randomart image is:
DEBU[0010] +---[RSA 2048]----+
DEBU[0010] | .. +o|
DEBU[0010] | . .. o.+|
DEBU[0010] | * .o. .o.|
DEBU[0010] | . *+.oo o. |
DEBU[0010] | ..o=S ... |
DEBU[0010] | .oo o o. |
DEBU[0010] | ..+.Oo . |
DEBU[0010] | o+.E.B.. |
DEBU[0010] | o+oo =o=. |
DEBU[0010] +----[SHA256]-----+
DEBU[0010] Planning cluster on aws Sit back & Relax ! This is going to take couple of minutes to bring up your Docker Enterprise 3.0
Troubleshooting Tips:
In case you encounter issue around unable to pull dockereng/cluster:v0.3.0
there is a quick workaround. Reason – The dockereng/cluster:v0.3.0
[Captains-Bay]? > docker pull docker/cluster:v0.3.0
v0.3.0: Pulling from docker/cluster
bdf0201b3a05: Pull complete
227965e0be77: Pull complete
656c27da0276: Downloading 10.18MB/98.87MB
6bc49ae6e7fa: Download complete
ddbd7883b3bf: Download complete
90dd03face76: Download complete
cb5cae322035: Download complete
c0c9485136e8: Download complete
a5ab55def61b: Download complete
ddbd7b624dc0: Download completeNow you need to tag it to dickering/cluster:v0.3.0
docker tag docker/cluster:v0.3.0 dockereng/cluster:v0.3.0Please note that this issue has been fixed under cluster CLI version 0.3.3. By now, you should be able to see the below window while accessing it over the browser.
Once you upload License, you should be able to access Docker Enterprise 3.0 UI as shown below:
Inspecting the cluster
You can use docker cluster ls to list out the cluster. Even you can inspect the cluster using the below command:
[Captains-Bay]? > docker cluster inspect fervent_taussig
name: fervent_taussig
shortid: 67fb8cb05043
variable:
region: us-east-1
subscription_url: https://storebits.docker.com/ee/m/sub-a3dd83ed-d9db-440f-a175-e11347fb1037/
ucp_password: Oracle9ias
provider:
aws:
region: us-east-1
tags:
pet: "true"
project: CSG-DCI
version: ~> 1.0
cluster:
dtr:
version: docker/dtr:2.7.0-beta4
engine:
storage_volume: /dev/xvdb
url: https://storebits.docker.com/ee/m/sub-a3dd83ed-d9db-440f-a175-e11347fb1037/
version: ee-test-19.03
registry:
url: https://index.docker.io/v1/
username: ajeetraina
ucp:
username: admin
version: docker/ucp:3.2.0-beta4
resource:
aws_instance:
managers:
_running:
managers_ids:
- i-088036137bdf5564a
managers_ips:
- 35.170.33.58
instance_type: t2.xlarge
os: Ubuntu 16.04
quantity: 1
role: manager
registry:
_running:
registry_ids:
- i-016770ea989a55a0a
registry_ips:
- 18.208.208.51
instance_type: t2.xlarge
os: Ubuntu 16.04
quantity: 1
role: dtr
Using context switching to switch from Docker Desktop to remote AWS cluster
[Captains-Bay]? > docker context ls
NAME DESCRIPTION DOCKER ENDPOINT KUBERNETES ENDPOINT ORCHESTRATOR
default * Current DOCKER_HOST based configuration unix:///var/run/docker.sock https://localhost:6443 (default) swarm
fervent_taussig fervent_taussig tcp://35.170.33.58:443
[Captains-Bay]? > docker context use fervent_taussig
fervent_taussig
Current context is now "fervent_taussig"
[Captains-Bay]? > docker node ls
ID HOSTNAME STATUS AVAILABILITY MANAGER STATUS ENGINE VERSION
fbe5k12hyoit5qcdtatamz907 * ip-172-31-9-19.ec2.internal Ready Active Leader 19.03.0-beta4
hs8jz9vnuwqjjjukzh9s2rejc ip-172-31-10-73.ec2.internal Ready Active 19.03.0-beta4
[Captains-Bay]? >As you can see, it shows up UCP nodes cluster running on remote AWS Cloud Platform.
Open up the browser and you shall be able to access Docker Enterprise v3.2.0-beta4 Release.
In my next blog post, I will talk around docker registry as well as docker gmsa CLI Plugin. Stay tuned !
Comments are closed.