In this lab we will perform various common core tasks you would perform when working with containers.
- 1 DevOps MPP Course Source
- 2 Pre-requisites:
- 3 Lab Tasks:
- 4 Estimated Lab Time:
- 5 Task 1: Install Docker Client on Your Machine
- 6 Task 2: Run a docker container on Windows
- 7 Task 3: Build a new Container Image
- 8 Task 4: Create a repository with Azure Container Registry and Push a customized container image to it.
- 9 Task 5: Using docker-compose to orchestrate multiple containers
- 10 Summary
DevOps MPP Course Source
- This lab is used in course Configuration Management for Containerized Delivery – Module 1.
- You will require an Azure subscription to complete Task 4 in this lab. If needed, details on setting up a free Azure account are available on the page Create your Azure free account today.
- Install Docker Client on Your Machine
- Run a docker container on Windows
- Build a new Container Image, spin up a container website and then scale it
- Create a repository with Azure Container Registry and Push a customized container image to it.
- Using docker-compose to orchestrate the building and running of multiple containers
Estimated Lab Time:
- approx. 70 minutes
Task 1: Install Docker Client on Your Machine
In this exercise, you will install Docker client on your machine. If you are performing the steps in an Azure virtual machine with Docker already installed you can move to the next exercise.
If you wish to use an Azure virtual machine nested virtualization is supported in Azure using Dv3 and Ev3 virtual machines sizes.
This exercise is intended for scenarios where your environment does not already have Docker available in your windows environment.
If you are performing these steps in your local windows environment you do not need a Microsoft Azure subscription for this first exercise, but you will need one for the subsequent exercises.
Navigate to the Install Docker page and quickly familiarise yourself with what options are available for installing Docker. You can choose an appropriate option for you and your environment, but we will use the Docker Community Edition (CE) and our steps below will be based around Windows, you can install docker and follow the steps in your Linux or macOS environment also if you wish.
Navigate to Docker Community Edition download page, locate your operating system i.e. Docker CE For Windows and click the Download from Docker Store link.
On the Docker Commnunity Edition for Windows, page, click the Get Docker CE for Windows (stable) button, we will use the stable version and follow the prompts to complete the installation. You may need to restart to complete the depending on your installation.
Once docker is installed, open a command prompt and run the below command and verify help command options are returned.
Note: The commands that we will run through in the following steps, will be the same in Windows, Linux or macOS.
Run the below command and verify it returns version information. It should return the client and server details for version, API version, GO version, Git commit, date built and OS/Architecture
Run the below command and verify it returns just the version information
Run the below command to get the docker compose version. Docker-compose allows you write .yml files to configure an application’s services in your containers.
Run the below command to get the docker machine version. Docker machine allows you to manage host machines
Run the below command. This will return various information about number of containers, running, images, architecture, and various settings. Scroll through them to get a feeling for what the individual elements are referring to.
Task 2: Run a docker container on Windows
In this exercise, you will run a container to demonstrate the concept of immutability with containers.
Verify that docker is correctly installed by running the command below to see what containers are present on the system. If it is a new installatio an dno containers have been run previously, there will be none listed, as in the screenshot.
Start by running a simple windows container with the command prompt, cmd.exe, running in it, by running the following command:
A new command window will open which is running inside the container. The context in which the cmd window is running will indicate it is running inside the container with the command you have just run, as in the screenshot below.
- Potential Errors and Issues:
- If you receive a message saying something like image operating system “windows” cannot be used on this platform”, your docker installation may be set to run Linux containers and you need to switch it to windows, to be able to successfully run windows containers. (or vice versa)
Do this by going to the system tray, selecting the arrow, locating the docker icon, right clicking it and choosing switch to Windows containers…
This may take a minute or so to switch, you can verify it is switched by checking that the message in the menu, now prompts to switch to Linux containers i.e. the opposite to what it was
If you receive an error message saying something like ..encountered and error during CreateContainer: failure in a Windows system call:….virtual hard disk files must be run uncompressed and unencrypted and must not be sparse…… this may be due to the disk where the container is trying to run, being compressed or encrypted. You will need to uncompress or unencrypt the disk to allow the container to run on that disk.
- Potential Errors and Issues:
Inside the command prompt in the newly started container run the following commands in sequence, to view the directory contents, create a directory called demo, then go inside of the new demo directory
Create a new file called myfile.txt and add some text, press Enter after you type the text, and then exit the copy con command and copy the file by running the below commands
press Enter then exit the command by pressing the below keys
Verify the newly created file is present by running the command
Exit the container by running the command
If this is not working for you try the command sequence ctrl + p + q (holding down the ctrl key while pressing p and then q in sequence.) You should retrun to a command prompt and the header in the command prompt window should no longer have the docker command.
Note: this command exits the container but leaves it running.
When back on the host run the following command
Now you should see a container running with a generated name. Note the name for use in later steps. If you have run containers previously and they are still running in your environment they may also be listed, but the below screenshot only has one listed.
Verify that you don’t see the file you created earlier, myfile.txt on your host by going to the C: directory and running the command
Stop the container by running the below command
(the name or contianer ID can be obtained from running the docker ps command.
Also, note that you only need to provide the first two digits of the container ID for the command to run successfully, once it is a unique ID value you do not need to provide the whole ID.)
Now run the below commands to view the running containers, and then view all containers, including stopped containers.
Now launch a container with the cmd.exe running as was done earlier, by rnuning the below command again.
Inside the running container command prompt window container run the command
Verify that the folder and file your created earlier, i.e. myfile.txt is not present.
This demonstrates the immutability, or unchanging nature, of containers i.e. every time we start a container we get a new fresh copy and the changes that were made to it while it was running previously are not present in this new running instance.
You should exit the docker container by typing exit when you are finished. You can also run the commands docker ps and docker ps -a to view the currently running and all containers that have run.
Task 3: Build a new Container Image
In this exercise, you will go through the steps of creating a new Container image, firstly from the command line using Docker commit, and then using a docker file and the docker build command. You can also view similar related tasks by watching the course demos in Module 1 > Lesson 3 – Containers and Docker.
Create a container image using steps on the command-line
In the command line ensure that docker is installed and then run the command
In the running container window run the following commands, to create a folder and .txt file in the container, enter some text into the .txt file, press Enter after typing the text, type ctrl+c to exit the copy con command and then exit the container.
press ctrl + C to exit the copy con command, then exit the container by running the command
Note: Windows does not support the committing of a running container to an image so we need to exit, by typing exit and not typing ctrl + p + q which leaves the container running.
Back in the command line, view the containers by running the command
If the container is still running, stop it by using the command
Create an image for the container you just created by running the command
View the available images by running the command
View a list of the containers, remove the earlier container that you commited to an image and verify it has been deleted by running the commands
Note: if you have a large number of containers on your system, they can use up a significant amount of space, if you wish to delet them all you can use the docker system prune command, more details are available on the docker docs page docker system prune .
Be aware though that this will also remove networking and other docker configurations, so be careful if deciding to use it that you understand the implications. If you only have a few images to remove perhaps using **docker rm ** is an easier option for you.
Now run a container based on the same container that you ran earlier, in step 1, i.e. using the same container name < mycontainername>, and verify the folder you created earlier is not present in the container, i.e. all changes were not retained in the container, and then exit the container.
Now run your newly created container image by running the command
Verify the builddemo folder you created earlier is present in the image you created. You can open the text file within this folder to verify it is the same file if you wish.
This demonstrates that changes made within containers can be retained by committing the container to an image.
Create a container image using the docker build file and spin up a container website
Firstly, you will need to create some files that you will need, Dockerfile and index.html.
Create the Dockerfile by creating a folder on your local drive C:Dockerfile
In this folder, create a new .txt file and copy or type in the following, in the format below, each in a new line.
FROM microsoft/iis WORKDIR /inetpub/wwwroot ADD index.html index.html
as in the screenshot below
- Save the file with no extension, with the name Dockerfile
- The first line in the file is the base image we will use
- The second line sets a working directory in the container of /inetpub/wwwroot
- The third line, then adds a file, index.html, to that directory
Still in this folder create a new file called Index.html file, then open the file in notepad and copy or type in the following text. When finished Save the file.
- You should now have a folder C:Dockerfile containing two files, as below, that contain the above content.
Now we will go ahead and build our container image using the newly created files and the docker build command
In the command prompt window go to C:Dockerfile folder by typing
Build the image by running the following command in the command line from within the folder you created earlier that contains the files i.e. C:Dockerfile
Note: do not forget the ‘ . ‘ at the end of the below command, this specifies the context in which it needs to build the image, which is the folder you are in.
It may take 10 minutes or so to complete and the image should be built successfully
View the image you just built by running the command
Now run the image by running the following command
Note: If you get the error message failed to create endpoint < container name> on network nat: HNS failed with error : The process cannot access the file because it is being used by another process., as in the screenshot below. This is most likely due to a port you specified already being used by another process. Change the port numbers listed above to another port value 80:80 or 8081:80 etc
View the running container by running the following command, and note the container ID for use in the next step.
Obtain the IP address for the container by running the following command
Note: You do not need to type the full container ID, you only need to enter the first two or three characters.
Scroll through the output and under Networks > Locate the IPAddress value
On the machine where the container is running, open a browser and go to the IP address you noted in the previous step i.e. type http://172.19.41.238, or what your IPAddress value is for your container.
You should see the new website running on port 8080 serving the index.htm file that is in the current folder
Scale out your container websites
We will quickly scale out our container web sites, to demonstrate how quickly it is to csale using containers.
Start new containers based off your earlier image, by running the following command three times, each time incrementing the container port value, the 80 is the host port value.
Get a list of the running containers and note their container IDs
Obtain the IP Address values for each running container by running the following command, and noting the values listed for each container individually.
The IP Address values will all be different, the values on our containers are below
Open up a web browser and go to each page i.e. http://IPAddress-Value, you should have
In a few steps we have very quickly spun up three additinal instances of our container web page. This demonstrates how quickly container can be scaled, in comparison to virtual machines they start up very quickly. This is one of the reasons for the popularity and interest in containers.
Scale down your container websites
Stop the running containers by running the command for each container
Return to the web browser and refresh it, and verify the container web pages are no longer available.
We have very quickly scaled down our container web pages.
We can quite quickly and easily scale our website and have as many instances as we wish running within minutes and equally can quite quickly scale them back down again.
NOTE: Do not delete the image as we will use this in later exercises. Also, failure to stop the image may result in some errors in later exercises.
Task 4: Create a repository with Azure Container Registry and Push a customized container image to it.
In this exercise, you will create an Azure Container Registry, and then push a previously created container image to the Azure Container Registry.
Create and connect to an Azure Container Registry
Sign into your Azure subscription at http://portal.azure.com,
In Azure click Create a resource type registry, and locate ** Container Registry** service and in the Container Registry blade, click Create
- Use the values
- Registry name: acrek1 (it must be a unique name)
- Subscription: < your own subscription >
- Resource group: Create new > acrek1_rg
- Location: < data center location nearest to you >
- Admin User: enable
- SKU: Basic And click Create when finished entering the above.
Note: Details on the SKU pricing and capabilities are available here
Open your newly created container registry service.
- Go to Access keys and copy down the following details to use when setting up the
- Registry name: acrek1 (it must be a unique name)
- Login server: < it should look something like this, acrek1.azurecr.io >
- Username: acrek1
- Password: <it should look something like this, nzflMvymzne=HLgv2xUjy0tD7h7KDyZl>
Verify you can connect from the command line by running the command
You should receive a Login Succeeded message.
However, the message tells us that using the parameter *-p to supply the password, is inscecure. By using this method to pass the password it may be accessible via the shell’s history or log files. The message prompts us to use the -password-stdin parameter which is considered more secure. To achieve this we would need to pass the password as a variable in a credential store or encrypted file, and then call that variable when running the docker login command. It could be done a number of ways but we will not do that in this lab. There are more details on how to provide a password using STDIN available Here
Push a customized container image to an Azure Container Registry
Still logged into you Azure Container Registry service, from the command line run the command
You should see an image that you created earlier, named iiscntr1, or whatever you named it in Task 3.
Tag your container image and prefix it with the name of your Azure Container Registry by running the command
The command should look something like the below
NOTE: If you do not prefix the image with your container registry name, you will not be able to push it to your container registry.
Further details are available on the docker tags command for tagging images on the docs.docker.com site site.
Verify the image has been tagged correctly by running the below command.
The command should look something like the below
Note: It will have the same hash ID value as the original image, but will just be tagged differently, as in the screenshot above.
Now push the image to your Azure Container Registry by running the command
Open your Azure Container Registry service in the azure portal and go to Repositories, and verify the image is now listed under repositories. Verify it also has the latest tag associated with it.
NOTE: Do not delete image or the Azure Container Registry service, as it will be used in a subsequent lab task.
Task 5: Using docker-compose to orchestrate multiple containers
In this task, we will use the docker-compose command to orchestrate the creation of two container instances, i.e. one to host the PartsUnlimited website and one to host the SQL database for the PartsUnlimited website. The website container will have a dependency on the db container, so the docker-compose command will orchestrate the timing of the container creation.
Note: In order to create the PartsUnlimited website, we will need the website application build files. These can be sourced from a couple of different locations or sources.
- You can use your own generated web app build artifact files: If you have already completed the lab Continuous Integration with VSTS , the website build files are available in the generated build artifact drop, that is created in that lab. Just download this drop.zip build artifact and use that.
- You can use pre-generated build artifact files: Go to the PartsUnlimited github repo location PartsUnlimited/Labfiles/Artifacts/PartsUnlimited and download the drop.zip from there. If you click on the individual files you will see an option to download directly from github. This has been generated in VSTS using the PartsUnlimited source files. We will use these files as our source in the following steps.
Setup your file and folder structure for the docker-compose orchestration
These steps will walk through how to structure your environment to allow you run the docker-compose successfully
Create a local folder C:dclabsrc. i.e. have the src folder within the dclab folder.
Obtain the PartsUnlimited web site build artifact files by going to the PartsUnlimited github repo location PartsUnlimited/Labfiles/Artifacts/PartsUnlimited, download the drop.zip from there and extract its contents into the src folder.
These are the web site files for the PartsUnlimited web site. You can use your own generated drop buld artifact files if you have created them already in the earlier Continuous Integration with VSTS
Obtain the docker-compose and Dockerfile files by going to the PartsUnlimited github repo location PartsUnlimited/Labfiles/Devops200.4x-ConfigMgmtForContainerizedDelivery/M01/Labs/ and download the files
Place the docker-compose and dockerfile files, into the C:dclab folder
Familiarise yourself with the contents of the three docker files.
Open the docker-compose.yml file
This file is calling the dockerfile to build the web site container. The following points are of note:
- all paths are relative to the docker-compose files location and we specify the . in the context instruction, to indicate the dockerfile is in the same folder as the docker-compose.yml file
- the yml file can define services, networks and volumes, in the case here we define a service which is the web site container.
- The build definition for this container is defined in the Dockerfile, which it calls here.
Open the docker-compose.override.yml file
This file is building the db container and the network, it is also providing for additional configuration for the partsunlimitedwebsite container. The following points are of note:
- Use of multiple compose files allows us to customise an application for different environments i.e. we could have different override yml files, one each for Dev, Test, Production etc and they could all run on top of the same docker-compose.yml which would outline the base configuration across all environments.
- The override file configuration overrides or adds to cofiguration defined in the docker-compose.yml
- The override file specifies two containers to use partsunlimitedwebsite: and db:
- the image to use for the db: container is called out here as it wasn’t defined in the docker-compose.yml file.
- we define the network in this override file as it also wasn’t defined in the docker-compose.yml file.
Open the dockerfile
This file is building the partsunlimitedwebsite container. The following points are of note:
- uses the FROM instruction to call the image microsoftaspnetcore2.0.
- defines the variable source using the ARG instruction.
- specifies a directory /app to work in using the WORKDIR instruction, for any other commands that are run.
opens port 80 to listen on using the EXPOSE instruction.
- Uses the COPY command to copy the PartsUnlimited website files to the container.
- uses the ENTRYPOINT command to execute the dotnet.exe and specifies the parameter PartsUnliitedwebsite.dll to be used with the command. Note that there is a difference between the ENTRYPOINT and CMD commands
Build multiple container environments using docker-compose
open up a command prompt in the folder where you have your docker files and website source files copied i.e. C:dclab
Run the below command
The use of the -f switch allows us specify multiple compose files. The command window display real time log output
A successful run of the command is indicated by the command prompt window sitting on the command output after the message and as in the screenshot below.
Potential errors and issues:
If you receive errors when running the docker-compose build command, such as
- try the following
- ensure you have enough space to download and extract the images,
- ensure that the IIS image you ran earlier in this lab task has been stopped.
- You could also download the images separately, so they are available locally already.
- try the following
If you receive an error related to not being able to access the virtual machine when running the docker-compose up command, wait for a few minutes and retry the command.
If you receive errors stating something like the below, check the COPY cmd in the Dockerfile to ensure the files are where you intend them to be, as docker is saying they are not where it expects them to be
Start a new command prompt to inspect the running containers and run the following command to determine the IP Address of the partsunlimtedwebsite container
Note the container ID of the partsunlimitedwebsite container, and determine the IP Address of the website by running the below command and scrolling through the output to obtain the IPAddress value in the Networks section.
Open a web browser and enter the IP address in the addres bar http://< Container IP Address >. You should now see the PartsUnlimited web site, which is being run from within your container and accessible via your browser.
- Potential errors and issues:
If you receive a page such as in the screenshot below, which is prompting to apply migrations to the db. This may be because you are calling an incorrect image from earlier. You should re-trace your steps and ensure you are using the correct image, if it is still appearing after doing that, you may want to re-create the image from earlier in the lab.
- Potential errors and issues:
If you wish, to verify the db: container is up and running successfully, you can connect to the db container by running the following commands from the command prompt window, you can obtain the db: container ID using the docker ps command as before. If you do not wish to check the db you can proceed directly to step 9.
Enter the password when prompted, it is available in the docker-compose.override.yml i.e. P@ssw0rd0123!
Run some sql commands as below, and verify you get a successful output of the , after you type the command then type go and press Enter to get the output.
and then run the command to list all databases
You could run additional queries or commands usingsqlcmd, or alternatively you could connect to your db container using SQL Management Studio or some other db management tools. It is a fully functional db.
Type exit to return to the command prompt when you are finished.
Take down the web and database containers by ensuring you are in the folder where your Dockerfile is located i.e. C:dclab and running the command docker-compose down as below
Verify the containers are no longer running.
Return to your web browser, refresh the page and verify the PartsUnlimited web site is no longer available.
In this lab you completed the following tasks:
- Installed Docker Client on Your Machine
- Ran a docker container on Windows
- Built a new Container Image, spun up a container web site and then scaled it up and down
- Created a repository with Azure Container Registry and pushed a customized container image to it.
- Used docker-compose to orchestrate multiple containers and deploy PartsUnlimted website to a container