mbentley

#!/bin/bash

# set environment variables
USERNAME="admin"
PASSWORD="docker123"
UCP_URL="10.1.2.3:4443"

# get auth token
AUTH_TOKEN="$(curl -sk -d '{"username":"'${USERNAME}'","password":"'${PASSWORD}'"}' https://${UCP_URL}/auth/login | jq -r .auth_token 2>/dev/null)"

mbentley

#!/bin/bash

set -e

USERNAME=""
PASSWORD=""
UCP_FQDN=""

AUTH_TOKEN="$(curl -sk -d '{"username":"'${USERNAME}'","password":"'${PASSWORD}'"}' "https://${UCP_FQDN}/auth/login" | jq -r .auth_token 2>/dev/null)"
CURL_OPTS=(-ks --header "Content-Type: application/json" --header "Accept: application/json" -H "Authorization: Bearer ${AUTH_TOKEN}")

mbentley

#!/bin/bash

set -e

### stack certs for UCP
CERT_DIR="ucp.demo.dckr.org"
cd ~/letsencrypt/"${CERT_DIR}"
mkdir -p ucp

# ca.pem

mbentley

{
  "insecure-registry": [
    "dtr.example.com"
  ],
  "allow-nondistributable-artifacts": [
    "dtr.example.com"
  ]
}

mbentley

# create overlay network to test
docker network create -d overlay --attachable winoverlaytest

# run iis on two different nodes, attached to the same network
docker service create --name iis1 --network winoverlaytest --constraint "node.hostname==server2016-1" --endpoint-mode dnsrr microsoft/iis:nanoserver
docker service create --name iis2 --network winoverlaytest --constraint "node.hostname==server2016-2" --endpoint-mode dnsrr microsoft/iis:nanoserver

# hit iis2 from iis1
docker exec -it $(docker inspect --format '{{.Status.ContainerStatus.ContainerID}}' $(docker service ps --filter desired-state=running --format '{{.ID}}' iis1)) powershell Invoke-WebRequest http://iis2/

mbentley

Create a resource group

Create a resource group in Azure to hold all of the resources you'll be creating:

• Virtual Network
• Virtual Machines

Create a VNet

• Don't use 172.* IPs. I used 10.3.0.0/24

mbentley

#!/bin/bash

# uses some poor techniques like awk + grep so it works on 17.03 and newer where formatting isn't available

# get a list of all of the nodes; loop through them
for NODE in $(docker node ls -q)
do
  # reset the per node CPU resevation counter to 0
  CPURES="0"

mbentley

The following commands assume that you already have a client bundle downloaded and extracted to the present working directory:

# take your public key and add your user as a signer for the repository
$ docker trust signer add --key cert.pem admin dtr.demo.dckr.org/admin/docker-whale
Adding signer "admin" to dtr.demo.dckr.org/admin/docker-whale...
Initializing signed repository for dtr.demo.dckr.org/admin/docker-whale...
Enter passphrase for root key with ID a380e3a:
Enter passphrase for new repository key with ID eceefed:
Repeat passphrase for new repository key with ID eceefed:
Successfully initialized "dtr.demo.dckr.org/admin/docker-whale"

mbentley

apiVersion: v1
kind: Namespace
metadata:
  name: ingress-nginx
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: default-http-backend
  labels:

mbentley

global
        log /dev/log    local0
        log /dev/log    local1 notice
        
defaults
        log     global
        mode    tcp
        option  tcplog
        option  dontlognull
        timeout connect 5s