Create a resource group in Azure to hold all of the resources you'll be creating:
- Virtual Network
- Virtual Machines
- Don't use 172.* IPs. I used 10.3.0.0/24
# create overlay network to test | |
docker network create -d overlay --attachable winoverlaytest | |
# run iis on two different nodes, attached to the same network | |
docker service create --name iis1 --network winoverlaytest --constraint "node.hostname==server2016-1" --endpoint-mode dnsrr microsoft/iis:nanoserver | |
docker service create --name iis2 --network winoverlaytest --constraint "node.hostname==server2016-2" --endpoint-mode dnsrr microsoft/iis:nanoserver | |
# hit iis2 from iis1 | |
docker exec -it $(docker inspect --format '{{.Status.ContainerStatus.ContainerID}}' $(docker service ps --filter desired-state=running --format '{{.ID}}' iis1)) powershell Invoke-WebRequest http://iis2/ |
{ | |
"insecure-registry": [ | |
"dtr.example.com" | |
], | |
"allow-nondistributable-artifacts": [ | |
"dtr.example.com" | |
] | |
} |
#!/bin/bash | |
set -e | |
### stack certs for UCP | |
CERT_DIR="ucp.demo.dckr.org" | |
cd ~/letsencrypt/"${CERT_DIR}" | |
mkdir -p ucp | |
# ca.pem |
#!/bin/bash | |
set -e | |
USERNAME="" | |
PASSWORD="" | |
UCP_FQDN="" | |
AUTH_TOKEN="$(curl -sk -d '{"username":"'${USERNAME}'","password":"'${PASSWORD}'"}' "https://${UCP_FQDN}/auth/login" | jq -r .auth_token 2>/dev/null)" | |
CURL_OPTS=(-ks --header "Content-Type: application/json" --header "Accept: application/json" -H "Authorization: Bearer ${AUTH_TOKEN}") |
#!/bin/bash | |
# set environment variables | |
USERNAME="admin" | |
PASSWORD="docker123" | |
UCP_URL="10.1.2.3:4443" | |
# get auth token | |
AUTH_TOKEN="$(curl -sk -d '{"username":"'${USERNAME}'","password":"'${PASSWORD}'"}' https://${UCP_URL}/auth/login | jq -r .auth_token 2>/dev/null)" |
#!/bin/bash | |
PIPE1=/run/dss-$$-fifo1 | |
PIPE2=/run/dss-$$-fifo2 | |
TEMPDIR=$(mktemp --tmpdir -d) | |
platform_supports_deferred_deletion() { | |
local deferred_deletion_supported=1 | |
trap cleanup_pipes EXIT | |
if [ ! -x "./dss-child-read-write.sh" ];then |
user nginx; | |
worker_processes 1; | |
error_log /var/log/nginx/error.log warn; | |
pid /var/run/nginx.pid; | |
events { | |
worker_connections 1024; | |
} |
### set environment variables | |
DTR_URL="ddcbeta.mac" | |
# Make sure you have downloaded DTR's CA (if the certs are not trusted by valid root CA on your client already) and are placed in the path specified by --tlscacert | |
# The DTR's CA cert can be downloaded from https://${DTR_URL}/ca | |
# If it is already trusted, you can leave of the --tlscacert argument | |
alias notary="notary -s https://${DTR_URL} -d ~/.docker/trust --tlscacert ~/.docker/tls/${DTR_URL}/ca.crt" | |
REPO="admin/signtest" | |
USERNAME="admin" | |
### admin |