Docker Volumes

A volume is stored on the host filesystem at a specific folder location. Choose a folder where you know the data isn’t going to be modified by non-Docker processes.

Volumes are stored within directories on the host filesystem. Docker will mount and manage the volumes in the container. After mounting, these volumes are isolated from the host machine.

A bind mount is conceptually the same as a volume, however, instead of using a specific folder, you can mount any file or folder on the host. You’re also expecting the host can change the contents of these mounts. Just like volumes, the bind mount is created if you mount it, and it doesn’t yet exist on the host.

Docker Networking

Docker provides three pre-configured network configurations:

The bridge network is the default configuration applied to containers when launched without specifying any other network configuration. This network is an internal, private network used by the container, and isolates the container network from the Docker host network.

Each container in the bridge network is assigned an IP address and subnet mask with the hostname defaulting to the container name. Containers connected to the default bridge network are allowed to access other bridge connected containers by IP address. The bridge network doesn’t allow communication between containers using hostnames.

By default, Docker doesn’t publish any container ports. To enable port mapping between the container ports and the Docker host ports, use the Docker port –publish flag.

The publish flag effectively configures a firewall rule that maps the ports.

Deploy docker image to Azure

az group create --name mygroup --location westus
az acr create --name <unique name> --resource-group mygroup --sku standard --admin-enabled true

Azure Container Registry repositories are private, meaning they don’t support unauthenticated access. To pull images from an Azure Container Registry repository, use the docker login command and specify the URL of the login server for the registry. The login server URL for a registry in Azure Container Registry has the form .azurecr.io.

docker login myregistry.azurecr.io
az acr credential show --name myregistry --resource-group mygroup
docker tag reservationsystem myregistry.azurecr.io/reservationsystem:v2
docker push myregistry.azurecr.io/reservationsystem:v2

Sidetrack on docker login

To log in to Azure with docker i had to create a service principal, give it a acrpull role the my ACR and then login using

docker login ACR<ACRNAME>.azurecr.io --username <APPLICATIONID> --password <client secret>

the client secret I ended up creating in Azure portal though I’m sure its possible also with the CLI

Push!

You push an image from your local computer to a Docker registry by using the docker push command. Before you push an image, you must create an alias for the image that specifies the repository and tag that the Docker registry creates. The repository name must be of the form */:. Use the docker tag command to perform this operation. The following example creates an alias for the reservationsystem image.

docker tag reservationsystem myregistry.azurecr.io/reservationsystem:v2
docker push myregistry.azurecr.io/reservationsystem:v2
az acr repository list --name myregistry --resource-group mygroup
az acr repository show --repository reservationsystem --name myregistry --resource-group mygroup

actual working run:

az container create --resource-group pythondevops-rg --name rescontainers --image dknitacr.azurecr.io/reservationsystem:latest --dns-name-label dknitti --registry-username xxx --registry-password

had to make sure the –image was correct.

https://learn.microsoft.com/en-us/training/modules/build-and-store-container-images/4-deploy-container-image

https://learn.microsoft.com/en-us/training/modules/build-and-store-container-images/3-build-container-image

Env vars to the containers


az container create \
  --resource-group learn-deploy-aci-rg \
  --name aci-demo \
  --image mcr.microsoft.com/azuredocs/azure-vote-front:cosmosdb \
  --ip-address Public \
  --location eastus \
  --environment-variables \
    COSMOS_DB_ENDPOINT=$COSMOS_DB_ENDPOINT \
    COSMOS_DB_MASTERKEY=$COSMOS_DB_MASTERKEY

    or secure version 

    az container create \
  --resource-group learn-deploy-aci-rg \
  --name aci-demo-secure \
  --image mcr.microsoft.com/azuredocs/azure-vote-front:cosmosdb \
  --ip-address Public \
  --location eastus \
  --secure-environment-variables \
    COSMOS_DB_ENDPOINT=$COSMOS_DB_ENDPOINT \
    COSMOS_DB_MASTERKEY=$COSMOS_DB_MASTERKEY