A volume is stored on the host filesystem at a specific folder location. Choose a folder where you know the data isn’t going to be modified by non-Docker processes.
Volumes are stored within directories on the host filesystem. Docker will mount and manage the volumes in the container. After mounting, these volumes are isolated from the host machine.
A bind mount is conceptually the same as a volume, however, instead of using a specific folder, you can mount any file or folder on the host. You’re also expecting the host can change the contents of these mounts. Just like volumes, the bind mount is created if you mount it, and it doesn’t yet exist on the host.
Docker provides three pre-configured network configurations:
The bridge network is the default configuration applied to containers when launched without specifying any other network configuration. This network is an internal, private network used by the container, and isolates the container network from the Docker host network.
Each container in the bridge network is assigned an IP address and subnet mask with the hostname defaulting to the container name. Containers connected to the default bridge network are allowed to access other bridge connected containers by IP address. The bridge network doesn’t allow communication between containers using hostnames.
By default, Docker doesn’t publish any container ports. To enable port mapping between the container ports and the Docker host ports, use the Docker port –publish flag.
The publish flag effectively configures a firewall rule that maps the ports.
az group create --name mygroup --location westus
az acr create --name <unique name> --resource-group mygroup --sku standard --admin-enabled true
Azure Container Registry repositories are private, meaning they don’t support unauthenticated access. To pull images from an Azure Container Registry repository, use the docker login command and specify the URL of the login server for the registry. The login server URL for a registry in Azure Container Registry has the form
docker login myregistry.azurecr.io
az acr credential show --name myregistry --resource-group mygroup
docker tag reservationsystem myregistry.azurecr.io/reservationsystem:v2
docker push myregistry.azurecr.io/reservationsystem:v2
To log in to Azure with docker i had to create a service principal, give it a acrpull role the my ACR and then login using
docker login ACR<ACRNAME>.azurecr.io --username <APPLICATIONID> --password <client secret>
the client secret I ended up creating in Azure portal though I’m sure its possible also with the CLI
You push an image from your local computer to a Docker registry by using the docker push command. Before you push an image, you must create an alias for the image that specifies the repository and tag that the Docker registry creates. The repository name must be of the form *
docker tag reservationsystem myregistry.azurecr.io/reservationsystem:v2
docker push myregistry.azurecr.io/reservationsystem:v2
az acr repository list --name myregistry --resource-group mygroup
az acr repository show --repository reservationsystem --name myregistry --resource-group mygroup
actual working run:
az container create --resource-group pythondevops-rg --name rescontainers --image dknitacr.azurecr.io/reservationsystem:latest --dns-name-label dknitti --registry-username xxx --registry-password
had to make sure the –image was correct.
az container create \
--resource-group learn-deploy-aci-rg \
--name aci-demo \
--image mcr.microsoft.com/azuredocs/azure-vote-front:cosmosdb \
--ip-address Public \
--location eastus \
--environment-variables \
COSMOS_DB_ENDPOINT=$COSMOS_DB_ENDPOINT \
COSMOS_DB_MASTERKEY=$COSMOS_DB_MASTERKEY
or secure version
az container create \
--resource-group learn-deploy-aci-rg \
--name aci-demo-secure \
--image mcr.microsoft.com/azuredocs/azure-vote-front:cosmosdb \
--ip-address Public \
--location eastus \
--secure-environment-variables \
COSMOS_DB_ENDPOINT=$COSMOS_DB_ENDPOINT \
COSMOS_DB_MASTERKEY=$COSMOS_DB_MASTERKEY