Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon
Labs

Setting Up Docker Enterprise with Universal Control Plane and Trusted Registry

Docker Enterprise Edition (Docker EE) provides a wide variety of enterprise-level features for managing containers. Universal Control Plane (UCP) delivers a feature-packed interface for the Docker EE cluster that allows us to orchestrate containers with ease. Docker Trusted Registry (DTR) is also a feature-rich registry with an immense range of security measures and customization capabilities. In this lab, we will work with Docker EE components by building our own Docker EE cluster on a set of Linux servers. Finally, we will practice installing and configuring the Docker EE engine, UCP, and DTR.

Try for free Contact sales
Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Intermediate
Duration
Clock icon 2h 0m
Published
Clock icon Jul 05, 2019

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Install Docker EE on All Three Servers

    Note: Perform the following steps on all three servers:

    1. Start a free trial for Docker EE:

    If you don't have a Docker EE trial already started, then launch one here: https://hub.docker.com/editions/enterprise/docker-ee-trial. This free trial lasts up to a month, but another one can be started right after it expires.

    1. Go to https://hub.docker.com/my-content and retrieve a unique URL for Docker EE.

    2. Click Setup.

    3. Copy the URL generated for Docker EE.

    4. Set a few environment variables. Ensure that the unique URL generated for Docker EE is also used here:

    DOCKER_EE_URL=<YOUR_DOCKER_EE_URL> 
DOCKER_EE_VERSION=18.09
    1. Verify that the required packages install successfully:
    sudo apt-get install -y 
    apt-transport-https 
    ca-certificates 
    curl 
    software-properties-common
    1. Add the gpg key and repository using the unique URL for Docker EE:
    curl -fsSL "${DOCKER_EE_URL}/ubuntu/gpg" | sudo apt-key add -

sudo add-apt-repository 
   "deb [arch=$(dpkg --print-architecture)] $DOCKER_EE_URL/ubuntu 
   $(lsb_release -cs) 
   stable-$DOCKER_EE_VERSION"
    1. Install Docker EE:
    sudo apt-get update

sudo apt-get install -y docker-ee=5:18.09.4~3-0~ubuntu-bionic
    1. Apply cloud_user access to run the Docker commands:
    sudo usermod -a -G docker cloud_user

    Log out and log back in again.

    1. Test the Docker EE installation to verify that it's working:
    docker version

  2. Challenge

    Set Up the UCP Manager

    Note: Perform the following steps on the UCP manager server:

    1. Pull the UCP image:
    docker image pull docker/ucp:3.1.5
    1. Set an environment variable to the private IP address of the UCP manager server:
    PRIVATE_IP=10.0.1.101
    1. Use the UCP image for the installation:
    docker container run --rm -it --name ucp 
  -v /var/run/docker.sock:/var/run/docker.sock 
  docker/ucp:3.1.5 install 
  --host-address $PRIVATE_IP 
  --interactive

    1. Enter new admin credentials when prompted, and then take note of them as we will need them later on in this lab.

    2. Once the installation completes, a prompt will appear for additional aliases, press Enter to select the default.

    3. In a web browser go to: https://[UCP manager Public IP] for accessing the UCP manager.

    Note: A warning about the self-signed certificate's validity may emerge. This notification can be disregarded, for example, in Google Chrome click Advanced, and then click Proceed to bypass it.

    1. Use the admin credentials that were created during the initial setup process to log in.

    2. A prompt will appear asking for a license file. Keep the UCP tab open and use a new tab to download the license.

    3. Go to the Docker site: https://hub.docker.com/my-content to retrieve the license file.

    4. Click Setup.

    5. Under the Resources section, click License Key to download the required license file.

    6. Click Upload License.

    7. Return to UCP manager in a web browser and insert the license file that was obtained from Docker Hub.

  3. Challenge

    Add Both UCP Workers to the Cluster

    1. Navigate back to the UCP manager interface in a web browser to retrieve the worker join command. We will also generate a docker swarm join command that can be copied.
    2. Click Shared Resources.
    3. Click Nodes.
    4. Click Add Node.
    5. Apply the following values on the Add Node page:
      • Node type: Linux
      • Node role: Worker
    6. Run the join command on both of the worker nodes.
    7. Copy the docker swarm join command obtained from the UCP manager and run it on both of the worker nodes.

  4. Challenge

    Set Up Docker Trusted Registry

    Get the DTR setup command from the UCP manager by performing the following steps:

    1. Access the UCP manager from a web browser.
    2. Click Admin > Admin Settings.
    3. Click Docker Trusted Registry.
    4. On the Admin Settings page locate the UCP Node section.
    5. Click ip-10-0-1-102.
    6. Click the checkbox labeled Disable TLS verification for UCP.
    7. The UCP page will generate a docker run command that can be copied.

    Note: To run the setup command, we need to modify the command provided by the UCP manager.

    1. In the line with the flag --ucp-url, we will see the public IP of the UCP manager. With a text editor, such as https://www.editpad.org/, replace the public IP with the UCP manager private IP 10.0.1.101.

    2. Paste and run the modified command on the DTR worker server.

    3. When prompted for the ucp-password, enter the admin password that was created when we set up the UCP manager.

    4. Access DTR from a web browser by entering: https://DTR_WORKER_PUBLIC_IP.

    Note: A warning about the self-signed certificate's validity may emerge. This notification can be disregarded, for example, in Google Chrome click Advanced, and then click Proceed to bypass it.

    Use the same admin credentials that we created when setting up the UCP manager to log in.

A Cloud Guru - Labs - Setting Up Docker Enterprise with Universal Control Plane and Trusted Registry
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans