Microsoft Azure Container Service Engine - DC/OS Walkthrough
Support for DC/OS
1.11 and later continues in the forked project dcos-engine.
Here are the steps to deploy a simple DC/OS cluster:
- install acs-engine
- generate your ssh key
- edit the DC/OS example and fill in the blank strings
- generate the template
- deploy the output azuredeploy.json and azuredeploy.parameters.json
Once your DC/OS cluster has deployed you will have a resource group containing:
a set of 1,3, or 5 masters in a master specific availability set. Each master's SSH can be accessed via the public dns address at ports 2200..2204
a set of public agents in an Virtual Machine Scale Set (VMSS). The agent VMs can be accessed through a master. See agent forwarding for an example of how to do this.
a set of private agents in an Virtual Machine Scale Set (VMSS).
The following image shows the architecture of a container service cluster with 3 masters, and 6 agents:
In the image above, you can see the following parts:
- Admin Router on port 80 - The admin router enables you to access all DC/OS services. For example, if you create an SSH tunnel to port 80 you can access the services on the following urls, you can see the DC/OS dashboard by browsing to http://localhost/
- Masters - Masters run the DC/OS processes that schedule and manage workloads on the agent nodes.
- Public Agents - Public agents, deployed in a VM scale set, are publicly accessible through the Azure Load Balancer to ports 80, 443, and 8080. Jobs can be assigned to public agents using role
- Private Agents - Private agents, deployed in a VM scale set, are not publicly accessible. Workloads are scheduled to private agents by default.
- Docker on port 2375 - The Docker engine runs containerized workloads and each Agent runs the Docker engine. DC/OS runs Docker workloads, and examples on how to do this are provided in the Marathon walkthrough sections of this readme.
All VMs are in the same VNET where the masters are on private subnet 172.16.0.0/24 and the agents are on the private subnet, 10.0.0.0/8, and fully accessible to each other.
Create your First Three DC/OS Services: hello-world, Docker app, and Docker web app
This walk through is inspired by the wonderful digital ocean tutorial: https://www.digitalocean.com/community/tutorials/how-to-configure-a-production-ready-mesosphere-cluster-on-ubuntu-14-04. After completing this walkthrough you will know how to:
- access DC/OS dashboard for cluster health,
- deploy a simple hello-world app,
- deploy a simple docker app,
- look at logs of your workload,
- and deploy a simple web app publicly available to the world.
After successfully deploying the template write down the two output master and agent FQDNs (Fully Qualified Domain Name).
- If using Powershell or CLI, the output parameters are in the OutputsString section named 'agentFQDN' and 'masterFQDN'
- If using Portal, to get the output you need to:
Create an SSH tunnel to port 80 on the master FQDN.
browse to the DC/OS UI http://localhost/. This displays the main DC/OS dashboard:
The front page shows the DC/OS Dashboard:
- Scroll down to see your CPU, Memory and Disk Allocation. This also shows you services, node, and component health.
- On the left side click "Services"
you will notice the new app change state from not running to running
- To run a Docker app browse back to Services, and click "Deploy Service" and set id to "/helloworld":
- Click "Container Settings", type
hello-worldfor image and click "Deploy"
- Once deployed, click on the "helloworld" service, and you will see all the finished tasks:
- Click on the most recent finished tasks, and click "Logs" and you will see the "Hello from Docker!" message:
- The next step is to deploy a docker web app accessible to the world. The public agents have a load balancer exposing port 80, 443, and 8080. On the DC/OS page, browse back to Services, and click "Deploy Service" and set id to "/simpleweb":
- On left, click "Container Settings" and container image "yeasy/simple-web". This is the image that will be downloaded from DockerHub
- Next on left, click "Network" and type in port 80. This is how you expose port 80 to the world.
- Next on left, click "Optional" and set role type "slave_public". This ensures the Docker web app is running on the public agent.
- Finally click deploy and watch the web app deploy. Once it goes to running state, open the FQDN retrieved in step 1 during deployment, and you will see the web app.
Starting from DC/OS 1.11, acs-engine deploys a bootstrap node as part of DC/OS cluster. This enables upgrade operation on an existing cluster.
To start the upgrade, run this following command:
acs-engine dcos-upgrade \ --subscription-id <Azure subscription ID> \ --resource-group <the resource group the cluster was deployed in> \ --location <the region the clusetr was deployed in> \ --upgrade-version <desired DC/OS version> \ --deployment-dir <deployment directory produced by "acs-engine generate"> \ --ssh-private-key-path <path to ssh private key used in deployment>
The upgrade is an idempotent operation. If failed, it could be re-run and will pick the execution from the last successful checkpoint.
Here are recommended links to learn more about DC/OS: