Docker for Azure Setup & PrerequisitesEstimated reading time: 5 minutes
If your account has the proper permissions, you can generate the Service Principal and then choose from the stable or beta channel to bootstrap Docker for Azure using Azure Resource Manager. For more about stable and beta channels, see the FAQs
|Stable channel||Beta channel|
|The stable deployment is fully baked and tested, and comes with the latest GA version of Docker Engine.
This is the best channel to use if you want a reliable platform to work with.
These releases follow a version schedule with a longer lead time than the betas, synched with Docker Engine releases and hotfixes.
|The beta deployment offers cutting edge features and comes with the experimental version of Docker Engine, described in the Docker Experimental Features README on GitHub.
This is the best channel to use if you want to experiment with features under development, and can weather some instability and bugs. This channel is a continuation of the beta program, where you can provide feedback as the apps evolve. Releases are typically more frequent than for stable, often one or more per month.
We collect usage data on betas across the board.
|Deploy Docker for Azure (stable)||Deploy Docker for Azure (beta)|
- Access to an Azure account with admin privileges
- SSH key that you want to use when accessing your completed Docker install on Azure
Docker for Azure is installed with an Azure template that configures Docker in swarm-mode, running on VMs backed by a custom VHD. There are two ways you can deploy Docker for Azure. You can use the Azure Portal (browser based), or use the Azure CLI. Both have the following configuration options.
The number of Managers in your swarm. You can pick either 1, 3 or 5 managers. We only recommend 1 manager for testing and dev setups. There are no failover guarantees with 1 manager — if the single manager fails the swarm will go down as well. Additionally, upgrading single-manager swarms is not currently guaranteed to succeed.
We recommend at least 3 managers, and if you have a lot of workers, you should pick 5 managers.
Manager VM size
The VM type for your manager nodes. The larger your swarm, the larger the VM size you should use.
Worker VM size
The VM type for your worker nodes.
The number of workers you want in your swarm (1-100).
To set up Docker for Azure, a Service Principal is required. Docker for Azure uses the principal to operate Azure APIs as you scale up and down or deploy apps on your swarm. Docker provides a containerized helper-script to help create the Service Principal -
Ensure the latest version of
docker4x/create-sp-azure has been downloaded to your local environment:
docker pull docker4x/create-sp-azure:latest
Then run the sp-azure script with the following arguments:
$ docker run -ti docker4x/create-sp-azure sp-name rg-name rg-region ... Your access credentials ============================= AD App ID: <app-id> AD App Secret: <secret> AD Tenant ID: <tenant-id>
If you have multiple Azure subscriptions, make sure you’re creating the Service Principal with subscription ID that you shared with Docker when signing up for the beta.
sp-nameis the name of the authentication app that the script creates with Azure. The name is not important, simply choose something you’ll recognize in the Azure portal. Example:
rg-nameis the name of the new resource group that will be created to deploy the resources (VMs, networks, storage accounts) associated with the swarm. The Service Principal will be scoped to this resource group. Example:
rg-regionis the name of Azure’s region/location where the resource group will be created. This needs to be one of the regions supported by Azure e.g.
eastus. See our FAQs for a list of regions.
rg-region are optional, it’s highly recommended that you create the resource group up front and scope the service principal to that specific resource group.
If the script fails, it’s typically because your Azure user account doesn’t have sufficient privileges. Contact your Azure administrator.
When setting up the ARM template, you will be prompted for the App ID (a UUID) and the app secret. If you specified the resource group name and location parameters, please choose the option to deploy the template into an existing resource group and pass the same name and region/location that were passed above to create-sp-azure.
Docker for Azure uses SSH for accessing the Docker swarm once it’s deployed. During setup, you will be prompted for a SSH public key. If you don’t have a SSH key, you can generate one with
ssh-keygen. You only need the public key component to set up Docker for Azure. Here’s how to get the public key from a .pem file:
ssh-keygen -y -f my-key.pem
Installing with the CLI
You can also invoke the Docker for Azure template from the Azure CLI:
Here is an example of how to use the CLI. Make sure you populate all of the parameters and their values:
$ azure group create --name DockerGroup --location centralus --deployment-name docker.template --template-file <templateurl>