Docker for Azure Setup & PrerequisitesEstimated reading time: 6 minutes
Docker Enterprise Edition (EE) for Azure
This deployment is fully baked and tested, and comes with the latest Enterprise Edition version of Docker.
This release is maintained and receives security and critical bugfixes for one year.
Docker Community Edition (CE) for Azure
If your account has the proper permissions, you can generate the Service Principal and then choose from the stable or edge channel to bootstrap Docker for Azure using Azure Resource Manager. For more about stable and edge channels, see the FAQs
|Stable channel||Edge channel|
|This deployment is fully baked and tested, and comes with the latest CE version of Docker.
This is the best channel to use if you want a reliable platform to work with.
Stable is released quarterly and is for users that want an easier-to-maintain release pace.
|This deployment offers cutting edge features of the CE version of Docker and comes with experimental features turned on, described in the Docker Experimental Features README on GitHub.
This is the best channel to use if you want to experiment with features under development, and can weather some instability and bugs. Edge is for users wanting a drop of the latest and greatest features every month
We collect usage data on edges across the board.
|Deploy Docker Community Edition (CE) for Azure (stable)||Deploy Docker Community Edition (CE) for Azure (edge)|
- Access to an Azure account with admin privileges
- SSH key that you want to use when accessing your completed Docker install on Azure
Docker for Azure is installed with an Azure template that configures Docker in swarm-mode, running on VMs backed by a custom VHD. There are two ways you can deploy Docker for Azure. You can use the Azure Portal (browser based), or use the Azure CLI. Both have the following configuration options.
The number of Managers in your swarm. You can pick either 1, 3 or 5 managers. We only recommend 1 manager for testing and dev setups. There are no failover guarantees with 1 manager — if the single manager fails the swarm will go down as well. Additionally, upgrading single-manager swarms is not currently guaranteed to succeed.
We recommend at least 3 managers, and if you have a lot of workers, you should pick 5 managers.
Manager VM size
The VM type for your manager nodes. The larger your swarm, the larger the VM size you should use.
Worker VM size
The VM type for your worker nodes.
The number of workers you want in your swarm (1-100).
A Service Principal
is required to set up Docker for Azure. The Service Principal is used to invoke Azure APIs as you scale the number of nodes up
and down or deploy apps on your swarm that require configuration of the Azure Load Balancer. Docker provides a
containerized helper script called
docker4x/create-sp-azure to help you create the Service Principal.
- Download the latest version of
docker4x/create-sp-azureto your local environment:
docker pull docker4x/create-sp-azure:latest
sp-azurescript with the following arguments:
$ docker run -ti docker4x/create-sp-azure sp-name [rg-name rg-region] ... Your access credentials ============================= AD App ID: <app-id> AD App Secret: <secret> AD Tenant ID: <tenant-id>
If you have multiple Azure subscriptions, make sure to create the Service Principal with the subscription ID that you will be using to deploy Docker for Azure.
Argument Description Example values
The name of the authentication app that the script creates with Azure. The name is not important, simply choose something you’ll recognize in the Azure portal.
The name of the new resource group that will be created to deploy the resources (VMs, networks, storage accounts) associated with the swarm. The Service Principal will be scoped to this resource group. Specify this when deploying Docker Community Edition for Azure. Do not specify this when deploying Docker Enterprise Edition for Azure.
The name of Azure’s region/location where the resource group will be created. This needs to be one of the regions supported by Azure. Specify this when deploying Docker Community Edition for Azure. Do not specify this when deploying Docker Enterprise Edition for Azure.
eastus. See our FAQs for a list of regions.
Docker Community Edition for Azure:
rg-regionare optional, but specifying them is recommended so that the Azure resource group is created up front and the service principal is scoped to that specific resource group.
Docker Enterprise Edition for Azure: The Azure Marketplace portal does not currently allow users to specify an existing resource group to use when deploying resources. Do not specify
rg-region, because you need a Service Principal that is scoped throughout your account.
If the script fails, your Azure user account may not have sufficient privileges. Contact your Azure administrator.
When setting up the ARM template, you will be prompted for the App ID (a UUID) and the app secret. If you are
deploying Docker Community Edition for Azure and specified the resource group name and location parameters,
choose the option to deploy the template into an existing resource group and pass the same name and
region/location that you used when running the
create-sp-azure helper script.
Docker for Azure uses SSH for accessing the Docker swarm once it’s deployed. During setup, you will be prompted for a SSH public key. If you don’t have a SSH key, you can generate one with
ssh-keygen. You only need the public key component to set up Docker for Azure. Here’s how to get the public key from a .pem file:
ssh-keygen -y -f my-key.pem
Installing with the CLI
You can also invoke the Docker for Azure template from the Azure CLI:
Here is an example of how to use the CLI. Make sure you populate all of the parameters and their values:
$ azure group create --name DockerGroup --location centralus --deployment-name docker.template --template-file <templateurl>