Sign up for a free 30-day trial of Docker Datacenter if you haven't already.
Get the most value out of your free 30-day Docker Datacenter trial evaluation
We've created 6 missions to get you started using Docker Datacenter. These missions include:
- Set Up Your Cluster
- Deploy your first service
- Set up LDAP/AD and Import Users
- Create Teams and Grant Permissions
- Sign Images and Enforce Security Policies
- Learn About Docker Datacenter Use Cases
Add your first node using Universal Control Plane.
We want you to learn how to add new nodes to your UCP managed cluster. Your next step is to then add two nodes to your Universal Control Plane cluster. Follow these steps to get started.
Here’s how to add a new node to your UCP Cluster:
- Go to the UCP web UI ‘Node’ tab
- Select ‘Add node’
- Copy the command, and run it in the node you want to join to the cluster
- Visit the UCP dashboard to see the new node
Add two more nodes to your UCP managed cluster.
Go to Resources > Create Service
Deploy an NGINX service. On the 'Details' subtab, set:
- Image name: nginx
- Scale: 3
On the ‘Resources’ subtab, click ‘Publish a Port’ and for Port type ‘80’. For ‘Public Port’ type ‘8080’, and hit done. Then press ‘Deploy Now!
Wait a few moments for the service to deploy, then click on the newly created service.
On the service details page, scroll down and click the blue link for the published port. You should now see the standard NGINX page.
Set up LDAP/AD.
In order to do this, go to your UCP section ‘Admin Settings’ and click the ‘Auth’ section. Under ‘Auth’ there will be a drop-down menu underneath ‘Method’. You can then select ‘LDAP’.
When you select “LDAP”, the following configuration screen will appear.
Click ‘Update Auth Settings’ to initiate the process for integrating your LDAP/AD.
If you don’t have an LDAP server at hand, you can create users in UCP. Check the docs to see how it’s done.
Check the docs for detailed instructions on how to create and manage teams.
Once you have created your teams, you can define the permission levels of your users. The different permission levels include: ‘No access’, ‘View Only’, ‘Restricted Control’ and ‘Full Control.’
NOTE: Docker Engine allows container creators to apply arbitrary, descriptive strings called labels to a container. If you define labels for use by container creators, you can leverage these labels with UCP teams to configure role-based access to containers.
In the next challenge you will learn how to enable Docker Content Trust.
Step 1:Sign image with Docker Content Trust.
There are three steps you must take to begin signing images.
- Download a UCP client bundle.
- Build a new Docker image using a Dockerfile or pull an image from Docker Hub.
- In the Docker CLI use the following command “export DOCKER CONTENT TRUST =1”. This will sign the image before you push it to an image registry.
- Push image to the Docker Registry.
Enforce trust policies.
Now that you have the ability to sign images, and have pushed it to Docker Trusted Registry, you can also use Universal Control Plane to enforce security policies so that all applications deployed to UCP need to use images signed by a publisher you trust.
In the Universal Control Plane web UI select ‘Admin settings’ > ‘Content Trust’ > ‘Require signature from team’. By clicking the checkbox you will enable policy enforcement.
NOTE: Leave the ‘Require Signature From’ field empty, so that you can deploy apps from any UCP user. Learn more about enforcing security policies in the docs.
Enable Docker Content Trust.
Now that you have installed Docker Datacenter, deployed an application and hardened your dockerized environment, check out the different ways you can use Docker in your environment.
Popular use cases for Docker include CI/CD, infrastructure optimization and data analytics pipelines. Visit the resource center for reference architectures, tutorial videos and more.
Curious how other enterprises are using Docker Datacenter? Check out all of the stories here.
Here are some customer examples:
- ADP modernizes and secures their customer facing applications with Docker Datacenter
- SA Home Loans accelerates software deployment with Docker Datacenter powered microservices applications
- Cornell University containerizes Confluence with Docker Datacenter and reduces app support and maintenance costs by 10X
Once you have completed this mission you will have completed all of the Docker Datacenter Missions!