Running Docker containers

This page describes how to create a VM on Google Cloud Platfrom (GCP) to run Docker containers.

 

Before starting

To be able to execute the instructions presented in this tutorial, you first need to:

  1. Create/have a account on Google Cloud Platform: https://console.cloud.google.com/
  2. Activate your Google Cloud Education credits as described here  

Creating a VM on GCP

Follow the tutorial provided on the following page to learn to create VM instances on GCP and configure SSH: Short GCP tutorial

In this tutorial, the provided command to start a VM creates an instance of type f1-micro. This is probably too small for a Docker lab. We recommand you to create a VM of type n1-standard-2 (2 vCPUs and 7.5 GB of memory). Use the following command to create your instance:

gcloud compute instances create my-first-instance --image-project=ubuntu-os-cloud --image-family=ubuntu-1804-lts --machine-type=n1-standard-2

 

Installing Docker in the VM

Once your VM is created and you managed to log into the machine, it only remains to install and configure Docker.

To install Docker, run the following commands (the last one may take some time to complete):

curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh

Then, to be able to start Docker containers as a normal user, run:

sudo usermod -aG docker [USER-ID]

[USER-ID] should be replaced by your user id on the VM (e.g., my_user_account_gmail_com)

Finally, for the changes to take effect, you should log out from the VM (i.e., close the SSH session) and log in again.

To verify that your Docker installation is working properly, simply run:

docker run hello-world

You are ready to play with Docker.

 

Allowing network traffic

By default, the firewall of your project does not allow incoming traffic on other ports than 22 (SSH port). To test services deployed in your VM (for instance, to contact it from your laptop), it is required to allow incoming traffic on other ports.

Assuming that your Docker container listens on the port [HOST_PORT], run the following gcloud command for your personal computer to allow the traffic on that port:

gcloud compute --project=[PROJECT_ID] firewall-rules create default-allow-[HOST_PORT] \
    --direction=INGRESS --priority=1000 --network=default --action=ALLOW \
    --rules=tcp:[HOST_PORT] --source-ranges=0.0.0.0/0

The command to run in a terminal to obtain the [PROJECT_ID] is gcloud config get-value project.

(Firewall documentation: https://cloud.google.com/vpc/docs/using-firewalls)

We can verify on this page that a new rule has been created: https://console.cloud.google.com/networking/firewalls/

 

Installing docker-compose

To be able to test docker-compose, you need to install this tool first.

The instructions to install docker-compose are available here: https://docs.docker.com/compose/install/

In a nutshell, here are the sequence of commands to execute to install docker-compose in your VM:

sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose

 

Terminating

Do not forget to delete any resource (e.g., VM instance, storage bucket) as well as any specific setting (e.g., firewall rule) that you have created during the lab before leaving.

To delete VM instances:

gcloud compute instances delete [INSTANCE_NAME]

To delete a firewall rule:

gcloud compute --project=[PROJECT_ID] firewall-rules delete default-allow-[HOST_PORT]