In an effort to learn more about platform as a service I’ve decided to deploy docker containers in a familiar environment, Azure. Using virtual machines specificially ubuntu server machines. By Deploying containers at the infrastructure level I hope to get a better understanding of Docker and Docker Compose, after which I can then begin deploying containers using Azure platform services. For this project I will be deploying the Ohmyform docker container, it is a form builder application that I believe if deployed properly I can use in a production environment.

Plan/Methodology:

1. Deploy Azure Virtual Machine infrastructure.

There are multiple ways we can deploy a virtual machine and the surrounding infrastucture in Azure e.g. using IaC tooling however for this project I’ve decided to keep it simple and use the azure portal to deploy my VM. I’ve gone with the standard B1ms sku as it will allow me to deploy multiple container instances if neccessary.
After deploying my virtual machine here are all the resources in the resource group:

We then need to open up ports 22 and 8080 on our network security group.

Port 22 will allow us to SSH into our VM. Port 8080 will allow us to access our container from our Public IP. It is a good idea to only allow inbound traffic from your IP address, this will prevent unwanted visitors.

In Azure you can use a DNS name label when deploying your dynamic IP this way you wont have to worry about your IP address changing you will always be ableto access your environment by using your DNS name label.

2. Azure Virtual Machine setup.

Next we can then ssh into our virtual machine using our public IP or DNS name label on port 22. Here a good practise would be to set up a cron job for clamAV, use something like ufw to add firewall protection. However in this case, Since this is just a proof of concept I won’t be worrying about security hardening. All I did here is run

sudo apt-get update
sudo apt-get upgrade

3. Installing Docker and Docker Compose

For this I followed this digital ocean article explaining the docker installation process.

sudo apt install apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
apt-cache policy docker-ce
sudo apt install docker-ce

I then follow this digital ocean article to install docker compose

sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version

4. Docker Compose time

Make a new directory called “yourContainerApp” in my case this was “Ohmyform”. The next step is to create your docker-compose.yml file In my case I grabbed an existing yaml file from the Ohmyforms git repository.

wget https://raw.githubusercontent.com/ohmyform/ohmyform/master/examples/docker_minimal/docker-compose.yml

Now we have our Docker-compose.yml file ready;

Run docker-compose up -d 

After running our docker compose command we can use docker ps to check our container’s status

sudo docker ps  

next we should be able to successfully navigate to your container by going to http://yourfqn.azuresites.com:8080

It should be noted that we dont have ssl encryption however this can easily be fixed using caddy; a reverse proxy that we can also deploy using docker.

Finally we can check to make sure that our volumes were successfully mounted; we can do this two ways, we can restart our contain to see if our data was persisted.

sudo docker restart ohmyform_ohmyform1

We can also check the mount path in our linux file system to see if any changes were made.

Future Improvements

This is NOT how I would usually deploy an application in Azure, this project was more of an attempt to understand how docker and docker-compose work.
There is a lot of things we can do to improve security, use a separate VM to control traffic in and out of our environment, Set up a backup solution.

In future I would like to move to Azure platform services like container Web Apps so I don’t have to maintain the Infrastructure, only the application.