Learn how to run Linux and Containers in the cloud with OSS on Azure

Objective

After performing this lab you will better understand how to:

Set up Azure to support Containers
Use Azure Resource Manager
Run Docker on a VM in Azure
Configure Azure Provider for a Docker machine
Set up Docker Swarm and deploy some Containers
Set up the Azure Container service

Scenario

This is an official container walkthrough used to build out containerized applications on Azure.

Virtual Machines

AzureControlBox

Exercise 1 : Set up your Azure Account

In this exercise you will:

Set up your Azure Account

Scenario: To perform this lab, you must have an Azure account set up that you can modify. To set up up this account, use the promotional code visible in the Content tab of the lab interface. This exercise will walk you through the steps for redeeming the code.

Note: If you already have an Azure subscription (MSDN/Internal) that you can use for this hands-on lab, you can skip this exercise.

Log In

If necessary, login using the following credentials: Admin, password: Pass@w0rd! On the Network prompt, click No.

You can also select the machine using the Machines tab.
Obtain Microsoft Account

You will need a Microsoft account (@outlook.com or @live.com, etc). This account must NOT have an Azure subscription associated with it. If you do not have an appropriate Microsoft account, please acquire one before continuing this lab. You can obtain an account from the following site: http://www.microsoft.com/en-us/account.
Open Site (Azure Pass)

Open the Edge or IE browser, and navigate to http://microsoftazurepass.com.
Submit Promo Code

Choose from the country drop-down “United States”. Enter the promotional code (given to you in the lab Content tab) in the Promo Code field. Click on the Submit button.
Complete Account Request

Click on the Sign in button to enter your MSA account (@outlook.com/@live.com etc.) Follow any additional instructions to complete the process.

Congratulations!

You have successfully:

Set up your Azure Account

Click Continue to advance to the next exercise.

Exercise 2 : Azure Setup

In this exercise you will:

Learn how to set up Azure to support Containers

Scenario: This will set up cmd line access to Azure and works on OSX, Linux, even Windows.... At the bottom of setup step one, there is a Docker Image that will run the CLI in a container. Don't you think that's the right choice for this?

Setup Step One - Login to Azure CLI

Login to Azure CLI. Follow the instructions at https://aka.ms/d8y4pa.

Use Windows installer to install the Azure CLI, and then follow instructions to Use the Interactive method.

Use the interactive log in method
Use the azure login command -- without any arguments -- to authenticate interactively with either:

a work or school account identity that requires multi-factor authentication, or
a Microsoft account identity when you want to access Resource Manager deployment mode functionality
Interactively logging in is easy: type azure login and follow the prompts as shown below:

azure login
info: Executing command login
info: To sign in, use a web browser to open the page http://aka.ms/devicelogin. Enter the code XXXXXXXXX to authenticate. If you're signing in as an Azure AD application, use the --username and --password parameters.

Copy the code offered to you, above, and open a browser to http://aka.ms/devicelogin. Enter the code, and then you are prompted to enter the username and password for the identity you want to use. When that process completes, the command shell completes the log in process. It might look something like:

info: Added subscription Visual Studio Ultimate with MSDN
info: Added subscription Azure Free Trial
info: Setting subscription "Visual Studio Ultimate with MSDN" as default
+
info: login command OK
```
https://aka.ms/d8y4pa
```
Setup Step Two - Switch Azure CLI to ARM Mode

Switch Azure CLI to ARM Mode. Follow the instructions at https://aka.ms/y1ja6s.
```
https://aka.ms/y1ja6s
```
Setup Step Three - Download Putty and PuttyGen

Download Putty and PuttyGen. Follow the instructions at https://aka.ms/fzt0kb.
```
https://aka.ms/fzt0kb
```
Setup Step Four - Install OpenSSL

Install OpenSSL. Follow the instructions at https://aka.ms/qgq69p.
```
https://aka.ms/qgq69p 
```

Congratulations!

You have successfully:

Learned how to set up Azure to support Containers

Click Continue to advance to the next exercise.

Exercise 3 : Lab One: Getting Familiar with Azure Resource Manager

In this exercise you will:

Deploy a simple Linux VM using the Quick Start Templates and the Azure CLI

Scenario: This lab will get you familiar with using the Azure CLI for deploying resources to Azure. We'll use Azure Resource Manager (ARM) Templates to describe what we want created in Azure. For more information about ARM and ARM Templates see: https://github.com/tripdubroot/ContainerCamp/blob/master/labone/arm-overview.md

Browse Azure Quick Start Templates

Browse the Azure Quick Start Template Repo (https://aka.ms/wcsqe9). Yea there is a lot there...
```
https://aka.ms/wcsqe9
```
View 101-vm-simple-linux
Have a look at the 101-vm-simple-linux folder.
- There is a azuredeploy.json file. It descibes the resources we want to create. It also has parameters for things like username and password.
- There is a azuredeploy.parameters.json file that contains the parameters to pass to the template. Customers use multiple param files to create different environments like dev, test, prod. We will not use this for the lab.
Create a Resource Group

A resource group is a grouping of Azure resouces that can be managed and secured as a single unit. Read "I can delete every resource in a resource group by deleting the resource group"... kind of scary. To create a resource group from the Azure-CLI, type the following command and press Enter: azure group create {RESOURCE GROUP NAME} eastus. Replace {RESOURCE GROUP NAME} with whatever you like. The "eastus" at the end is the data center location. There something like 22+ DCs now...
Deploy an ARM Template using the Azure-CLI

Now it's time to create a VM... Type the following command, edit as appropriate, and press Enter: azure group deployment create {RESOURCE GROUP NAME} {DEPLOYMENT NAME} --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json. See the Knowledge icon for additional information.

Replace {RESOURCE GROUP NAME} with the resource group name you just created.

Replace {DEPLOYMENT NAME} with whatever you like

This command creates a deployment with the resource manager and passes the URI of the Linux template we just reviewed. It will also prompt you for the following parameters:

1. Username (don't use "admin")
2. Password (needs to be more than 8 chars and be complex)
3. DNS Label (this will be the dns prefix used to connect to the box)
4. Storage Account Name (blob storage for VM Disks)
```
azure group deployment create {RESOURCE GROUP NAME} {DEPLOYMENT NAME} --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/101-vm-simple-linux/azuredeploy.json
```
SSH to Your New Linux Box

From the command line we'll ssh to the server, feel free to poke around once connected. Type the following command and press Enter: ssh username@DNS-LABLE-YOU-CREATED.eastus.cloudapp.azure.com

On Windows and need SSH? Download Putty: (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html)
```
ssh username@DNS-LABLE-YOU-CREATED.eastus.cloudapp.azure.com
```
Delete the Resource Group

Type the following command and press Enter: azure group delete {RESOURCE GROUP NAME} -q. This command will remove everything you just created!
```
azure group delete {RESOURCE GROUP NAME} -q
```

Congratulations!

You have successfully:

Deployed a simple Linux VM using the Quick Start Templates and the Azure CLI

Click Continue to advance to the next exercise.

Exercise 4 : Lab Two: Run Docker on a VM in Azure

In this exercise you will:

Run Docker on a VM in Azure

Scenario: In this lab you will setup a VM like in exercise one, but it will have Docker... We'll deploy nginx and hit the default website from a browser.

Deploy a Docker VM using the Quick Start Template
https://github.com/tripdubroot/ContainerCamp/blob/master/labtwo/deploy-docker-vm.md

View Docker VM Extension

Yup! It's time to get serious... In this lab we'll deploy a VM using an ARM Template. In this template is new resource called a VM extension. This extends our ability to deploy software or run scripts on the VM after it's created in Azure. There are many different VM extensions, but will be using the Docker VM Extension. The docker extension installs docker on the VM for us. See the screenshot. This extension supports docker-compose... we'll check that out later.
Create a Resource Group from the Azure-CLI

Type the following command and press Enter: azure group create {RESOURCE GROUP NAME} eastus

Replace {RESOURCE GROUP NAME} with whatever you like. The "eastus" at the end is the data center location. There something like 22+ DCs now...
```
azure group create {RESOURCE GROUP NAME} eastus
```
Deploy an ARM Template using the Azure-CLI

Type the following command and press Enter: azure group deployment create --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/docker-simple-on-ubuntu/azuredeploy.json. See the Knowledge icon for additional information.

Replace {RESOURCE GROUP NAME} with the resource group name you just created

Replace {DEPLOYMENT NAME} with whatever you like

This command creates a deployment with the resource manager and passes the URI of the Docker template. It will also prompt you for the following parameters:

1. Username (don't use "admin")
2. Password (needs to be more than 8 chars and be complex)
3. DNS Label (this will be the dns prefix used to connect to the box)
4. Storage Account Name (blob storage for VM Disks)
```
azure group deployment create   --template-uri https://raw.githubusercontent.com/azure/azure-quickstart-templates/master/docker-simple-on-ubuntu/azuredeploy.json
```
SSH to Your New Linux Box

From the command line we'll ssh to the server; feel free to poke around once connected. Type the following command and press Enter: ssh username@DNS-LABLE-YOU-CREATED.eastus.cloudapp.azure.com
```
ssh username@DNS-LABLE-YOU-CREATED.eastus.cloudapp.azure.com
```
Docker Hello-World

Now that we have a docker engine to run with, let's do the defacto hello-world app. Type the following command and press Enter: docker run hello-world. It's that simple... Docker went out to docker hub and downloaded the image called hello-world and ran it.
```
docker run hello-world
```
View Results

You should see output as shown in the screenshot.
Docker and NGINX

Next we'll run the docker image for NGINX. NGINX is an HTTP server and reverse proxy. Type the following command and press Enter: docker run -d -p 80:80 nginx. This should download the image, start the container, and set up port forwarding on port 80.
```
docker run -d -p 80:80 nginx
```
Test Docker and NGINX

To test, from your browser navigate to the url of your machine (this is the same as the SSH server): http://DNS-LABLE-YOU-CREATED.eastus.cloudapp.azure.com. You should see the "Welcome to NGINX" default page.
Create your Own Docker Image

Use the Docker Docs and create your own image... A good place to start is: Build your own images (https://docs.docker.com/engine/userguide/containers/dockerimages/).
Delete the Resource Group

Type the following command, edit as appropriate, and press Enter: azure group delete {RESOURCE GROUP NAME} -q
```
azure group delete {RESOURCE GROUP NAME} -q
```

Congratulations!

You have successfully:

Run Docker on a VM in Azure

Click Continue to advance to the next exercise.

Exercise 5 : Lab Three: Configure Azure Provider for Docker Machine

In this exercise you will:

Configure Azure Provider for Docker Machine

Scenario: Docker is one of the most popular virtualization approaches that uses Linux containers rather than virtual machines as a way of isolating application data and computing on shared resources. This topic describes when and how to use Docker Machine (the docker-machine command) to create new Linux VMs in Azure enabled as a docker host for your Linux containers.

In this lab you will configure your local Docker-Machine tooling to create VMs on Azure instead of using your local hypervisor.

Configure Docker Machine to use Azure:
https://github.com/tripdubroot/ContainerCamp/blob/master/labthree/docker-machine-azure.md

Create Docker Host VMs in Azure

Read the information shown in the Knowledge icon. Type the following command and press Enter: docker-machine create --driver azure. This will allow you to see the options and their default values; you can also read the Docker Azure Driver documentation (https://docs.docker.com/machine/drivers/azure/). Note that if you have two-factor authentication enabled, you will be prompted to authenticate using the second factor. See the screenshot.

You can create docker host VMs in Azure with the docker-machine create command using the azure driver argument for the driver option (-d) and any other arguments. This example relies upon the default values, but it does open port 80 on the VM to the internet to test with an nginx container, makes ops the logon user for SSH, and calls the new VM machine.
```
docker-machine create --driver azure 
```
Configure Your Docker Shell

Now, to see what you need to do to configure the shell, type the following and press Enter: docker-machine env . This prints the environment information, which looks something like the screenshot. Note the IP address has been assigned, which you'll need to test the VM. You can either run the suggested configuration command, or you can set the environment variables yourself.
```
docker-machine env 
```
Run a Container

Now you can run a simple web server to test whether all works correctly. Here we use a standard nginx image, specify that it should listen on port 80, and that if the VM restarts the container should restart as well (--restart=always). Type the following command and press Enter: docker run -d -p 80:80 --restart=always nginx. The output should look something like the screenshot.
```
docker run -d -p 80:80 --restart=always nginx
```
Test the Container

To examine running containers, type the following command and press Enter: docker ps. The results should look like the screenshot.
```
docker ps
```
Determine IP Address

To check to see the running container, type docker-machine ip and press Enter. You can then find the IP address (if you forgot from the envcommand).
```
docker-machine ip 
```

Congratulations!

You have successfully:

Configured Azure Provider for Docker Machine

Click Continue to advance to the next exercise.

Exercise 6 : Lab Four: Set Up Docker Swarm and Deploy Some Containers

In this exercise you will:

Set up Docker Swarm and deploy some Containers

Scenario: This topic shows a very simple way to use docker with swarm to create a swarm-managed cluster on Azure. It creates four virtual machines in Azure, one to act as the swarm manager, and three as part of the cluster of docker hosts. When you are finished, you can use swarm to see the cluster and then begin to use docker on it. In addition, the Azure CLI calls in this topic use the service management (asm) mode.

This topic uses docker with swarm and the Azure CLI without using docker-machine in order to show how the different tools work together but remain independent. docker-machine has --swarm switches that enable you to use docker-machine to directly add nodes to a swarm. For an example, see the docker-machine documentation.

In this lab you will deploy Docker Swarm. Once you have a swarm you will deploy some things to it...

Deploy Docker Swarm
https://github.com/tripdubroot/ContainerCamp/blob/master/labfour/deploy-docker-swarm.md

NOTE: In this lab we need to switch azure-cli mode from ARM to ASM. We'll also be using a secure Docker endopoint. See Protect the Docker daemon socket (https://docs.docker.com/engine/security/https) for more information.

Switch Azure-CLI Mode

Type the following command, edit as appropriate, and press Enter: azure config mode asm
Create Docker Hosts with Azure Virtual Machines

Steps 1 through 6 create four VMs, but you can use any number you want. In these steps, call the commands with
```
azure config mode asm
```
Create Swarm (Master)

Type the following command, edit as appropriate, and press Enter: azure vm docker create swarm-master -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops
```
azure vm docker create swarm-master -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops 
```
Create Swarm (Node-1)

Type the following command, edit as appropriate, and press Enter: azure vm docker create swarm-node-1 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops
```
azure vm docker create swarm-node-1 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops 
```
Create Swarm (Node-2)

Type the following command, edit as appropriate, and press Enter: azure vm docker create swarm-node-2 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops
```
azure vm docker create swarm-node-2 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops 
```
Create Swarm (Node-3)

Type the following command, edit as appropriate, and press Enter: azure vm docker create swarm-node-3 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops
```
azure vm docker create swarm-node-3 -l "East US" -e 22 "b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04-LTS-amd64-server-20140724-en-us-30GB" ops 
```
View Results

When you're done you should be able to use azure vm list to see your Azure VMs (see screenshot).
```
azure vm list
```
Installing Swarm on the Swarm Master VM

This topic uses the container model of installation from the docker swarm documentation (https://github.com/docker/swarm#1---docker-image) -- but you could also SSH to the swarm-master. In this model, swarm is downloaded as a docker container running swarm. Below, we perform this step remotely from our laptop/lab VM by using docker to connect to the swarm-master VM and tell it to use the cluster id creation command, swarm create. The cluster id is how swarm discovers the members of the swarm group. (You can also clone the repository and build it yourself, which will give you full control and enable debugging.) Look at the screenshot. That last line is the cluster id; copy it somewhere because you will use it again when you join the node VMs to the swarm master to create the "swarm". In this example, the cluster id is 36731c17189fd8f450c395db8437befd.
List the Endpoint Information

For each node, list the endpoint information using the Azure CLI. Here we do that for the swarm-node-1 docker host in order to obtain the node's docker port: $ azure vm endpoint list swarm-node-1

Join the node VMs to our docker cluster
```
$ azure vm endpoint list swarm-node-1
```
Join Node to Swarm

Using docker and the -H option (see screenshot) to point the docker client at your node VM, join that node to the swarm you are creating by passing the cluster id and the node's docker port (the latter using --addr).
Confirm that Swarm is Running

That looks good. To confirm that swarm is running on swarm-node-1 we type: docker --tls -H tcp://swarm-node-1.cloudapp.net:2376 ps -a
```
docker --tls -H tcp://swarm-node-1.cloudapp.net:2376 ps -a
```
Join Remaining Nodes to Swarm

Repeat steps 9 and 10 for all the other nodes in the cluster. In our case, we do that for swarm-node-2 and swarm-node-3.
Begin Managing the Swarm Cluster

Type the following and press Enter:
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run -d -p 2375:2375 swarm manage token://36731c17189fd8f450c395db8437befdd7e87c2c147ade438cb4b663bda0ee20981d4818770958f5d317d6aebdcaedd5
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run -d -p 2375:2375 swarm manage token://36731c17189fd8f450c395db8437befdd7e87c2c147ade438cb4b663bda0ee20981d4818770958f5d317d6aebdcaedd5
```
List Nodes

And then you can list out your nodes in your cluster:
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --rm swarm list token://73f8bc512e94195210fad6e9cd58986f
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --rm swarm list token://73f8bc512e94195210fad6e9cd58986f
```
Deploy Redis

To deploy a Redis container run the following command:
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --name some-redis -d redis
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --name some-redis -d redis
```
View Result

To see where on the cluster it was scheduled: docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```
Deploy Ubuntu Container

To deploy an Ubuntu container run the following command:
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --name some-ubuntu -d ubuntu
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run --name some-ubuntu -d ubuntu
```
Review Results

To see where on the cluster it was scheduled: docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```
Deploy Jenkins

To deploy a Jenkins container run the following command: docker --tls -H tcp://swarm-master.cloudapp.net:2376 run -p 8080:8080 -p 50000:50000 jenkins
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 run -p 8080:8080 -p 50000:50000 jenkins
```
Review Results

To see where on the cluster it was scheduled: docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```
docker --tls -H tcp://swarm-master.cloudapp.net:2376 ps
```

Congratulations!

You have successfully:

Set up Docker Swarm and deploy some Containers

Click Continue to advance to the next exercise.

Exercise 7 : Lab Five: Set Up Azure Container Service

In this exercise you will:

Deploy Azure Container Service

Connect and use ACS

Scenario: In this lab we'll look at Microsoft Azure's Container as a Service solution called: Azure Container Service (ACS).

Deploy Azure Container Service
https://github.com/tripdubroot/ContainerCamp/blob/master/labfive/deploy-acs.md

Connect and Use ACS
https://github.com/tripdubroot/ContainerCamp/blob/master/labfive/connect-acs.md

Select Template
To deploy a DC/OS or Docker Swarm cluster, select one of the following templates from GitHub. Note that both of these templates are the same, with the exception of the default orchestrator selection.
- DC/OS template (https://github.com/Azure/azure-quickstart-templates/tree/master/101-acs-mesos)
- Swarm template (https://github.com/Azure/azure-quickstart-templates/tree/master/101-acs-swarm)
To create an instance of Azure Container Service by using the command line, you need an Azure subscription. If you don't have one, then you can sign up for a free trial. For this lab, you have already set this up. You also need to have installed and configured the Azure CLI, which has also been done for this lab.
Connect Azure CLI to Azure Subscription

Next, make sure that the Azure CLI has been connected to an Azure subscription. You can do this by using the following command: azure account show. If an Azure account is not returned, use the following command to sign the CLI in to Azure:
azure login. You will need to generate a key using puttygen.exe.
```
azure account show
```
Configure Azure CLI to Use Azure Resource Manager

Next, configure the Azure CLI tools to use Azure Resource Manager: azure config mode arm
```
azure config mode arm
```
Create Resources

Create an Azure Resource Group and Container Service cluster with the following command, substituting the information as described in the Alert icon: Azure group create RESOURCE_GROUP_NAME eastus. Note: When running this command, the shell will prompt you for deployment parameter values.
- RESOURCE_GROUP is the name of the Resource Group you want to use for this service
- LOCATION is the Azure region where the Resource Group and Azure Container Service deployment will be created.
- TEMPLATE_URI is the location of the deployment file. Note - this must be the RAW file, not a pointer to the GitHub UI. To find this URL select the azuredeploy.json file in GitHub and click the RAW button
```
Azure group create RESOURCE_GROUP_NAME eastus
```
Determine DNS Name

The first thing that you do when you create an SSH tunnel on Linux or OS X is to locate the public DNS name of load-balanced masters. To do this, expand the resource group so that each resource is being displayed. Locate and select the public IP address of the master. This will open up a blade that contains information about the public IP address, which includes the DNS name. Save this name for later use.

Connect to an Azure Container Service Cluster

The DC/OS and Swarm clusters that are deployed by Azure Container Service expose REST endpoints. However, these endpoints are not open to the outside world. In order to manage these endpoints, you must create a Secure Shell (SSH) tunnel. Once an SSH tunnel has been established, you can run commands against the cluster endpoints and view the cluster UI through a browser on your own system. This document walks you through creating an SSH tunnel from Linux, OS X, and Windows.

You can create an SSH session with a cluster management system. However, we don't recommend this. Working directly on a management system exposes the risk for inadvertent configuration changes.
Create an SSH Tunnel on Linux or OS X

Now open a shell and run the following command where the parameters are as described in the Alert window: ssh -L PORT:localhost:PORT -f -N [USERNAME]@[DNSPREFIX]mgmt.[REGION].cloudapp.azure.com -p 2200. Note: The SSH connection port is 2200 and not the standard 22.
- PORT is the port of the endpoint that you want to expose. For Swarm, this is 2375. For DC/OS, use port 80
- USERNAME is the user name that was provided when you deployed the cluster
- DNSPREFIX is the DNS prefix that you provided when you deployed the cluster
- REGION is the region in which your resource group is located
- PATH_TO_PRIVATE_KEY [OPTIONAL] is the path to the private key corresponding to the public key you provided when creating the container service cluster. Use this option with the -i flag
```
ssh -L PORT:localhost:PORT -f -N [USERNAME]@[DNSPREFIX]mgmt.[REGION].cloudapp.azure.com -p 2200
```
DC/OS Tunnel

To open a tunnel to the DC/OS-related endpoints, execute a command that is similar to the following: sudo ssh -L 80:localhost:80 -f -N azureuser@acsexamplemgmt.japaneast.cloudapp.azure.com -p 2200
```
sudo ssh -L 80:localhost:80 -f -N azureuser@acsexamplemgmt.japaneast.cloudapp.azure.com -p 2200
```
View Results
You can now access the DC/OS-related endpoints at:
- DC/OS: http://localhost/
- Marathon: http://localhost/marathon
- Mesos: http://localhost/mesos
Similarly, you can reach the rest APIs for each application through this tunnel.
Swarm Tunnel

To open a tunnel to the Swarm endpoint, execute a command that looks similar to the following: ssh -L 2375:localhost:2375 -f -N azureuser@acsexamplemgmt.japaneast.cloudapp.azure.com -p 2200
```
ssh -L 2375:localhost:2375 -f -N azureuser@acsexamplemgmt.japaneast.cloudapp.azure.com -p 2200
```
Set DOCKER_HOST Environment Variable

Now you can set your DOCKER_HOST environment variable as follows and continue to use your Docker command-line interface (CLI) as normal: export DOCKER_HOST=:2375
```
export DOCKER_HOST=:2375
```
Create an SSH Tunnel on Windows

Launch Puttty. Enter a host name that is comprised of the cluster admin user name and the public DNS name of the first master in the cluster. The Host Name will look like this: adminuser@PublicDNS. Enter 2200 for the Port.

There are multiple options for creating SSH tunnels on Windows. This lab will describe how to use PuTTY to do this.
Cofigure SSH and Authentication

Select SSH and Authentication. Add your private key file for authentication.
Configure Ports
Select Tunnels and configure the following forwarded ports:
- Source Port: Your preference--use 80 for DC/OS or 2375 for Swarm.
- Destination: Use localhost:80 for DC/OS or localhost:2375 for Swarm.
Note: The screenshot example is configured for DC/OS, but will look similar for Docker Swarm. Port 80 must not be in use when you create this tunnel.
Connect Putty Session

When you are finished, save the connection configuration, and connect the PuTTY session. When you connect, you can see the port configuration in the PuTTY event log.
Access Endpoint
When you have configured the tunnel for DC/OS, you can access the related endpoint at:
- DC/OS: http://localhost/
- Marathon: http://localhost/marathon
- Mesos: http://localhost/mesos
When you have configured the tunnel for Docker Swarm, you can access the Swarm cluster through the Docker CLI. You will first need to configure a Windows environment variable named DOCKER_HOST with a value of :2375.