Microsoft Azure

Estimated reading time: 4 minutes

You need an Azure Subscription to use this Docker Machine driver. Sign up for a free trial.

Note: This documentation is for the new version of the Azure driver, which started shipping with v0.7.0. This driver is not backwards-compatible with the old Azure driver. If you want to continue managing your existing Azure machines, please download and use machine versions prior to v0.7.0.

Authentication

The first time you try to create a machine, Azure driver asks you to authenticate:

$ docker-machine create --driver azure --azure-subscription-id <subs-id> <machine-name>
Running pre-create checks...
Microsoft Azure: To sign in, use a web browser to open the page https://aka.ms/devicelogin.
Enter the code [...] to authenticate.

After authenticating, the driver remembers your credentials up to two weeks.

KNOWN ISSUE: There is a known issue with Azure Active Directory causing stored credentials to expire within hours rather than 14 days when the user logs in with personal Microsoft Account (formerly Live ID) instead of an Active Directory account. Currently, there is no ETA for resolution, however in the meanwhile you can create an AAD account and login with that as a workaround.

Options

Azure driver only has a single required argument to make things easier. Please read the optional flags to configure machine details and placement further.

Required:

  • --azure-subscription-id: (required) Your Azure Subscription ID.

Optional:

  • --azure-availability-set: Azure Availability Set to place the virtual machine into. [?]
  • --azure-docker-port: Port number for Docker engine.
  • --azure-environment: Azure environment. For example, AzurePublicCloud orAzureChinaCloud.
  • --azure-image: Azure virtual machine image in the format of Publisher:Offer:Sku:Version [?]
  • --azure-location: Azure region to create the virtual machine. [?]
  • --azure-no-public-ip: Do not create a public IP address for the machine (implies --azure-use-private-ip). Should be used only when creating machines from an Azure VM within the same subnet.
  • --azure-open-port: Make additional port number(s) accessible from the Internet [?]
  • --azure-private-ip-address: Specify a static private IP address for the machine.
  • --azure-resource-group: Azure Resource Group name to create the resources in.
  • --azure-size: Size for Azure Virtual Machine. [?]
  • --azure-ssh-user: Username for SSH login.
  • --azure-static-public-ip: Assign a static public IP address to the machine.
  • --azure-subnet: Azure Subnet Name to be used within the Virtual Network.
  • --azure-subnet-prefix: Private CIDR block. Used to create subnet if it does not exist. Must match in the case that the subnet does exist.
  • --azure-use-private-ip: Use private IP address of the machine to connect. Useful for managing Docker machines from another machine on the same network, such as when deploying Swarm.
  • --azure-vnet: Azure Virtual Network name to connect the virtual machine. [?] To specify a Virtual Network from another resource group, use resourcegroup:vnet-name format.

Environment variables and default values

CLI option Environment variable Default
--azure-availability-set AZURE_AVAILABILITY_SET docker-machine
--azure-docker-port AZURE_DOCKER_PORT 2376
--azure-environment AZURE_ENVIRONMENT AzurePublicCloud
--azure-image AZURE_IMAGE canonical:UbuntuServer:16.04.0-LTS:latest
--azure-location AZURE_LOCATION westus
--azure-no-public-ip - -
--azure-open-port - -
--azure-private-ip-address - -
--azure-resource-group AZURE_RESOURCE_GROUP docker-machine
--azure-size AZURE_SIZE Standard_A2
--azure-ssh-user AZURE_SSH_USER docker-user
--azure-static-public-ip - -
--azure-subnet-prefix AZURE_SUBNET_PREFIX 192.168.0.0/16
--azure-subnet AZURE_SUBNET docker-machine
--azure-subscription-id AZURE_SUBSCRIPTION_ID -
--azure-use-private-ip - -
--azure-vnet AZURE_VNET docker-machine

Notes

Azure runs fully on the new Azure Resource Manager (ARM) stack. Each machine created comes with a few more Azure resources associated with it:

  • A Virtual Network and a subnet under it is created to place your machines into. This establishes a local network between your docker machines.
  • An Availability Set is created to maximize availability of your machines.

These are created once when the first machine is created and reused afterwards. Although they are free resources, driver does a best effort to clean them up after the last machine using these resources is removed.

Each machine is created with a public dynamic IP address for external connectivity. All its ports (except Docker and SSH) are closed by default. You can use --azure-open-port argument to specify multiple port numbers to be accessible from Internet.

Once the machine is created, you can modify Network Security Group rules and open ports of the machine from the Azure Portal.

machine, Microsoft Azure, driver