Digital Ocean is a cloud service provider that offers competitive prices to host virtual machines. It makes deploying and serving Docker images very easy. In this section, we are going to deploy a droplet (Digital Ocean's terminology for a single machine) that runs our dockerized Vault service in the cloud.
Specifically, following are the steps to deploy Docker images to Digital Ocean:
USERNAME/vault
container.curl
command.Digital Ocean is a Platform as a Service (PaaS) architecture, and as such, the user experience is likely to change from time to time, so the exact flow described here might not be entirely accurate by the time you come to perform these tasks. Usually, by looking around at the options, you will be able to figure out how to proceed, but screenshots have been included to help guide you.
This section also assumes that you have enabled any billing that might be required in order to create droplets.
Sign up or log in to Digital Ocean by visiting https://www.digitalocean.com in the browser. Ensure that you use a real e-mail address, as this is where they will send the root password for the droplet you are going to create.
If you have no other droplets, you will be presented with a blank screen. Click on Create Droplet:
Inside the One-click apps tab, look for the latest Docker option; at the time of writing this, it is Docker 1.12.1 on 16.04, which means Docker version 1.12.1 is running on Ubuntu 16.04.
Scroll down the page to select the remaining options, including picking a size (the smallest size will do for now) and a location (pick the closest geographic location to you). We won't bother adding additional services (such as volumes, networking, or backups) for now just proceed with the simple droplet.
It might be a nice idea to give your droplet a meaningful hostname so that it's easy to find later, something like vault-service-1
or similar; it doesn't really matter for now:
At the bottom of the page, click on Create:
Once your droplet has been created, select it from the Droplets list and look for the Console option (it may be written as Access console
).
After a few moments, you will be presented with a web-based terminal. This is how we will control the droplet, but first, we must log in:
Enter the login username as root
, and check your e-mail for the root password that Digital Ocean has sent you. At the time of writing this, you cannot copy and paste this, so be ready to carefully type out a long string as accurately as you can.
Once you've logged in for the first time, you'll be asked to change your password which involves typing the long generated password again! Security can be so inconvenient at times.
Since we selected the Docker app as a starting point for our droplet, Digital Ocean has kindly configured Docker to already be running inside our instance, so we can just use the docker
command to finish setting things up.
In the web-based terminal, pull your container with the following command, remembering to replace USERNAME
with your Docker Hub username:
docker pull USERNAME/vault
Docker will go and pull down everything it needs in order to run the image we created earlier:
Once the image and its dependencies have successfully downloaded, we will be able to run it using a the docker run
command, this time with the -d
flag to specify that we want it to run as a background daemon. In the web-based terminal, type the following:
docker run -d -p 6060:8080 -p 6061:8081 --name vault USERNAME/vault
This is similar to the command we ran earlier, except that this time, we are giving it the name vault, and we have omitted the --rm
flag, since it is not compatible (and doesn't make sense) with the background daemon mode.
The Docker image containing our Vault service will start running and is now ready to test.
Now that our Docker image is running in our droplet within Digital Ocean's platform, we can start using it.
In the Digital Ocean web control panel, select Droplets and look for the one we just created. We need to know the IP address so that we can access the services remotely. Once you have located the IP address of the droplet, click on it to copy it.
Open a local terminal on your computer (do not use the web-based terminal) and use the curl
command (or equivalent) to make the following request:
curl -XPOST -d '{"password":"Monkey"}' http://IPADDRESS:6060/hash
Remember to replace IPADDRESS
with the actual IP address you copied from Digital Ocean's web control panel.
You will notice that you have successfully managed to access the JSON/HTTP endpoint of our Vault service when you get a response similar to the following:
{"hash":"$2a$10$eGFGRZ2zMfsXss.6CgK6/N7TsmF.6MAv6i7Km4AHC"}
See whether you can modify the curl
command to validate the hash that was provided using the /validate
endpoint.
13.59.141.75