From a89f4bf8e202d0d97205cded02ea58165503a7c5 Mon Sep 17 00:00:00 2001 From: French Ben Date: Wed, 18 Jan 2017 14:02:27 -0800 Subject: [PATCH] Added info about sp-options Signed-off-by: French Ben --- docker-for-azure/index.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/docker-for-azure/index.md b/docker-for-azure/index.md index 9034389d12ee..5f54c3b285e8 100644 --- a/docker-for-azure/index.md +++ b/docker-for-azure/index.md @@ -34,21 +34,26 @@ The number of workers you want in your swarm (1-100). ### Service Principal To set up Docker for Azure, a [Service Principal](https://azure.microsoft.com/en-us/documentation/articles/active-directory-application-objects/) is required. Docker for Azure uses the principal to operate Azure APIs as you scale up and down or deploy apps on your swarm. Docker provides a containerized helper-script to help create the Service Principal: - - docker run -ti docker4x/create-sp-azure sp-name +``` + docker run -ti docker4x/create-sp-azure sp-name rg-name rg-loc ... Your access credentials ============================= AD App ID: AD App Secret: AD Tenant ID: +``` If you have multiple Azure subscriptions, make sure you're creating the Service Principal with subscription ID that you shared with Docker when signing up for the beta. -`sp-name` is the name of the authentication app that the script creates with Azure. The name is not important, simply choose something you'll recognize in the Azure portal. +* `sp-name` is the name of the authentication app that the script creates with Azure. The name is not important, simply choose something you'll recognize in the Azure portal. Example: `sp1`. +* `rg-name` is the name of the new resource group that will be created to deploy the resources (VMs, networks, storage accounts) associated with the swarm. The Service Principal will be scoped to this resource group. Example: `swarm1`. +* `rg-loc` is the name of Azure's region/location where the resource group will be created. This needs to be one of the regions supported by Azure e.g. `westus`, `centralus`, `eastus`. + +While `rg-name` and `rg-loc` are optional, it's highly recommended that you create the resource group up front and scope the service principal to that specific resource group. If the script fails, it's typically because your Azure user account doesn't have sufficient privileges. Contact your Azure administrator. -When setting up the ARM template, you will be prompted for the App ID (a UUID) and the app secret. +When setting up the ARM template, you will be prompted for the App ID (a UUID) and the app secret. If you specified the resource group name and location parameters, please choose the option to deploy the template into an existing resource group and pass the same name and region/location that were passed above to create-sp-azure. ### SSH Key