Make DCOS and Marathon publicly available in the Azure Container Service

Azure Container Service

When researching my session on the Azure Container Service I noticed that to get to the DCOS and marathon UI is quite a hassle. You must connect to your ACS thru an SSH tunnel. This means that when doing this, your localhost url is now connected to the Azure Container Service. This is not easy if you want to use it on your local machine for lets say development or just to run containers on you dev box.

If you want to know more about the Azure Container Service, how to set it up or how to play with it just follow this link to the overview. Or simple take a free trail in Azure and start playing with it.

Make your management url publicly available

Now this is not recommended for production use. This is definitely not secure. But it can make your life a lot easier.

First you must make an inbound security rule on your master network security group.

msohtmlclipclip_image001

Make a new rule, give it a name and a priority. In this case I took 190 just to get it in the first place. As a source you should take “Tag” and choose internet. The service should be set to “Custom” and any protocol is allowed. Set the port range to 80 and choose “Allow”

msohtmlclipclip_image001[35]

Load balancer

Next up. Go to the load balancer of your master. First you must add a probe. Use the following settings

msohtmlclipclip_image001[37]

Then create a new load balancing rule and make sure it uses the probe you just created. The other settings can be taken from the next screenshot.

msohtmlclipclip_image001[39]

When you have configured all this. You should be able to connect to your DCOS environment thru the publicly available master url. Also Marathon can be reached now.


Originally published at Rick’s Blog.