VMware Hands-on Labs

HOL 3-Tier Application – Using Docker Images

While it is interesting to see how a very simple application is constructed, some people just want to get the app deployed so they can use it.

This is an incremental update to getting the Hands-on Labs 3-Tier app setup using Docker images. Everything remains the same except that you do not need to do any significant configuration on your own. You stand up the base PhotonOS VMs and enable Docker on them, then simply pull down the images from Docker Hub to have a fully functioning 3-Tier app in a matter of minutes.

NOTE: While this mechanism can get you going quickly, it is not quite as simple to modify the configuration without a good deal of understanding about how Docker works. That is beyond the scope of this post.

Get Photon OS running as the Docker Host

You can install PhotonOS 3 using the ISO or by importing the OVA.

I have started with the Photon OS 3.0 Revision 2 OVA with virtual hardware v11 from http://dl.bintray.com/vmware/photon/3.0/Rev2/ova/photon-hw11-3.0-9355405.ova

It is about 169 MB and serves as an easy starting point: you can download the OVA and import it manually, or you can use OVFTOOL to pull it directly into your vCenter in one go:

PS C:\> New-Alias -Name ovftool -Value 'C:\Program Files\VMware\VMware OVF Tool\ovftool.exe'
PS C:\> ovftool --acceptAllEulas --diskMode=thin --datastore=RegionA01-ISCSI01-COMP01 --net:"None"="VM-RegionA01-vDS-COMP" --sourceType=OVA http://dl.bintray.com/vmware/photon/3.0/Rev2/ova/photon-hw11-3.0-9355405.ova 'vi://administrator@corp.local:VMware1!@vcsa-01a.corp.local/RegionA01/host/RegionA01-COMP01/esx-01a.corp.local/'

The above command will

  1. create a VM called photon-ova
  2. in the vcsa-01a.corp.local vCenter
  3. in the RegionA01 datacenter
  4. on host esx-01a.corp.local
  5. in the RegionA01-COMP01 cluster
  6. using a thin provisioned disk
  7. on the RegionA01-ISCSI01-COMP01 datastore
  8. and attach the NIC to the VM-RegionA01-vDS-COMP port group on my VDS.
  9. It uses the HOL standard credentials of administrator@corp.local / VMware1!

Adjust as necessary for your lab.

Basic Configuration of the PhotonOS Images (Docker Hosts)

Once you have that VM created, you can create the three base VMs needed to host the application’s parts:

  • Power it on, change the root password from “changeme” to something else
  • Set the root password to never expire ( it’s a LAB! )
# chage -M -1 root
  • Check and/or set the IP addresses and hosts files (or DNS, depending on your use case)
    • The Docker images need to know how to find one another on the network — you can change these as needed for your use case.
    • While you can leave the template machines at whatever IP addresses you like as long as you provide the proper IP-to-name mappings in the “docker run” command via –add-host directives, it is cleaner for most use cases to have static IP addresses so that the user (or you!) can see what is going on.
  • Enable and start Docker
# systemctl enable docker && systemctl start docker
  • shut down the VM and make 3 copies: db-01a, app-01a, web-01a

Pull and Start the 3-Tier App Images

Assuming the following:

  1. you have 3 copies of the template machine above, each with access to the Internet (Docker hub at hub.docker.com)
  2. the Docker daemon enabled and running
  3. with the reference static IPs:
    1. db-01a Docker host at
    2. app-01a Docker host at
    3. web-01a Docker host at

You can open the console on each of the machines and have them pull and start the respective images. Note that this environment assumes no access to central DNS, so I am providing the name resolution via –add-host directives on the command lines. This directive essentially adds the mappings to the runtime environments as if they were in the /etc/hosts file within the containers. These would need to be modified for any changes that you make for your environment and use case.

My Docker containers are configured to use a DNS server on if it is available.

For the db-01a machine (example IP address

# docker run -dit --hostname db-01a -p 3306:3306 vmwhol/hol-3-tier-app:db-01a

test with

# curl http://localhost:3306/cgi-bin/data.py 


For the app-01a machine (example IP address

# docker run -dit --hostname=app-01a --add-host db-01a: --add-host web-01a: -p 8443:8443 vmwhol/hol-3-tier-app:app-01a

test with

# curl -k https://localhost:8443/cgi-bin/app.py


For the web-01a machine (example IP address

# docker run -dit --hostname web-01a --add-host app-01a: -p 443:443 vmwhol/hol-3-tier-app:web-01a

test with

# curl -k https://localhost:443/cgi-bin/app.py 

When accessing the web server, the SSL certificate will be valid for the following names, so one of these should be mapped on your client machine to the IP address you are using as the web server (by default,

  1. web-01a.corp.local
  2. web-01a.corp.local
  3. web-01a.corp.local
  4. webapp.corp.local

What’s Next?

While creating containers for such a simple application may seem like overkill, now that the application has been containerized, we can get the “personalities” for the various servers deployed quickly.

Is there something we can do to get the docker host VMs themselves deployed any faster without investing in too much extra infrastructure?

I will take a look at that in a future post.