Docker Cloud BYON & Docker Compose


Late last year, Docker snapped up cross-cloud container management service Tutum, but it wasn’t clear how the acquired company’s handiwork would manifest under the Docker brand. Tutum was built from the ground up as a Docker tool. It gives visibility into containers, and enables a team to create, start, terminate or redeploy as needed. It also provides a dashboard view of all of the containers under team management.  Tutum is now Docker Cloud. Docker Cloud is a new service by Docker that implements all features previously offered by Tutum plus integration with Docker Hub Registry.

A group of us in BC are looking for ways we can provide a more sustainable opened tech infrastructure  to BC higher education.  We have begun looking for approaches to shared WordPress hosting.  I have been playing with Stackfiles and Docker Compose for the last few weeks and starting to get a clearer picture of how we might sustainably provide hosting for both dev and production WordPress hosting for BC open education initiatives.

As well as deploying and managing hosts on the supported cloud providers (EC2, Azure, etc), Docker Cloud can use any Linux host as a node to deploy containers to. For this, you install an agent which will allow you to connect the Docker Cloud dashboard to your infrastructure. I went ahead and connected our new EduCloud node to Docker Cloud last week and started experimenting with how services are managed.  Services/sites can be setup directly quickly using the Docker Cloud web interface.  Services/sites are managed via ‘stacks’ which are defined using Docker Compose.  Compose is a tool for defining and running multi-container Docker applications.  This ‘stackfile’ contains the instructions required to pull from required repositories (eg: Docker Hub, Github, etc) and configure your application’s services. Then, using a single command, you can create and start all the services.

Once a stackfile is defined, it can be used to deploy and/or redeploy as many copies of an application as you need.  I found a ‘ready to deploy’ WordPress stackfile at this registry:

image: tutum/wordpress-stackable:latest
– db
– “80:80”
DB_NAME: wordpress
DB_USER: admin
DB_PASS: “**ChangeMe**”
image: tutum/mysql:5.5
MYSQL_PASS: “**ChangeMe**”

To test out Docker Cloud/Compose on EduCloud I decided to reserve the domain, create 2 subdomains, and map a separate WordPress installation to each subdomain.  I made 2 DNS entries and pointed them all to our EduCloud host.

Without going too far down the Docker technical docs in this post, it is important to know that traffic between containers & external networks runs on Ports.  No 2 containers be exposed on the same public port for HTTP traffic (Port 80/443) without a proxy out in front to handle traffic.  To accomplish this I decided to use nginx-proxy, a container running nginx and docker-gen. docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped thereby automating all that port mapping between containers and the public IP/Ports.  All that is needed to unsure the reverse proxy works properly is to start your WordPress Docker container passing the VIRTUAL_HOST variable.

That means adding 1 line to my Stackfile cribbed from above and tweaking another:

image: tutum/wordpress-stackable:latest
- db
- "5000:80"
DB_NAME: wordpress
DB_USER: admin
DB_PASS: ----------
image: tutum/mysql:5.5
MYSQL_PASS: -----------

As I will have 2 stacks, I will need 2 internal ports.  For the purposes of this test I am using 5000 and 5001.  All of these map to Port 80/443 facing the web.   nginx-proxy also needs to know what domains to listen for along with their associated internal port so I added the VIRTUAL_HOST variable and indicated the internal port for the test Wordpress container (5000) to ensure sure the incoming request is routed correctly.

I updated the 2 stackfiles and clicked ‘Create & Deploy’.  From start to finish, provisioning these WordPress sites took minutes.


If you geolocate any of these subdomains, you will see that they all indicate they are hosted in Kamloops, BC (when, in fact, they are hosted on EduCloud using clever networking arrangement from TRU-IT folks.)

Docker Cloud could be a dream for multi-tenant WordPress updates/customizations. Simply make an exact copy of an existing WordPress stack, map your new development domain, and deploy your development spaces.  When your development is ready for production, change the VIRTUAL_HOST variable on the container to update your domain. Done.

This is a simple example of a multiple MySQL+Wordpress Docker container stack running on EduCloud. There are hundreds of applications available at the Docker Hub. Looking forward to playing more and learning more with Docker Cloud and Docker Compose this week as well as exploring how Docker Cloud might be used for our inter-institutional devops.










Analytics with Piwik on

Brian brings up a great point here.  Seems a significant number of BC post-secondary websites are fine using Google Analytics despite it being contrary to guidelines and standards for “All provincial ministries and organizations that have a direct reporting structure to a Minister”.

There are a number of good reasons why you may not want to track visitors to your website/service.  If you do plan on tracking visitors to your website, you should carefully consider your reasons, and the impacts:

“The data is interesting.” “The data is valuable.” “The data is actionable.” “The data is monetizable” – bought and sold. So we’re told…

Are these sufficient reasons to track your website visitors?

Interesting to whom? Valuable to whom? Actionable by whom? How? Who’s buying it?

Do you use the data that’s being collected? Or are you just a proxy, collecting and handing it off to others?

 ~ Audrey Watters

If you are going to collect such data, and don’t want it handed off to third-party providers, you have 2 self-hosted options in



I have Piwik up and running on here at  It took me 5 minutes to install, configure, and start collecting some data.

1. Install Piwik at


2. Navigate to the [All Websites] link in the top right-hand corner of your Dashboard.  Select [Add a New Website] as pictured below.

3. You will be directed to the [Settings] page.  Select [Add a new website] and fill out some basic information about your site, including the domain name for you site.

Once you have filled things out, click [View Tracking Code].



4. On this page, you will be offered some Javascript.  Copy it.

5. If you are a WordPress user, install the Tracking Code plugin.  There are other plugins that also do the same thing.

6. Take the Javascript you copied from Piwik and paste it in your WordPress plugin settings.


7. Visit your site a few times and check your Piwik grain at



What are the advantages of using open source software like Piwki for your site analytics needs?



Hummingbird is also available at and lets you see how visitors are interacting with your website in real time.  A very different app from Piwik as it only provides a real-time view, but potentially useful for conferences, events, displays, & other such special use cases.

Setup is very easy:

  1. Fire up a Hummingbird grain
  2. Copy the [Tracker] code.  Paste it in the footer of your website or your Wordpress footer plugin.
  3. Watch your live visitor traffic.hummingbird-gif



stay anonymous (or not) with


By hosting applications using at, users can can enforce access control on each application. By default, a newly-created application grain (such as an Etherpad document) is private. Through the user interface, you can grant other people access to the grain with varying permission levels, you can inspect who has access, and you can revoke that access.

Below is a screenshot of the options for sharing access to WordPress in


The majority of the applications in allow users to share author/edit access to the application without the need to login.  This allows applications to be accessed anonymously.

I think this ‘stay anonymous’ access is a fantastic feature for educators and frees classes from the need to manage username/password arrangements.  I see this as one of the killer features of SPLOTS – remove the username/password obstacle to open up a new palette for ‘just in time’ access to web applications for teaching and learning.

I explored the applications at and have classified which applications currently offer:

  • ‘stay anonymous’ access with author/edit participation
  • anonymous access to read (requiring login for edit/author participation)
  • required login to access and/or participate
  • anonymous read access + required login to access and/or participate + domain mapping

I have added links to the the respective applications repos in the event folks would like to dig deeper into each app and its features.


Supports ‘stay anonymous’ access with author/edit participation in

Supports anonymous access to read (requires login for edit/author participation)


Domain mapping + anonymous read access + edit/author access with login


Requires login to access and/or participate





Mapping a domain to Davros with

I am collaborating with a great bunch of folks in BC highered on shared infrastructure – Clint has written about the capacity we are building and our opensource app hosting using the framework.

We have been running in Educloud since November 2015 and have 72 instructional designers, faculty, and technologists with 255 app instances (grains) to date.

Think of a ‘grain’ much like you would software containers and operating-system-level virtualization, but with unique features. As describes it:

The idea is simple: take your large web app and split it into small “services” running in separate containers. Services are separated by functionality: you might have an authentication service, a payment service, a search service, and so on.

Sandstorm takes a wildly different approach: It containerizes objects, where an object is primarily defined by data. We call each Sandstorm container a “grain”, because it is fine-grained.

I have been working quite a bit with the framework and working on packing opensource applications currently not available. I haven’t been writing about my work so I figured I’m overdue to start posting about how I’m using and outlining my forays in packaging opensource applications for hosting at

For today’s post – how I mapped Dropbox-clone Davros ( to a subdomain of

  1. Get your Davros grain open.
  2. Navigate to the [Publishing] area.
  3. Fill in your desired sub/domain2016-02-29_19-16-19
  4. Make your CNAME and TXT entries in your DNS Zone Editor (my CPanel views below)2016-02-29_19-19-21
  5. Put an empty index.html file in your Davros grain.
  6. Give your DNS entries some time to take hold. (mine took around 20 minutes)
  7. Upload a file to your Davros grain.
  8. Put your mapped sub/domain in front of the filename you just uploaded.
  9. Shared!

Now, for any file you put in this grain, you can easily share it on the web by placing the sub/domain on the front of the filename.

Davros at has a 2GB file upload limit.  By navigating to the [Clients] area of the app you can generate values that allow you to synchronize this app to a ownCloud client desktop client. Select one or more directories on your local machine and always have access to your latest files wherever you are.