Container Quickstart
4 minute read
This tutorial walks through the shortest path from a container image on your laptop to a running container on a Trustgrid appliance, with a port mapping you can reach from its LAN. If you already have a Trustgrid appliance enrolled and a Docker image you want to deploy, this should take about 10 minutes.
What you need
- A Trustgrid organization with at least one enrolled appliance.
- Permissions:
repositories::modify,node-exec::modify,node-exec::computeon the target node or cluster. - Docker on a
linux/amd64machine. We’ll use the publicnginx:alpineas the example image.
linux/amd64. If your workstation is an Apple Silicon Mac or Windows on ARM, push from an amd64 host (a Linux VM, a build server, or CI).1. Push the image to your Trustgrid registry
Each Trustgrid organization gets a private container registry. Your registry path is:
docker.<your-domain>/<your-namespace>/<image>:<tag>
For example, on the org with domain acme.trustgrid.io the path for an image called myapp tagged v1 is docker.acme.trustgrid.io/acme.trustgrid.io/myapp:v1. Your exact namespace is shown on the Repositories page.
Authenticate. From the Trustgrid portal, navigate to Repositories and copy the Docker Login command — it includes a short-lived token. Paste it in your terminal:
docker login -u trustgrid -p <token> https://docker.<your-domain>
From your amd64 host, push the image:
docker pull nginx:alpine
docker tag nginx:alpine docker.acme.trustgrid.io/acme.trustgrid.io/nginx:alpine
docker push docker.acme.trustgrid.io/acme.trustgrid.io/nginx:alpine
Verify the tag landed by navigating to Repositories → nginx in the portal. You should see the alpine tag listed with its digest. If it doesn’t appear, the push was not linux/amd64 — push from an amd64 host.
docker login command expires after about 24 hours. Re-fetch it from the portal when it does.2. Create the container
Navigate to the cluster or node where you want to run the container, then Compute → Container Management → Containers, and click Add Container.
Fill in:
| Field | Value |
|---|---|
| Name | nginx |
| Execution Type | Service (will run as a daemon and auto-restart) |
| Status | Enabled |
| Image Name | <your-namespace>/nginx |
| Image Tag | alpine |
Click Save. The portal returns to the container list with nginx shown as Enabled.
3. Expose a port
By default the container is reachable only from the appliance itself. To make it reachable from the appliance’s local network, add a host port mapping.
Click into
nginx, then Network on the left sidebar.Under Host Port Mappings click Add.
Fill in:
Field Value Protocol tcpHost Interface The LAN-facing NIC on the appliance (e.g. ens192). Check Networking → Interfaces if you’re not sure.Host Port 8080Container Port 80Click Save.
4. Wait for it to start
Go back to the container list at node scope (not cluster scope — runtime state lives at the node scope). The container’s State column transitions through Initializing → Running within a minute or two for a small image.
5. Reach it
From any host on the same LAN as the appliance’s host interface (e.g. an admin workstation):
curl http://<appliance-LAN-IP>:8080/
You should see the default nginx welcome page.
6. Verify and explore
From the container’s detail page at node scope, the action bar at the top has:
- Start / Stop — restart the container without changing its configuration.
- Logs — open a streaming viewer for the container’s
stdout/stderr. - Terminal — open a shell inside the running container.
These are described in Container Tools.
Next steps
- Expose the container over a virtual network so peer Trustgrid nodes can reach it without going through the LAN.
- Add a Health Check so the container is flagged in the portal if it stops responding.
- Persist data with a bind mount or volume.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.