You will learn:
- Use your own container and image registry to deploy the application to the public cloud.
- Deploy the application using Azure Container Instances.
Building the container image
Let's take a simple application from the previous exercise:
from datetime import date
from flask import Flask
app = Flask(__name__)
@app.route("/")
def hello():
return "<h1 style='color:blue'>Hello There!</h1><a href='/date'>Date and Time</a>"
@app.route("/date")
def today():
today = date.today()
return "<p>{}</p>".format(today.strftime("%d.%m.%Y"))
if __name__ == "__main__":
app.run()
For an application that has more complex dependencies, it is advantageous to create a container image. In the Dockerfile
file, we will write the procedure for installing and configuring everything necessary for its operation. This will make it easier for us to run it in a public or private cloud environment.
FROM python:3.8-alpine
WORKDIR /app
RUN pip install flask
COPY ./app.py /app
ENV FLASK_APP app.py
ENTRYPOINT [ "flask" ]
CMD ["run", "--host", "0.0.0.0", "--port", "80"]
Build a container image and give it a name.
docker build . -t greetings:dev
Register of images
If you want to use your own container image in the public cloud, you must first place it in the available image registry. The image registry is a place from which an image can be retrieved on demand from any worker node in the cloud.
It will look something like this:
Public Cloud
+---------------+ +-----------+ +-----------+
| local machine | docker | register | docker | container |
| docker build | push --->| images | pull --->| instance |
+---------------+ +-----------+ +-----------+
The image register must be secured against unauthorized access. The container image may also contain sensitive data or source codes that we do not want to share with anyone. We have to set the registry so that we have the right to write from the local machine and that the work node on the cloud has the right to read.
Creating an image registry
In order to be able to use our own image in Azure, we have to save it in our own image registry. You can save any local container image to the registry.
First, we create a resource group (resourcegroup
).
We will create a registry in the resource group. Come up with a nice name for the registry.
The name of the registry must be original so that there is no conflict with some other project.
az group create --name mrg --location eastus
az acr create --resource-group mrg --name registryflower --sku Basic
Entry into the image register
First, we need to enable writing to the new registry. Connect the local docker client and Registry
# Does it work?
az acr login --name registryflower
If this login method doesn't work, you need to connect docker client and image registry using login and password. Log in to the Azure portal via a web browser, find the register. In the "Settings-Access Keys" section check "Admin User". Your login name and password will be displayed.
# If it doesn't work
docker login registryflower.azurecr.io
The DNS name of the image registry must be encoded into the name of the image we created. The registry name is encoded into the container image name before the /
slash.
registry_name/image:tag
docker tag greetings:dev registryflower.azurecr.io/greetings:dev
docker push registryflower.azurecr.io/greetings:dev
Use the `docker push' command to send the image. Find the URL of the application and test if it works.
Creating a container using ACI
We will use the "Azure Container Instances" service to create the container.
Note that the command to create a container is similar to the docker run
command. In the arguments we enter the name of the image, the name of the container and the list of ports that the instance uses.
az container create --resource-group mrg --name mycontainer --image registryflower.azurecr.io/greetings:dev --dns-name-label flower-demo --ports 80
ACI does not support port mapping - the port you specify must be the same as the port that is open on the container. This port will be published.
Detailed documentation az container create.
You can set access rights to the image registry using arguments:
[--registry-login-server]
[--registry-password]
[--registry-username]
You can map persistent volumes using:
[--azure-file-volume-account-key]
[--azure-file-volume-account-name]
[--azure-file-volume-mount-path]
[--azure-file-volume-share-name]
You can set environment variables using [--environment-variables]
.
Find out the dns name under which the container is accessible. The name of the container can be found using `az' and from the web interface.
az container show --resource-group mrg --name mycontainer --query "{FQDN:ipAddress.fqdn,ProvisioningState:provisioningState}" --out table
See the application. The application will run on the port you assigned to it. Try changing the application port.
See application logs:
az container logs --resource-group mrg --name mycontainer
If you do not delete the resources, you will run out of credit.
Clean up the environment after yourself
You delete the entire resource group. In this way, you will also delete the image register with its contents.
az group delete --name mrg
Bibliography
- Also try this Azure Conteiner Instances: https://azure.microsoft.com/en-us/services/container-instances/
- https://docs.microsoft.com/en-us/azure/app-service/tutorial-custom-container?pivots=container-linux/
- https://docs.microsoft.com/en-us/learn/modules/deploy-run-container-app-service/
- https://docs.microsoft.com/en-us/azure/app-service/quickstart-custom-container
- https://docs.microsoft.com/en-us/azure/aks/tutorial-kubernetes-prepare-acr