You will learn:

  • Use your own container and image registry to deploy the application to the public cloud.
  • Deploy the application using Azure Container Instances.

Building the container image

Let's take a simple application from the previous exercise:

from datetime import date
from flask import Flask
app = Flask(__name__)

@app.route("/")
def hello():
     return "<h1 style='color:blue'>Hello There!</h1><a href='/date'>Date and Time</a>"

@app.route("/date")
def today():
     today = date.today()
     return "<p>{}</p>".format(today.strftime("%d.%m.%Y"))

if __name__ == "__main__":
     app.run()

For an application that has more complex dependencies, it is advantageous to create a container image. In the Dockerfile file, we will write the procedure for installing and configuring everything necessary for its operation. This will make it easier for us to run it in a public or private cloud environment.

FROM python:3.8-alpine
WORKDIR /app
RUN pip install flask
COPY ./app.py /app
ENV FLASK_APP app.py
ENTRYPOINT [ "flask" ]
CMD ["run", "--host", "0.0.0.0", "--port", "80"]

Build a container image and give it a name.

 docker build . -t greetings:dev

Register of images

If you want to use your own container image in the public cloud, you must first place it in the available image registry. The image registry is a place from which an image can be retrieved on demand from any worker node in the cloud.

It will look something like this:

                              Public Cloud

 +---------------+          +-----------+          +-----------+
 | local machine | docker   | register  | docker   | container |
 | docker build  | push --->| images    | pull --->| instance  |
 +---------------+          +-----------+          +-----------+

The image register must be secured against unauthorized access. The container image may also contain sensitive data or source codes that we do not want to share with anyone. We have to set the registry so that we have the right to write from the local machine and that the work node on the cloud has the right to read.

Creating an image registry

In order to be able to use our own image in Azure, we have to save it in our own image registry. You can save any local container image to the registry.

First, we create a resource group (resourcegroup). We will create a registry in the resource group. Come up with a nice name for the registry.

The name of the registry must be original so that there is no conflict with some other project.

az group create --name mrg --location eastus
az acr create --resource-group mrg --name registryflower --sku Basic

Entry into the image register

First, we need to enable writing to the new registry. Connect the local docker client and Registry

 # Does it work?
 az acr login --name registryflower

If this login method doesn't work, you need to connect docker client and image registry using login and password. Log in to the Azure portal via a web browser, find the register. In the "Settings-Access Keys" section check "Admin User". Your login name and password will be displayed.

 # If it doesn't work
 docker login registryflower.azurecr.io

The DNS name of the image registry must be encoded into the name of the image we created. The registry name is encoded into the container image name before the / slash.

 registry_name/image:tag

 docker tag greetings:dev registryflower.azurecr.io/greetings:dev
 docker push registryflower.azurecr.io/greetings:dev

Use the `docker push' command to send the image. Find the URL of the application and test if it works.

Creating a container using ACI

We will use the "Azure Container Instances" service to create the container. Note that the command to create a container is similar to the docker run command. In the arguments we enter the name of the image, the name of the container and the list of ports that the instance uses.

 az container create --resource-group mrg --name mycontainer --image registryflower.azurecr.io/greetings:dev --dns-name-label flower-demo --ports 80

ACI does not support port mapping - the port you specify must be the same as the port that is open on the container. This port will be published.

Detailed documentation az container create.

You can set access rights to the image registry using arguments:

 [--registry-login-server]
 [--registry-password]
 [--registry-username]

You can map persistent volumes using:

 [--azure-file-volume-account-key]
 [--azure-file-volume-account-name]
 [--azure-file-volume-mount-path]
 [--azure-file-volume-share-name]

You can set environment variables using [--environment-variables].

Find out the dns name under which the container is accessible. The name of the container can be found using `az' and from the web interface.

 az container show --resource-group mrg --name mycontainer --query "{FQDN:ipAddress.fqdn,ProvisioningState:provisioningState}" --out table

See the application. The application will run on the port you assigned to it. Try changing the application port.

See application logs:

 az container logs --resource-group mrg --name mycontainer

If you do not delete the resources, you will run out of credit.

Clean up the environment after yourself

You delete the entire resource group. In this way, you will also delete the image register with its contents.

 az group delete --name mrg

Bibliography

  • Also try this Azure Conteiner Instances: https://azure.microsoft.com/en-us/services/container-instances/
  • https://docs.microsoft.com/en-us/azure/app-service/tutorial-custom-container?pivots=container-linux/
  • https://docs.microsoft.com/en-us/learn/modules/deploy-run-container-app-service/
  • https://docs.microsoft.com/en-us/azure/app-service/quickstart-custom-container
  • https://docs.microsoft.com/en-us/azure/aks/tutorial-kubernetes-prepare-acr

Previous Post Next Post

Azure Container Instances