About Me

My photo
I am an MCSE in Data Management and Analytics, specializing in MS SQL Server, and an MCP in Azure. With over 19+ years of experience in the IT industry, I bring expertise in data management, Azure Cloud, Data Center Migration, Infrastructure Architecture planning, as well as Virtualization and automation. I have a deep passion for driving innovation through infrastructure automation, particularly using Terraform for efficient provisioning. If you're looking for guidance on automating your infrastructure or have questions about Azure, SQL Server, or cloud migration, feel free to reach out. I often write to capture my own experiences and insights for future reference, but I hope that sharing these experiences through my blog will help others on their journey as well. Thank you for reading!

How to Create the Azure Container Registry push a container to the registry and run the image from Azure Web App services

What is Azure Container Registry

Azure Container Registry is a service for storing and distributing and managing container images. 
Azure Container Registry is based on the open source Docker registry.
 You have unknowingly already used Docker registry in the form of Docker hub. 
 Docker hub is a public container registry as a service while Azure Container Registry is a private managed service provided by Microsoft providing similar functionality.
 
 You can think of the container registry as version control for container images. 
 A developer pushes container images to container registry and an administrator pulls those images from the registry.
 The container registry takes care of versioning of the images and helps manage the versions with tags.
 Container registry is a fundamental building block for enabling distribution of container images. 
 Rather than uploading container images to servers directly from a development environment,
 we often instrument our continuous deployment tools to pull images from container registry and place them on our servers. 
 Azure Container Registry comes with a set of features for security and high availability. 
 First, access to container registry can be controlled using Azure Active Directory and firewalls. 
 Second, repositories can be replicated across Azure data center regions.
 And third, images can be signed using Docker Content Trust.
 Instead of building the container images at the developer machine,
 you can use Azure Container Registry to run Docker build commands in the cloud.
 Azure Container Registry will then take the Dockerfile and the build context. 
 It doesn't need input. Build it into a container image and finally publish it to the registry.
 Azure Container Registry supports automatically triggered tasks as well. 
 The tasks can be scheduled or based on some outside metrics such as changes in source code. 
 For example, Azure Container Registry can be configured to rebuild the application image when an update to the base image it uses is available on Docker hub.
 
Testing env OS: Ubuntu 18.4  which have Docker Engine installed using link


Install Azure CLI on Linux manually using below link

curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

Here we will learn below:-

1.How to build an docker image locally
2.Create the Azure Container Registry
3. Push a container to the Registry
4.Verify container registry images and check tagging has been done correctly
5. Run the image locally to verify operation
6. Run the image from Azure Web App Services.
7. stop and clean the local container which is in Azure container registry
8.Secure Access to ACR

1.How to build an docker image locally

  you can quickly build your own mini-application image (see the app_example folder  file):

https://drive.google.com/drive/folders/1oEQMbAPriXm__yjkA9mzlG8_wQi_H_Ll?usp=sharing

copy folder  app_example to azuser folder>> winscp and paste into \home\azuser folder

go to app_example folder and run chmod 777 hostname.sh

Build the image
-->docker build app_example/ -t hostname:v1

1.Create the Azure Container Registry


Azure Container Registry (ACR) is an Azure-based private registry for Docker container images.
Lets create an ACR instance to store our application in, and upload our container app to the newly created registry.

First you'll need to create a resource group, which we will re-use for the rest of the course:

---> az group create --name RGP-USE-PLH-NP --location eastus

Now  we can create an ACR instance:

-->az acr create --resource-group RGP-USE-PLH-NP --name rakakcourse28 --sku Basic

Login to your ACR instance:
--->az acr login --name rakakcourse28


Verify that you have a local copy of your application image:
-->docker images

We need to tag the image with the registry login server address

 which we can get with:

1. Need to retrieve the azure container registry name

-->az acr list --resource-group RGP-USE-PLH-NP --query "[].{acrLoginServer:loginServer}" --output tsv

-->export aLS=rakakcourse28.azurecr.io
Tag your nginx image with the server address and verion (v1 in this case):
-->docker tag hostname:v1 ${aLS}/hostname:v1

Verify that your tags have been applied:
-->docker images

2.Push the image to the Registry

Push the image to the Registry:

-->docker push ${aLS}/hostname:v1

3.Verify container registry images


Verify that the image has been pushed correctly:
-->az acr repository list --name rakakcourse28 --output tsv

You can verify that the image is appropriately tagged with (repository is the output of the previous step):

-->repository=hostname
-->az acr repository show-tags --name rakakcourse28 --repository ${repository} --output tsv

Once we've pushed an image to the Azure Registry, we should verify that we can download and run the image. 
First, we should still have a tagged version in our local images repository:

docker images | grep hostname

output:-
root@ubuntutest2020:/home/admina# docker images | grep hostname

hostname                                               v1                  3bc64b3156f8        11 minutes ago      133MB
rakakcourse28.azurecr.io/hostname   v1                  3bc64b3156f8        11 minutes ago      133MB


The longer name version (as there may be multiple tags) is the one that's also associated with the Azure Registry that we created previously . In order to verify that we can pull from the registry, we'll first remove the image, and then pull the image down from the registry (replacing <registry/image:version> with the registry tagged name from the previous command):

docker rmi rakakcourse28.azurecr.io/hostname:v1

docker rmi hostname:v1

azuser@ubuntutest2020:~$ docker rmi hostname:v1
Untagged: hostname:v1
Deleted: sha256:432556f47963403bf510b99ece271ffc64c5cf747a9cea5ce535efd2ef76fae2
Deleted: sha256:b47388279d060843dc1416f70cc9c19462c8c2f5a405e7e86361ea981844cfca
Deleted: sha256:0b9a846c3d3639a1f7c560f79f5a55eda45b011e23df42bdb032bf8e404794e1
Deleted: sha256:91e0b1ab1e8666140675d2326187ea88bbb23017be290f71f7f8ab680bee895a
Deleted: sha256:ec72d77541f91820348577c4828b801f3f426d875d0b695828d98e97c91c8d5f

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
but still we have ngnix image
azuser@ubuntutest2020:~$ docker images
REPOSITORY                                      TAG                 IMAGE ID            CREATED             SIZE
nginx                                           latest              8cf1bfb43ff5        11 days ago         132MB
rakcontainerregistry26.azurecr.io/hello-world   v1                  bf756fb1ae65        7 months ago        13.3kB

azuser@ubuntutest2020:~$



azuser@ubuntutest2020:~$ docker pull rakakcourse28.azurecr.io/hostname:v1
v1: Pulling from hostname
6ec8c9369e08: Already exists
d3cb09a117e5: Already exists
7ef2f1459687: Already exists
e4d1bf8c9482: Already exists
795301d236d7: Already exists
9a9f2fd6787e: Pull complete
Digest: sha256:b258c1f4ca03ab3a7b84dec905b3e52c7527e58b384b005d5d9e152a96950047
Status: Downloaded newer image for rakakcourse28.azurecr.io/hostname:v1
rakakcourse28.azurecr.io/hostname:v1
azuser@ubuntutest2020:~$

4. Run the image locally to verify operation


It should also then be possible to run the image locally to verify operation:

docker run --rm --name hostname -p 8080:80 -d <registry/image:version>

docker run --rm --name hostname -p 8080:80 -d rakakcourse28.azurecr.io/hostname:v1

-d == demonized version


azuser@ubuntutest2020:~$ curl localhost:8080

<HTML>
<HEAD>
<TITLE>This page is on 25f9e680142a and is version v1</TITLE>
</HEAD><BODY>
<H1>THIS IS HOST 25f9e680142a</H1>
<H2>And we're running version: v1</H2>
</BODY>
</HTML>
azuser@ubuntutest2020:~$

5. Run the image from Azure Web App Services.



Login to Azure Portal 











click on URL  --> https://dockerimage.azurewebsites.net



stop and clean the local container which is in Azure container registry

now Stop the running container
-->docker stop hostname


   Remove image rakakcourse28.azurecr.io/hostname:v1
-->docker rmi rakakcourse28.azurecr.io/hostname:v1

Secure Access to ACR



Thanks for Reading..

No comments: