Linking Azure Container Registry to deploy images to Web Apps
TypeScriptTo link an Azure Container Registry (ACR) and deploy images to an Azure Web App, you will need to perform the following high-level steps:
- Create an Azure Container Registry (ACR): A place to store and manage your private Docker container images.
- Configure a Web App to pull the Docker image: Set up the Azure Web App to use a Docker container as its source, pulling the image from the ACR created.
- Deploy the image to the Web App: Deploy your application by pushing a Docker image to the ACR and setting the Web App to run that image.
Below is a Pulumi program written in TypeScript that demonstrates how to create an Azure Container Registry and deploy a Docker image to an Azure Web App. The comments within the code will help you understand each part of the program.
Before running the following Pulumi program, ensure you have the Azure provider configured with necessary credentials to authenticate with your Azure subscription.
import * as pulumi from "@pulumi/pulumi"; import * as azure from "@pulumi/azure"; import * as azureNative from "@pulumi/azure-native"; // Step 1: Create an Azure Resource Group const resourceGroup = new azureNative.resources.ResourceGroup("myResourceGroup"); // Step 2: Create an Azure Container Registry const containerRegistry = new azureNative.containerregistry.Registry("myContainerRegistry", { resourceGroupName: resourceGroup.name, sku: { name: "Standard" // Choose between Basic, Standard, and Premium }, adminUserEnabled: true, // Enable admin user for simplicity in this example }); // Step 3: Create an Azure App Service Plan const appServicePlan = new azureNative.web.AppServicePlan("myAppServicePlan", { resourceGroupName: resourceGroup.name, kind: "Linux", // Azure Web Apps for Containers must run in a Linux environment reserved: true, // Required for Linux configuration sku: { tier: "Basic", size: "B1", // Choose the size that best fits your needs }, }); // Step 4: Create an Azure Web App for a container const webApp = new azureNative.web.WebApp("myWebApp", { resourceGroupName: resourceGroup.name, serverFarmId: appServicePlan.id, siteConfig: { appSettings: [ { name: "DOCKER_REGISTRY_SERVER_URL", value: pulumi.interpolate`https://${containerRegistry.loginServer}`, }, { name: "DOCKER_REGISTRY_SERVER_USERNAME", value: containerRegistry.adminUsername.apply(username => username), }, { name: "DOCKER_REGISTRY_SERVER_PASSWORD", value: containerRegistry.adminPassword.apply(password => password), }, ], // Reference your Docker image stored in the ACR with the full path // For example: mycontainerregistry.azurecr.io/myapp:latest linuxFxVersion: pulumi.interpolate`DOCKER|${containerRegistry.loginServer}/myapp:latest`, }, httpsOnly: true, // Recommend using HTTPS only for security }); // Export the Web App URL so it can be easily accessed export const endpoint = pulumi.interpolate`https://${webApp.defaultHostName}`;
Let's step through the code:
-
Resource Group: A resource group in Azure acts as a logical container in which you deploy and manage your cloud resources.
-
Container Registry: This is where you store your Docker container images. In this example, we have enabled the admin user on the registry for simplicity, which provides us with a set of credentials we can use to authenticate against the registry.
-
App Service Plan: This is the environment where your web app will live. We're specifying
Linux
as the kind because we'll be using a Docker container, which must run in a Linux environment. -
Web App: This resource represents your web app. The
siteConfig
field is where we configure our app to use a Docker image, pulling from the ACR we've created. TheappSettings
consists of the URL of the Docker registry, along with the admin username and password which are used to pull the Docker image.
At the end of the Pulumi program, we're exporting the Web App's URL so you can navigate to it in a web browser.
To deploy this infrastructure, you would:
- Save this code in a file named
index.ts
. - Run
pulumi up
in the command line in the same directory as your code to create the Azure resources.
Remember, this is a basic configuration. In a production scenario, you should avoid having hard-coded secrets in your code, instead use Pulumi secrets for sensitive data. Also, you may wish to implement a CI/CD pipeline for a robust deployment strategy of your containerized applications.