As we are discussing planning of your transition and adoption to a cloud platform, the modernization of your current applications using container technology is major role of the discussions. In that there are various cloud service providers in place. For now, we have seen how to run the container on google cloud, now it’s time to think about what another vendor’s is and how to deploy our container in that. This is various reason, what is if your organization plan for multi-cloud or different environment/team required multiple cloud technologies. All won’t be same always, there may be different requirements too. For that will see new leading cloud service provider Microsoft Azure.
Microsoft Azure is one of the good place to run your containers. It has several offerings and developers can get help from the ecosystem to build their DevOps scenarios to deploy containers, using Microsoft Visual Studio, Windows Server, and Microsoft Azure. If you value consistency, having the same vendor to cover the development, hosting, and cloud solution is a vital point to be considered when planning your journey to the cloud. One of the first components that your company could start taking advantage of with Azure Cloud is the Registry. Azure has the Azure Container Registry (ACR) service, which is a private registry. It is a managed service, which means that your focus is what really matters: manage images in a private and secure registry taking advantage of Azure logging capabilities, RBAC (role based access control), replication, and high availability.
Create Azure Container Registry
To create the registry, Login to the portal, click on Create a Resource, and type container on the search box, select Container Registry from the list. In the initial page, an overview of the service that we are about to start the creation of will be displayed. Click on Create.
In the Create container registry we have two option, first one is the unique name that will be used by the container registry, and the second is the SKU, which could be Basic (supports 10GB storage), Standard (100GB storage) or Premium (500GB storage and geo-replication capabilities. There are some differences in download and upload bandwidth limits for the SKUs, as well number of webhooks.
|Basic||A cost-optimized entry point for developers learning about Azure Container Registry. Basic registries have the same programmatic capabilities as Standard and Premium (Azure Active Directory authentication integration, image deletion, and web hooks), however, there are size and usage constraints.|
|Standard||The Standard registry offers the same capabilities as Basic, but with increased storage limits and image throughput. Standard registries should satisfy the needs of most production scenarios.|
|Premium||Premium registries have higher limits on constraints, such as storage and concurrent operations, including enhanced storage capabilities to support high-volume scenarios. In addition to higher image throughput capacity, Premium adds features like geo-replication for managing a single registry across multiple regions, maintaining a network-close registry to each deployment.|
Select the Resource Group and Location, and click on Create when ready to continue.
All tiers (SKUs) have programmatic capabilities, Azure AD (Active Directory) integration, webhooks, image management, and support Windows and Linux images. The Premium with its geo-replication allows the user to retrieve the image from the closest datacenter. This is a great option for distributed users that need to access the registry.
After the Azure Container Registry creation, we can check it in Overview. On the right side within the Essentials section, we will be able to check some key settings like Login Server, which is the name that we are going to use when using docker client, as well the location and SKU, limits and metrics
Configure replication (Only for premium SKU’s)
As part of being a managed service, the Azure Container Registry allows the use of replication when using the Premium SKU. It will keep all locations configured as replicas with the same content and when clients try to download the images, the closest location will be used.
To manage replications, click on Replications item located on the left side. A world map will be displayed, and the current region will be checked. Click on Add and select a new location. In our case, we are going to select Central india and then click on Create.
Note: The existent locations are automatically grayed out from the list.
After the replication is configured, once you refreshed the page, result will be our world map with Azure Regions spread around the globe with two checks, which are the datacenters that we selected as replicas.
So far, we explored how to create an Azure Container Registry and some features such as replication. Now, let’s focus more on the basics and find out how to push (upload) and pull (download) images from our private Azure Container Registry.
The first step is to retrieve our administrator username, which by default is the name of the registry and the password that is generated automatically during the creation. Like a storage account, an Azure Container Registry will have two keys to access the registry and they can be re-created at any time by using the “refresh” button located on the right of the password field.
Time to use Docker to connect to the registry and play with images. The first step is to install the Azure CLI, which can be found here.
Login using az login and in new web browser page enter the azure credentials to connect the resources. Once authenticated, you can see the JSON output with your subscription and some other related info.
Now connect with Azure Container Registry, for that, we will use Docker to log in using the Docker login –username <username> –password <password> <RegistryURL>. This command in action against our registry. We are going to use an existent local image to push our first image. To retrieve the list of existent images we can use Docker images.
Note: Since the Registry is empty, we will use one of the local images to push to the registry. When using a repository from the docker we need to use the following syntax: RegistryName/RepositoryName:Version
When importing a local image, the first step is to define a tag, and we will use the following Docker command docker tag <image> <Azure-Registry.azurecr.io>/<image>:<version>, and after executing that command, we can list the images again and we will have a new entry as depicted in the image below.
To push the image that we have just tagged, we can run the following Docker client command docker push <Azure-Registry-Name.azurecr.io>/<image>:<version> and that would be enough to push that given image to Azure Container Registry.
After pushing the first image, we can check out the results using Azure Portal. All tags will be listed. Click on version, which was what we defined and we can check key information, such as repository name, tag name, platform and digest for that image, as well the manifest file, which is used when pulling and running containers.
Now that we have an image in our repository, it is time to pull to the local registry. To pull the image, just run docker pull <Azure-Name.azurecr.io>/<Image>:<version> and run Docker images to check the image pulled successful.
Note: Before doing that, we deleted the image from the local registry.
Automate using Jenkins
Setup Jenkins Credentials
Before start install “Azure Credentials”, then Choose “Credentials” from the sidebar, then choose “System” à “Global credentials” (you can choose other domains as well) and click “Add Credentials”.
Select “Microsoft azure container service” and fill the required details for authentication.
If your docker already works with Jenkins, you can skip this step. Or please refer
In https://foxutech.com/how-to-add-jenkins-slave-to-master/ docker on slave section. And make sure docker is installed and running.
Setup Jenkins Job to Push Image
Now it is time to create the Jenkins job. Create a freestyle Jenkins job and fill other settings with your needs (such as git repository, parameters, etc.). In the build steps, you can add Docker commands to build and push / pull docker images.
For push / pull command, Fill the parameters like this:
- Name of the image to push/pull: image name, e.g. testapp
- Tag: image tag, Jenkins variables can be used, e.g. build-$BUILD_NUMBER
- Registry: the registry name on ACR without https, e.g. <Azure-Name.azurecr.io>
- Docker registry URL: ACR URL, use <Azure-Name.azurecr.io>
- Registry credentials: Choose the credentials we created in “Setup Jenkins Credentials” section
That’s all of it! Now you can try to build this Jenkins job and it will automatically push the image to ACR.