- Draft: Containerize apps for Azure Kubernetes Service - Thu, Jan 5 2023
- Azure Kubernetes Service vs. Kubernetes cluster - Wed, Aug 26 2020
- Web App for Containers on Azure - Wed, Feb 12 2020
App Service is for hosting web-based applications, REST APIs, web jobs, and mobile backends that are HTTP/S-based in Azure. App Service supports many languages and frameworks including .NET, .NET Core, PHP, Python, Java, and Ruby. App Service leverages cloud capabilities such as load balancing, security (Azure AD, Security Center, ISO, SOC, and PCI compliance, IP restrictions etc.), monitoring, autoscaling, custom domains, and SSL certificates.
One important thing to note about Azure App Service is that when you run your web app in Azure App Service on Linux, it is running a container. Azure App Service on Linux is certainly a good option to host web applications, however, if you have unique custom environment and configuration needs you may run into limitations quickly.
Web App for Containers is a part of the Azure App Service platform and is a great option for developers who need more control over the runtime, framework, tooling, and packages of a web-based application. Web App for Containers will allow you to overcome any limitations related to configuration and environment while still allowing you to leverage the power of and take advantage of the benefits of a PaaS service.
Web App for Containers gives you a way to abstract any underlying container orchestrator such as Kubernetes or Service Fabric. It is a pure PaaS service. Web App for Containers runs a single container and it can run multi-container apps using Docker compose. Note that the multi-container apps functionality is currently in public preview. Web App for Containers supports Linux or Windows Docker containers. It is important to select one or the other up front, as you will need to re-deploy if you want to change this later.
You can deploy images from a private container registry such as Azure Container Registry or a public registry like Docker Hub. Also, Web App for Containers can be used in a CI/CD pipeline with DevOps tools such as Azure DevOps, Maven, Jenkins, and more. Like the standard Azure App Service Web App, Web App for Containers can be scaled vertically (manually) or horizontally (automatically).
Next let’s go ahead and deploy a Web App for Containers instance to show an example of running a specific container in Web App for Containers. We are going to deploy a Web App for Containers instance with an image from Docker Hub. We will use an image for an open source self-hosted file hosting service like Dropbox/OneDrive known as OwnCloud. We will use the following Azure CLI code in Cloud Shell to do this:
Go to https://shell.azure.com/
# Create a resource group
az group create --name CNTRWebAppRG --location centralus
# Create an Azure App Service plan
az appservice plan create --name CNTRAppServicePlan --resource-group CNTRWebAppRG --sku S1 --is-linux
# Create a web app using container from Docker Hub
Subscribe to 4sysops newsletter!
az webapp create --resource-group CNTRWebAppRG --plan CNTRAppServicePlan --name NAMEOFWEBAPPHERE --deployment-container-image-name owncloud
In this post we learned about Microsoft’s Azure App Service Platform, Azure App Service on Linux and its limitations, and how we can use Web App for Containers when we need to further customize the environment, configurations, and frameworks to host our web application. We also explored how to deploy a Web App for Containers instance with a specific container on it. To conclude, Web App for Containers is a good option for hosting your containerized web application on Azure.
I'm wondering how dangerous it is to use a full Paas service to run containers ?
I.e., if the base OS is updated on the platform, I can broke containers execution (because of base image/ host OS compatibility issue).
What do you think of this risk ?
I get the point of abstracting the OS for other kind of web apps, but for containers, this is a concern…
Honestly, imo, you will have risks either way. A container might actually be safer since it *should* be more isolated from the environment. I have seen pure PaaS services break because of framework updates, etc. As a dev, they need to stay on top of things; it is not write once and forget it.
Another benifit is it will make moving platforms easier. It tends to cost more time to go this route, however.