Spaces:
Runtime error
Runtime error
File size: 4,390 Bytes
ae53587 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 |
# Azure Container Apps
1. ๐ฅ Users
- ๐ฅ Inbound Traffic
2. ๐ Load Balancer w Public IP
- ๐ธ๏ธ Virtual Network
- ๐ Private Endpoints
- ๐ฆ External Container App env w Ingress IP restrictions
3. ๐ Private Endpoints
- ๐๏ธ Key Vault
- ๐ข๏ธ Container Registry
- ๐ Cache for REDIS
- ๐พ Storage
- ๐ Service Bus
4. ๐ค Outbound Traffic
- ๐ฅ Firewall
- ๐บ๏ธ Route Table
## ๐ Azure Container Apps - Outline
1. ๐ฆ Container Apps Overview
- ๐ ACA is serverless microservices mashup of Open Source:
1. ๐ณ Kubernetes: Container
2. ๐ Dapr: Runtime and API
3. ๐ KEDA: Kube based autoscaler
4. ๐ก๏ธ Envoy: Proxy w Endpoint SSL
- ๐ Service Discovery
- ๐ฆ Traffic Splitting
- ๐ Event driven scaling based on traffic
- ๐ฎ Event source queues
- โฌ๏ธ Scales down to zero
- ๐ Long running processes and background tasks
2. ๐ Environment Internal vs External
- ๐ External: Public VIP
- ๐ Internal: VIP and ILB
3. ๐๏ธ Infrastructure w/ Azure Bicep
4. โ๏ธ Load Balancing Options
# ๐ Azure Bicep vs ๐๏ธ HashiCorp Terraform
## Overview
- Azure Bicep
- ๐ฏ Domain-specific language (DSL) for deploying Azure resources
- ๐ผ Developed and maintained by Microsoft
- ๐ Azure-centric; specifically designed for Azure Resource Manager (ARM) templates
- HashiCorp Terraform
- ๐ฏ Open-source infrastructure as code (IaC) tool
- ๐ผ Developed and maintained by HashiCorp
- ๐ข Multi-cloud and multi-provider support
## Language and Syntax
- Azure Bicep
- ๐ Easier, simplified syntax compared to ARM templates
- ๐ Transpiles to ARM templates
- HashiCorp Terraform
- ๐ HashiCorp Configuration Language (HCL); more complex syntax than Bicep
- ๐๏ธ Uses provider-specific resource definitions
## Provider Support
- Azure Bicep
- ๐ Limited to Azure services and resources
- HashiCorp Terraform
- ๐ฉ๏ธ Supports multiple cloud providers (e.g., AWS, GCP, Azure) and non-cloud services
- ๐ฆ Extensible through custom providers
## Community and Ecosystem
- Azure Bicep
- ๐ฑ Growing community focused on Azure resources
- ๐ Limited to Azure documentation and resources
- HashiCorp Terraform
- ๐ณ Mature and established community and ecosystem
- ๐ Extensive documentation and resources for various cloud providers and platforms
## Conclusion
- Azure Bicep is best suited for organizations and developers primarily focused on Azure resources with a need for a simple, Azure-centric IaC solution.
- HashiCorp Terraform is ideal for organizations and developers with multi-cloud or multi-provider requirements, as it offers greater flexibility and extensibility across different platforms.
# ๐ฅ Ingress vs Egress
1. ๐ฅ Ingress
- ๐ External Traffic
- Incoming traffic from users, clients, or other services outside the network
- Accessing resources within the network or system (e.g., API, web services)
- ๐ Internal Traffic
- Communication between components within the network or system (e.g., microservices)
- Typically restricted access for improved security
2. ๐ค Egress
- ๐ External Traffic
- Outgoing traffic from the network or system to users, clients, or other services
- Sending responses or data to external entities
- ๐ Internal Traffic
- Communication between components within the network or system (e.g., microservices)
- Typically restricted access for improved security
For Ingress: Azure Container Apps supports HTTPS and TCP types of ingress.
With HTTPS ingress enabled container apps support TLS, HTTP/1.1 and 2, Websocket, gRPC. TLS1.2 is used for HTTPS. Endpoints expose port 80, 443. 80 is redirected to 443. App accessed on FQDN. Request timeout is 240 seconds.
FrontDoor app delivery net provides global load balanceand site acceleration similar to L7. Available in Std and Premium.
# Terraform Import:
Usage: terraform import ADDR ID
# Azure Container Registry
Admin user - enable to access via CLI
Name and Resource Group
Location (Central) -
# Github Actions YAML:
1. Azure Build Docker Image, Push ACR
2. Azure Container App Deploy
3. Dockerfile (Image Push)
|