Spaces:
Runtime error
Runtime error
Create app.py
Browse files
app.py
ADDED
|
@@ -0,0 +1,130 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
|
| 2 |
+
# Azure Container Apps
|
| 3 |
+
1. ๐ฅ Users
|
| 4 |
+
- ๐ฅ Inbound Traffic
|
| 5 |
+
|
| 6 |
+
2. ๐ Load Balancer w Public IP
|
| 7 |
+
- ๐ธ๏ธ Virtual Network
|
| 8 |
+
- ๐ Private Endpoints
|
| 9 |
+
- ๐ฆ External Container App env w Ingress IP restrictions
|
| 10 |
+
|
| 11 |
+
3. ๐ Private Endpoints
|
| 12 |
+
- ๐๏ธ Key Vault
|
| 13 |
+
- ๐ข๏ธ Container Registry
|
| 14 |
+
- ๐ Cache for REDIS
|
| 15 |
+
- ๐พ Storage
|
| 16 |
+
- ๐ Service Bus
|
| 17 |
+
|
| 18 |
+
4. ๐ค Outbound Traffic
|
| 19 |
+
- ๐ฅ Firewall
|
| 20 |
+
- ๐บ๏ธ Route Table
|
| 21 |
+
|
| 22 |
+
|
| 23 |
+
## ๐ Azure Container Apps - Outline
|
| 24 |
+
1. ๐ฆ Container Apps Overview
|
| 25 |
+
- ๐ ACA is serverless microservices mashup of Open Source:
|
| 26 |
+
1. ๐ณ Kubernetes: Container
|
| 27 |
+
2. ๐ Dapr: Runtime and API
|
| 28 |
+
3. ๐ KEDA: Kube based autoscaler
|
| 29 |
+
4. ๐ก๏ธ Envoy: Proxy w Endpoint SSL
|
| 30 |
+
- ๐ Service Discovery
|
| 31 |
+
- ๐ฆ Traffic Splitting
|
| 32 |
+
- ๐ Event driven scaling based on traffic
|
| 33 |
+
- ๐ฎ Event source queues
|
| 34 |
+
- โฌ๏ธ Scales down to zero
|
| 35 |
+
- ๐ Long running processes and background tasks
|
| 36 |
+
2. ๐ Environment Internal vs External
|
| 37 |
+
- ๐ External: Public VIP
|
| 38 |
+
- ๐ Internal: VIP and ILB
|
| 39 |
+
3. ๐๏ธ Infrastructure w/ Azure Bicep
|
| 40 |
+
4. โ๏ธ Load Balancing Options
|
| 41 |
+
|
| 42 |
+
|
| 43 |
+
|
| 44 |
+
|
| 45 |
+
# ๐ Azure Bicep vs ๐๏ธ HashiCorp Terraform
|
| 46 |
+
|
| 47 |
+
## Overview
|
| 48 |
+
- Azure Bicep
|
| 49 |
+
- ๐ฏ Domain-specific language (DSL) for deploying Azure resources
|
| 50 |
+
- ๐ผ Developed and maintained by Microsoft
|
| 51 |
+
- ๐ Azure-centric; specifically designed for Azure Resource Manager (ARM) templates
|
| 52 |
+
- HashiCorp Terraform
|
| 53 |
+
- ๐ฏ Open-source infrastructure as code (IaC) tool
|
| 54 |
+
- ๐ผ Developed and maintained by HashiCorp
|
| 55 |
+
- ๐ข Multi-cloud and multi-provider support
|
| 56 |
+
|
| 57 |
+
## Language and Syntax
|
| 58 |
+
- Azure Bicep
|
| 59 |
+
- ๐ Easier, simplified syntax compared to ARM templates
|
| 60 |
+
- ๐ Transpiles to ARM templates
|
| 61 |
+
- HashiCorp Terraform
|
| 62 |
+
- ๐ HashiCorp Configuration Language (HCL); more complex syntax than Bicep
|
| 63 |
+
- ๐๏ธ Uses provider-specific resource definitions
|
| 64 |
+
|
| 65 |
+
## Provider Support
|
| 66 |
+
- Azure Bicep
|
| 67 |
+
- ๐ Limited to Azure services and resources
|
| 68 |
+
- HashiCorp Terraform
|
| 69 |
+
- ๐ฉ๏ธ Supports multiple cloud providers (e.g., AWS, GCP, Azure) and non-cloud services
|
| 70 |
+
- ๐ฆ Extensible through custom providers
|
| 71 |
+
|
| 72 |
+
## Community and Ecosystem
|
| 73 |
+
- Azure Bicep
|
| 74 |
+
- ๐ฑ Growing community focused on Azure resources
|
| 75 |
+
- ๐ Limited to Azure documentation and resources
|
| 76 |
+
- HashiCorp Terraform
|
| 77 |
+
- ๐ณ Mature and established community and ecosystem
|
| 78 |
+
- ๐ Extensive documentation and resources for various cloud providers and platforms
|
| 79 |
+
|
| 80 |
+
## Conclusion
|
| 81 |
+
- Azure Bicep is best suited for organizations and developers primarily focused on Azure resources with a need for a simple, Azure-centric IaC solution.
|
| 82 |
+
- HashiCorp Terraform is ideal for organizations and developers with multi-cloud or multi-provider requirements, as it offers greater flexibility and extensibility across different platforms.
|
| 83 |
+
|
| 84 |
+
|
| 85 |
+
# ๐ฅ Ingress vs Egress
|
| 86 |
+
|
| 87 |
+
1. ๐ฅ Ingress
|
| 88 |
+
- ๐ External Traffic
|
| 89 |
+
- Incoming traffic from users, clients, or other services outside the network
|
| 90 |
+
- Accessing resources within the network or system (e.g., API, web services)
|
| 91 |
+
- ๐ Internal Traffic
|
| 92 |
+
- Communication between components within the network or system (e.g., microservices)
|
| 93 |
+
- Typically restricted access for improved security
|
| 94 |
+
|
| 95 |
+
2. ๐ค Egress
|
| 96 |
+
- ๐ External Traffic
|
| 97 |
+
- Outgoing traffic from the network or system to users, clients, or other services
|
| 98 |
+
- Sending responses or data to external entities
|
| 99 |
+
- ๐ Internal Traffic
|
| 100 |
+
- Communication between components within the network or system (e.g., microservices)
|
| 101 |
+
- Typically restricted access for improved security
|
| 102 |
+
|
| 103 |
+
For Ingress: Azure Container Apps supports HTTPS and TCP types of ingress.
|
| 104 |
+
|
| 105 |
+
With HTTPS ingress enabled container apps support TLS, HTTP/1.1 and 2, Websocket, gRPC. TLS1.2 is used for HTTPS. Endpoints expose port 80, 443. 80 is redirected to 443. App accessed on FQDN. Request timeout is 240 seconds.
|
| 106 |
+
|
| 107 |
+
FrontDoor app delivery net provides global load balanceand site acceleration similar to L7. Available in Std and Premium.
|
| 108 |
+
|
| 109 |
+
|
| 110 |
+
|
| 111 |
+
|
| 112 |
+
# Terraform Import:
|
| 113 |
+
|
| 114 |
+
|
| 115 |
+
|
| 116 |
+
Usage: terraform import ADDR ID
|
| 117 |
+
|
| 118 |
+
|
| 119 |
+
# Azure Container Registry
|
| 120 |
+
Admin user - enable to access via CLI
|
| 121 |
+
|
| 122 |
+
Name and Resource Group
|
| 123 |
+
Location (Central) -
|
| 124 |
+
|
| 125 |
+
# Github Actions YAML:
|
| 126 |
+
|
| 127 |
+
1. Azure Build Docker Image, Push ACR
|
| 128 |
+
2. Azure Container App Deploy
|
| 129 |
+
3. Dockerfile (Image Push)
|
| 130 |
+
|