# Azure Container Apps 1. đŸ‘Ĩ Users - đŸ“Ĩ Inbound Traffic 2. 🌐 Load Balancer w Public IP - 🕸ī¸ Virtual Network - 🔒 Private Endpoints - đŸ“Ļ External Container App env w Ingress IP restrictions 3. 🔒 Private Endpoints - 🗝ī¸ Key Vault - đŸ›ĸī¸ Container Registry - 🚀 Cache for REDIS - 💾 Storage - 🚍 Service Bus 4. 📤 Outbound Traffic - đŸ”Ĩ Firewall - đŸ—ēī¸ Route Table ## 🌐 Azure Container Apps - Outline 1. đŸ“Ļ Container Apps Overview - 🌟 ACA is serverless microservices mashup of Open Source: 1. đŸŗ Kubernetes: Container 2. 🚀 Dapr: Runtime and API 3. 📈 KEDA: Kube based autoscaler 4. 🛡ī¸ Envoy: Proxy w Endpoint SSL - 🔍 Service Discovery - đŸšĻ Traffic Splitting - 📊 Event driven scaling based on traffic - 📮 Event source queues - âŦ‡ī¸ Scales down to zero - 🔄 Long running processes and background tasks 2. 🌍 Environment Internal vs External - 🌐 External: Public VIP - 🔒 Internal: VIP and ILB 3. 🏗ī¸ Infrastructure w/ Azure Bicep 4. ⚖ī¸ Load Balancing Options # 🌐 Azure Bicep vs 🏗ī¸ HashiCorp Terraform ## Overview - Azure Bicep - đŸŽ¯ Domain-specific language (DSL) for deploying Azure resources - đŸ’ŧ Developed and maintained by Microsoft - 🌐 Azure-centric; specifically designed for Azure Resource Manager (ARM) templates - HashiCorp Terraform - đŸŽ¯ Open-source infrastructure as code (IaC) tool - đŸ’ŧ Developed and maintained by HashiCorp - đŸĸ Multi-cloud and multi-provider support ## Language and Syntax - Azure Bicep - 📝 Easier, simplified syntax compared to ARM templates - 🚀 Transpiles to ARM templates - HashiCorp Terraform - 📝 HashiCorp Configuration Language (HCL); more complex syntax than Bicep - 🗂ī¸ Uses provider-specific resource definitions ## Provider Support - Azure Bicep - 🔒 Limited to Azure services and resources - HashiCorp Terraform - 🌩ī¸ Supports multiple cloud providers (e.g., AWS, GCP, Azure) and non-cloud services - đŸ“Ļ Extensible through custom providers ## Community and Ecosystem - Azure Bicep - 🌱 Growing community focused on Azure resources - 📚 Limited to Azure documentation and resources - HashiCorp Terraform - đŸŒŗ Mature and established community and ecosystem - 📚 Extensive documentation and resources for various cloud providers and platforms ## Conclusion - Azure Bicep is best suited for organizations and developers primarily focused on Azure resources with a need for a simple, Azure-centric IaC solution. - HashiCorp Terraform is ideal for organizations and developers with multi-cloud or multi-provider requirements, as it offers greater flexibility and extensibility across different platforms. # đŸ“Ĩ Ingress vs Egress 1. đŸ“Ĩ Ingress - 🌐 External Traffic - Incoming traffic from users, clients, or other services outside the network - Accessing resources within the network or system (e.g., API, web services) - 🔒 Internal Traffic - Communication between components within the network or system (e.g., microservices) - Typically restricted access for improved security 2. 📤 Egress - 🌐 External Traffic - Outgoing traffic from the network or system to users, clients, or other services - Sending responses or data to external entities - 🔒 Internal Traffic - Communication between components within the network or system (e.g., microservices) - Typically restricted access for improved security For Ingress: Azure Container Apps supports HTTPS and TCP types of ingress. With HTTPS ingress enabled container apps support TLS, HTTP/1.1 and 2, Websocket, gRPC. TLS1.2 is used for HTTPS. Endpoints expose port 80, 443. 80 is redirected to 443. App accessed on FQDN. Request timeout is 240 seconds. FrontDoor app delivery net provides global load balanceand site acceleration similar to L7. Available in Std and Premium. # Terraform Import: ![image](https://user-images.githubusercontent.com/30595158/231140616-a6089091-e195-451a-95e5-54ea3c94fe80.png) Usage: terraform import ADDR ID # Azure Container Registry Admin user - enable to access via CLI Name and Resource Group Location (Central) - # Github Actions YAML: 1. Azure Build Docker Image, Push ACR 2. Azure Container App Deploy 3. Dockerfile (Image Push)