Understanding Advance features of Elastic Container Registry (ECR)

In the last blog post, we discussed about Amazon’s docker container image repository service, Elastic Container Registry (ECR). We learned how to create ECR, push and pull images and other basic operations. In this blog post, we’ll discuss about advanced features such as scan on push, lifecycle policies, etc. We’ll learn what these features are about, and how to turn them on or off.

Image tag Mutability

You can configure a repository to be immutable to prevent image tags from being overwritten. After the repository is configured for immutable tags, an ImageTagAlreadyExistsException error is returned, if you attempt to push an image with a tag that is already in the repository.

Read More »

Working with Elastic Container Registry (ECR) – Covering Basics

Amazon Elastic Container Registry or ECR is one of the services hosted by Amazon Web Services (AWS). ECR provides both private and public repositories for storing container images. It integrates well with AWS CLI to push, pull and manage Docker images, Open Container Initiative (OCI) images, and OCI compatible artifacts. Both public ECR and private ECR, provides almost same features. However private ECR, as the name indicates, provides more security features for enterprises as all communication needs to be authenticated first. This is a first one in series of blog posts on the Amazon ECR, where we’ll cover the basics of getting started. In later blog posts, we’ll discuss how to operate and utilize various features in ECR, cover some security and monitoring considerations and some automation as well.

Read More »

Best Practices for Writing Dockerfiles

Over the last few years, adoption of Docker and Kubernetes has grown in leaps and bounds. Vast majority of developers is developing microservices and deploying them into containers. One of the most important aspect that people do not realize is that, the containers needs to be lightweight in nature. Also, while building containers, one needs to account for certain aspects like reducing build time while doing incremental builds, produce images in consistent ways, performing clean builds, maintain them properly, etc. To achieve all this, one needs to follow certain practices while writing Dockerfiles.
Read More »

Run Azure DevOps Private Agents in Kubernetes Clusters

Since in last post, we discussed on how to run Azure Pipelines agents as docker containers and configure them accordingly, the next step would be to run them on the Kubernetes platform. This kubernetes cluster can be on-premise and/or cloud and could be self managed or managed by the cloud service provider itself.

One of the reasons you may want to run them on Kubernetes is because you want better utilization of your kubernetes cluster. Another reason might be to leverage your existing knowledge of the kubernetes platform and work on it. Another reason would be to not use Microsoft hosted agents, as by default you would get only 1800 minutes of agent time to utilize, for free accounts.
Read More »

Running Azure DevOps private agents as docker containers

To run the build or deployment jobs in Azure DevOps or Azure Pipelines (formerly known as TFS and VSTS respectively), an agent is required. Microsoft provides the different types of the agents and they are hosted and managed by Microsoft only. However, it is advisable to host your own private agent for various reasons other than the cost. Microsoft provides the facility of installing agent on various OS’es like Windows, Linux, Mac OS etc. They have done a good job in terms of documentation, however you still need to perform few steps in order to set it up correctly.
Read More »

Configure CI/CD in Azure Pipelines to deploy docker containers as Azure Web App

Few days back, we learned about how to publish Azure Container Instances where-in we can deploy either a container or group of containers and use the same. Azure Web App for Containers allows you to not only run your containers but it also brings forth the PaaS innovations for the Web App. So it brings best of the both worlds together. It also allows you to not worry about the maintaining an container orchestrator mechanism. You can prefer to package their code and dependencies into containers using various CI/CD systems like Jenkins, Maven, Travis CI or VSTS, alongside setting up continuous deployment web hooks with App Service.

In this blog post we’ll learn more about how to deploy .NETCore application packaged as docker container and using CI/CD in Azure Pipelines (Formerly VSTS).Read More »

Configure CI/CD for Azure Container Instances using Azure / Azure DevOps Pipelines

Containers are fast becoming the preferred way to package, deploy, and manage cloud applications. Azure Container Instances offers the fastest and simplest way to run a container in Azure, without having to manage any virtual machines and without having to adopt a higher-level service.

Azure Container Instances is a great solution for any scenario that can operate in isolated containers, including simple applications, task automation, and build jobs. Also, Azure Container Instances supports the deployment of multiple containers onto a single host by using a container group aka pods in terms of Kubernetes. Multi-container container groups or Pods are useful when building an application sidecar for logging, monitoring, or any other configuration where a service needs a second attached process.
Read More »

Use SSL Certificates for Dotnet Core Application in Docker Containers

Using SSL to secure incoming and outgoing traffic from your server is always recommended. When you are developing locally or testing on a server, whether it is Windows or Macintosh or some distribution of Linux like CentOS, fedora, Ubuntu etc, its easy to put the certificate in one of the local directories and then ask server to use the same. However this becomes a little bit different if you are using Containers. Since Docker is the most popular container technology, it has become almost synonymous with containers. When using containers, you can many choices:
1) Map a local volume containing certificate files to the container and then refer to it from inside container
2) Copy certificate directly inside Container during image build process and then refer to it Read More »