I am using gitlab container registry and azure app service. in the app service I pull container from gitlab and serve it as a service. My problem is I push the new image from gitlab-ci.yaml to app's container settings but the problem is it clears up the login and password info under container settings, each time I push a new container version. So, I have to type my gitlab deploy token in the container settings page. How can I prevent this? Thanks. See the image
Here agree with CSharpRocks, according to the official document, we need to use the az webapp config container set command to specify the container registry and the image to deploy for the web app:
az webapp config container set --name <app-name> --resource-group AppSvc-DockerTutorial-rg --docker-custom-image-name <registry-name>.azurecr.io/appsvc-tutorial-custom-image:latest --docker-registry-server-url https://<registry-name>.azurecr.io
For details:
Replace <app_name> with the name of your web app and replace <registry-name> in two places with the name of your registry.
When using a registry other than Docker Hub (as this example shows),
--docker-registry-server-url must be formatted as https:// followed by the fully qualified domain name of the registry.
The message, "No credential was provided to access Azure Container
Registry. Trying to look up..." tells you that Azure is using the
app's managed identity to authenticate with the container registry
rather than asking for a username and password.
If you encounter the error, "AttributeError: 'NoneType' object has no attribute 'reserved'", make sure your <app-name> is correct.
Instead of using this to update your Web App
az webapp create
Try using
az webapp config container set --docker-custom-image-name MyDockerCustomImage --docker-registry-server-password StrongPassword --docker-registry-server-url [] --docker-registry-server-user DockerUserId --name MyWebApp --resource-group MyResourceGroup
Documentation
Related
I've created a Node 14 Web app on Azure. For Publish, I chose Code (not Container). Then I've changed the default container image with az webapp config container set. Question, how can I revert that to the default image (which was NODE|14-lts)?
Running az webapp config container set --docker-custom-image-name 14-lts resets it to DOCKER|14-lts, which is not the same.
Running az webapp config container set --docker-custom-image-name "NODE|14-lts" produces an error.
We have tested in our local environment(created a webapp with Linux as runtime ) below findings are based on the analysis.
If you are using docker container as publish mode then LinuxFxVersion value will be "DOCKER|node:14-lts" you cannot change the value of LinuxFxVersion to "NODE|14-LTS".
If you want "NODE|14-LTS" value in LinuxFxVersion in the site properties
you need change the publish mode from docker container to code mode by using the below cmdlet.
az webapp config set --name <webappName> --resource-group <resourceGroupName> --linux-fx-version 'Node|14-LTS'
I had created my own subscription for Azure App Service. Then I had deployed my app (used CLI)
After that I remove the app, the resource group as well as subscription itself.
Now I got corporate subscription, create App Service via Azure UI and now trying to deploy my app to there.
When I use command
az webapp up --name MyAppName
i get message: The webapp 'MyAppName' exists in ResourceGroup 'MyCorporateGroup' and does not match the value entered 'MyPrivategroup '. Please re-run command with the correct parameters.
When I use command:
az webapp up --name MyAppName --resource-group MyCorporateGroup --subscription MyCorporateSubscription
I get: The plan name entered 'MyCorporateGroup_0' does not match the plan name that the webapp is hosted in 'MyCorporatePlanForAppService'.Please check if you have configured defaults for plan name and re-run command.
And when I use command:
az webapp up --name MyAppName --resource-group MyCorporateGroup --subscription MyCorporateSubscription -p MyCorporatePlanForAppService
i get message: Creating AppServicePlan MyCorporatePlanForAppService ...
(InvalidResourceLocation) The resource 'MyCorporatePlanForAppService' already exists in location 'germanywestcentral' in resource group 'MyCorporateGroup'. A resource with the same name cannot be created in location 'centralus'. Please select a new resource name.
Does anyone know how can i deploy my app to the corporate app service?
Thanks
The problem has been resolved when I remove .AZURE folder from my local machine. And then rebuild the app.
It seems to me you're not changing from one context to another. Try executing the following command before trying to update the web app in your corporate subscription:
az account set -s <corporate-subscription-name-or-id>
I followed the example below and got to the end without error
https://learn.microsoft.com/en-us/azure/aks/quickstart-helm
except that a timeout error occurs for the external IP address below,
http://20.62.159.20/
Any idea?
It is caused by the docker registry credential. The doc does not show you how to set it for the ACR. There are two ways to solve it. One is that you can attach the ACR to the AKS cluster with the CLI command:
az aks update -g mygroup -n myaks --attach-acr myacr
Another way is to use a secret for the ACR. Here are the steps to create the secret with the service principal, you can also use the admin user and password of the ACR. Then change the file values.yaml like this:
imagePullSecrets:
- name: secretName
from Azure we try to create container using the Azure Container Instances with prepared YAML.
From the machine where we execute az container create command we can login successfully to our private registry (e.g private.dev on JFrog Artifactory ) after entering password
docker login private.dev -u svc-faselect
Login succeeded
We have YAML file for deploy, and trying to create container using the az command from the SAME server.
az container create --resource-group FRONT-SELECT-NA2 --registry-login-server="private.dev"
--registry-username=svc-faselect --registry-password="..." --file ads-azure.yaml
An error response is received from the docker registry 'private.dev'. Please retry later.
I have only one image in my YAML file.
I am having real big problem to debug why this error is returned since Error response does not provide any useful information.
Search among the similar network issues but without success:
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-troubleshoot-access
I see few moments that could be the reason of your problem.
There should be no = at az container create options
--registry-login-server --registry-password and --registry-username
https://learn.microsoft.com/en-us/cli/azure/container?view=azure-cli-latest#az_container_create-examples
Command should look like
az container create --resource-group FRONT-SELECT-NA2 --registry-login-server jfrogtraining-docker-dev.jfrog.io --registry-username svc-faselect --registry-password "..." --file ads-azure.yaml
I'm trying to run a multicontainer web app based in two images that I stored in an azure container registry (launched with a docker compose yml custom file) but it fails because the docker-compose proccess cannot get the images due to an "unauthorized: autentication required" response. Both the container registry and the web app belongs to the same resource group.
How can we solve this problem? Thanks in advance.
#jennylwrnce from Azure Developer App Service Team tweeted this:
https://blogs.msdn.microsoft.com/appserviceteam/2018/06/27/use-acr-for-multicontainer-web-app/
So it can be solved via panel.azure.com
enter image description here
You need to configure authentication for the webapp, by default it can only pull public images.
this is the sample command to do that:
az webapp config container set --name <app_name>
--resource-group myResourceGroup
--docker-custom-image-name <azure-container-registry-name>.azurecr.io/mydockerimage
--docker-registry-server-url https://<azure-container-registry-name>.azurecr.io
--docker-registry-server-user <registry-username>
--docker-registry-server-password <password>
https://learn.microsoft.com/en-us/azure/app-service/containers/tutorial-custom-docker-image#use-a-docker-image-from-any-private-registry-optional
this article also talks about how to push to the private repo (ACR) and how to configure it