I would like to configure continuous integration from VSTS to Azure Container Registry and then to WebApp.
Here's my docker-compose.yml file: As you can see I'm using an Asp.Net core + mssql.
version: '3'
services:
api:
image: tbacr.azurecr.io/myservice/api
container_name: api
build:
context: ./Api
dockerfile: Dockerfile
ports:
- "8000:80"
depends_on:
- db
db:
image: "microsoft/mssql-server-linux"
container_name: mssql
environment:
SA_PASSWORD: "testtest3030!"
ACCEPT_EULA: "Y"
MSSQL_PID: "Developer"
ports:
- "127.0.0.1:8001:1433"
I have pushed my image using VSTS to Azure Container Registry.
Here's my Azure Container Registry:
But when I try to open URI in browser - I get an error message:
Service Unavailable which is HTPP 503 code.
Should I configure something more?
I think you can only deploy one container to an App Service. You have two images in your docker-compose file. You might consider using either the "Azure SQL Database" or the "Azure Database for MySQL" if you need a database.
You can set up continuous deployment of a custom image from your Azure Container Registry by right clicking the tag of an image in the repository and choose "deploy to web app". Every time you update the image also the web app will be updated.
If you want to deploy Microservices use Service Fabric, Azure Container Service (ACS) or Azure Kubernetes Service (AKS).
PS: You have uploaded the image of the App Service, not of the Container Registry.
Related
I've tried so many different things here, so i'm super excited to see what the issue is :) (but, im assuming it's something silly on my end)
Here's the pertinent bit of my GitHub actions YML:
deploy:
name: Update Azure App Service
needs: [tests]
runs-on: ubuntu-latest
steps:
- name: Deploy to Azure
uses: azure/webapps-deploy#v2
with:
app-name: $APP_SERVICE_NAME
images: $IMAGE_NAME
publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
GitHub actions logs (debug mode):
##[debug]Evaluating condition for step: 'Deploy to Azure'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: Deploy to Azure
##[debug]Loading inputs
##[debug]Evaluating: secrets.AZURE_WEBAPP_PUBLISH_PROFILE
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'AZURE_WEBAPP_PUBLISH_PROFILE'
##[debug]=> '***'
##[debug]Result: '***'
##[debug]Loading env
Run azure/webapps-deploy#v2
::add-mask::***
::add-mask::***
##[debug][GET] https://SNIP.scm.azurewebsites.net:443/diagnostics/runtime
##[debug]loaded affinity cookie ["ARRAffinity=SNIP;Path=/;HttpOnly;Secure;Domain=SNIP-qa-ause.scm.azurewebsites.net","ARRAffinitySameSite=SNIP;Path=/;HttpOnly;SameSite=None;Secure;Domain=SNIP.scm.azurewebsites.net"]
##[debug]getAppRuntime. Data: {"statusCode":200,"statusMessage":"OK","headers":{"connection":"close","content-type":"application/json; charset=utf-8","date":"Fri, 22 Jul 2022 06:27:05 GMT","server":"Kestrel","set-cookie":["ARRAffinity=SNIP;Path=/;HttpOnly;Secure;Domain=app-be-SNIP.scm.azurewebsites.net","ARRAffinitySameSite=SNIP;Path=/;HttpOnly;SameSite=None;Secure;Domain=app-be-SNIP.azurewebsites.net"],"transfer-encoding":"chunked"},"body":{"nodejs":[],"system":{"os_name":"Unix 4.15.0.169","os_build_lab_ex":"","cores":2}}}
##[debug]App Runtime OS: Unix 4.15.0.169
Error: Deployment Failed with Error: Error: Publish profile is invalid for app-name and slot-name provided. Provide correct publish profile credentials for app.
##[debug]Deployment failed
##[debug]Node Action run completed with exit code 1
##[debug]AZURE_HTTP_USER_AGENT='GITHUBACTIONS_DeployWebAppToAzure_0d7e9cbfcd2b52a8a34111a0798ab22d77203fc1f56b2732d2431bfaeb336577'
##[debug]AZURE_HTTP_USER_AGENT=''
##[debug]Finishing: Deploy to Azure
The obvious solution here is what the error says: secret is wrong. It's not. I've added secret to GitHub repository, with the value of the Azure App Service. Done this twice, to make sure i've downloaded it correct, and copied as is.
Other things i've tried:
Tried setting WEBSITE_WEBDEPLOY_USE_SCM to true in the App Service configuration.
Tried setting slot-name to Production in the GitHu action step (even though, there is no slots here)
Other things, that might help solve my problem:
I'm building a .NET image as a Docker image, and pushing this to Azure Containr Registry. I'm then trying to 'update' this, in Azure App Service
The Azure App Service is running Linux, not Windows
"Deployment Center" in App Service still has "Source: Container Registry", pinned to a static image. This is because this was required when i setup App Service. But i assume that my GitHub actions builds will override this?
Any help would be great. :) Thanks in advance!
EDIT
I know i can:
Push to a constant tag, e.g latest
Set the image name to latest in Azure App Service
Set continuous deployment to "on" in Azure App Service
And this will automatically update App Service, because of the webhook.
But this will not help production scenarios, as i need to create different image tags, for different versions i can rollback. Since the version is different, i can't "pin" to a constant tag. Therefore, i need some kind of task to update Azure App Service with a specific tag. I'd prefer to have the same CI for dev/prod.
I have a azure webapp Container , and azure container registry
The app is up and can pull image from acr when no security enabled (private endpoint)
If i enable private endpoint in the web app , the web app cannot pull the image from ACR
this is the logs from Azure DevOps
2021-06-28T07:37:06.7931299Z Single-container Deployment to the webapp 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' as only the image detail was specified.
2021-06-28T07:37:07.0710385Z Trying to update App Service Configuration settings. Data: {"appCommandLine":null,"linuxFxVersion":"DOCKER|XXXXXXXXXXXXXXX.azurecr.io/XXXXXXXXXXXXXX:976"}
2021-06-28T07:37:14.0740862Z Updated App Service Configuration settings.
2021-06-28T07:37:14.0742609Z Restarting App Service: XXXXXXXXXXXXXXXXXXX
2021-06-28T07:37:14.3232789Z App Service 'XXXXXXXXXXXXXXXXXXXX' restarted successfully.
2021-06-28T07:37:15.3657905Z ##[warning]Error: Failed to update deployment history. Error: Ip Forbidden (CODE: 403)
2021-06-28T07:37:15.7454935Z App Service Application URL: https://XXXXXXXXXXXXXXXXXXXXXXXXXXX
2021-06-28T07:37:15.7532798Z ##[section]Finishing: Azure Web App on Container Deploy: XXXXXXXXXXXXXXXXXXXXXXXXXXXX
In the log in Azure Portal, the web app looks consider the ACR registry as Docker hub:
2021-06-28T08:06:54.100Z INFO - Pulling image from Docker hub: XXXXXXXXXXXXXXXXXXXXX
2021-06-28T08:06:54.201Z ERROR - DockerApiException: Docker API responded with status code=InternalServerError, response={"message":"Get https://XXXXXXXXXXXXXXXXXXXXXXXXXXX/v2/XXXXXXXXXXXXX/manifests/976: unauthorized: authentication required, visit https://aka.ms/acr/authorization for more information."}
2021-06-28T08:06:54.203Z ERROR - Image pull failed: Verify docker image configuration and credentials (if using private repository)
2021-06-28T08:06:54.205Z INFO - Stopping site XXXXXXXXXXXXXXXXXXXXXX because it failed during startup.
this is my AzureDevops step :
Any idea to resolve that ?
The problem is that you don't have permission to pull the image from ACR. ACR is a private registry, so you need to set the credential of ACR for the Web App. And Azure Web App for container uses the environment variables to set the credential for the private registry. Here are the variables for the ACR:
DOCKER_REGISTRY_SERVER_USERNAME - The username for the ACR server.
DOCKER_REGISTRY_SERVER_URL - The full URL to the ACR server. (For
example, https://my-server.azurecr.io.)
DOCKER_REGISTRY_SERVER_PASSWORD - The password for the ACR server.
And in the DevOps, you set the variables like this:
I'm using the Python 3.8 SDK for Azure service bus, (azure-servicebus v. 0.50.3). I use the following code to send a message to a topic ...
service = ServiceBusService(service_namespace,
shared_access_key_name=key_name,
shared_access_key_value=key_value)
msg = Message(json.dumps({'type': 'my_message'}))
service.send_topic_message(topic_name, msg)
How do I create a Docker image that runs the service bus with a topic or two already created? I found this image
version: '3.7'
services:
azure_sb:
container_name: azure_sb
image: microsoft/azure-storage-emulator
tty: true
restart: always
ports:
- "10000:10000"
- "10001:10001"
- "10002:10002"
but I'm unclear how to connect to it using the code I have or if the above is even a valid service bus image.
Azure Service Bus does not provide a docker image. The image that you are using (microsoft/azure-storage-emulator) is for the Azure Storage system, which can provide similar queuing capabilities with Azure Storage Queues. For more details check out How to use Azure Queue storage from Python.
If you need to use Azure Service Bus locally, check out the GitHub Issue: Local Development story?. TLDR: Use AMQP libraries and connect to another AMQP provider for local, and swap out for Service Bus in production.
I'm new to the Azure AKS and docker. I followed the steps in this article.
Finally, I compleated all the steps and got this status.
But the external IP is not giving the actual output. I checked in the Azure portal, The container status is waiting. Am I missing anything here?
Authentication will be needed to pull the images from ACR. We have to create a docker-registry secret for authentication. To do this, open Cloud Shell on the Azure Portal and run the command below.
> kubectl create secret docker-registry mysecretname --docker-server=myacrname.azurecr.io --docker-username=myacrname--docker-password=myacrpwd --docker-email=myportalemail
Don’t forget to change your password and email address.
To access your password go to your Azure Container Registry go to
https://portal.azure.com/ » Your Container registry » Access keys
Finally make sure that docker image url in the you kubernetes yaml file is right
https://github.com/husseinsa/kubernetes-multi-container-app/blob/master/k8/frontend.yaml
https://github.com/husseinsa/kubernetes-multi-container-app/blob/master/k8/backend.yaml
spec:
containers:
- name: backend
image: mywebregistry.azurecr.io/backend:v1
ports:
- containerPort: 80
put your image url in asure container registry
i am running multi layered container app in azure using an app service call "web app for containers".
i have blob storage account where i want my data to be saved,
and i am trying to attach it to my app container.
i configured the "path mapping" for my container with the following parameters:
{ name : AppDataVol , mouth path: /var/appdata, type:azureBlob ,AccountName:"*****" ,share name:"test-container" }
and... it seems to be ignored data do not persist it doesn't reach my storage volume,
and on restart everything gone...
i don't know what i am doing wrong i have been at it for almost a week!
below is my docker-compose file, to make it simple i removed the other services
please help me :(
version: '3'
services:
app:
container_name: best-app-ever
image: 'someunknowenregistry.azurecr.io/test/goodapp:latest'
restart: always
build: .
ports:
- '3000:3000'
environment:
- NODE_ENV=production
volumes:
- AppDataVol:/appData
volumes:
AppDataVol:
As my answer explained in your previous problem, mount Azure Blob storage to your container would work for you. But you need to understand the caution:
Linking an existing directory in a web app to a storage account will
delete the directory contents. If you are migrating files for an
existing app, make a backup of your app and its content before you
begin.
It means if the directory of the image already has files, then the mount action will delete the existing files in it, not persist them. So mount the Blob Storage to the container, you should find the directory which is empty and will have files when the image comes into a container, then mount the blob storage to it.