Getting started with containers on Azure
Welcome. Thanks, to thanks for coming to our session about containers, on Azure the title of the talk is getting, started with containers on Azure we're gonna go into really. Some introduction, to this topic it's a very exciting topic all, of us kind of spend a lot of time talking about containers, with, our customers using Azure just. Real quick introductions, there's three of us here that we'll be talking today my name is Brian Redmond I'm, a cloud architect, on our agile global black ball team so I help customers, adopt. Container, related technology, things like open source and doctor and kubernetes on, our Azure cloud I've. Been at Microsoft for 17 years we can address the last name sort of thing my last name is Redmond I don't, live in Redmond, I live in Pittsburgh and, that's. The way I have to start every talk apparently. So. It's. Real easy transition, for you so I'm Joey Schlachter I'm a cloud architect on Brian's team. Specializing. In open source and containers. And micro services and I'm. From Bel Air Florida, sunny important hence why I'm wearing a sweater, it's freezing in here. Go. Ahead you my. Name is Julia I'm the program manager in, App Services team I'm a p.m. for the olden Linux, related, features I actually live in Redmond, hey. There we go there, we go somebody's. Gotta switch last names we'll do that now all right let's do it yep, so, we're. Big on demos we like to do as many demos as you can I'm a big fan of sessions, that have more demos instead of more slides now we'll do a little bit of slides and talking, really. Early on here and then we have a lot of demos for you we're actually gonna start with the demo except, this demo you're actually going to do do, the actual demo work so what, we're gonna do is we're gonna vote on, the best programming, language I know people are very opinionated about this people have stronger, opinions about this then you, know many really, important world life issues so, what, you're gonna do to make your vote is you're gonna pick one of the phone numbers you can actually vote for any of these and you can vote as many times as you'd like you're, gonna send a text message to that number and your, sentence, that you're gonna describe, your feelings, to describe your vote we're, gonna send that over to Azure cognitive, services and do a sentiment, analysis, and depending.
On If you say something super positive you'll get rated really high you say something super negative your vote is really really. Low so, we convert that on a rating scale of one to five. Here's a little bit about how the application works we're of course using a lot of different components of azure we're. Running this in our IKS cluster or as Roku brunetti service we, have a series of micro services, that are, taking. In a web hook from a Twilio which is a third-party service and one of our partners that. That that really provides these phone numbers and again they're up there on the top right for you to do your vote so do them as much as you can scribble them down you're welcome to vote as much, as you'd like we, do feed that into a serverless, set. Of functions running in the cluster, using. An open-source technology, called open Foss and we, scored against cognitive services as I said and the data ends up in Azure cosmos, dB what. We don't have here is a web application a dashboard to actually see your votes and decide in the, room here collectively, who won, and we can take votes anywhere. Even. On the live stream as well so. We're gonna build a web application we, actually already wrote it thankfully we wouldn't start from scratch with that and we're gonna use containers to. Deliver that application, into Azure and. We're gonna do it really throughout the day all of our demos will involve this sort of web-based. Application, that we're gonna containerize and deploy in a number of different ways sound. Good. Yep. I see a couple yeses, so let's. See let's talk about containers. So. So Brian and I are gonna do a little back and forth here a. Lot. Of what we do is relationship. Counseling, between devs. And IT, ops so. We'll. Have a little back and forth here so as we, start this out so I need. To write code and not. Have to worry about IT all, right and they're restrictions and the restrictions that you put you, give to us Brian yeah, well my job is actually keep the keep the environment up and running see the customers actually want the application to be on and he's, always throwing me new versions of the application, the, customers, you know just, care about the thing being up and running and so it's a difficult sort of scenario he wants it updated all the time I just care about uptime, and we're. Really sort of conflicting, around that and it's very upsetting yeah yeah so, we all know my code is awesome all, right and it always works on my machine and. And. He does write really good code unfortunately, he rarely checks it in and, that's, something we really need but. But, to be honest one of the problems we ran into is it's great that I have the code he sort of throws it over the wall to me but, I really need to actually sit down with him and understand, how it actually gets deployed it's a little bit more complex, than just some big application, and so, we need to be friends kind of sit down together in front of our machine join me and let's work on this let's actually deploy it and get it running correctly. Sometimes. Sometimes, so. We have so many new features and, bug fixes that we're ready, to be deployed but, we're, waiting on you yep. New feature new feature new feature bla bla bla bla bla bla my.
Job, Is actually keep the environment compliant. You know sometimes they they put, some new package in there you know where did it come from you know NPM, install pulls. Things from all over the place what's in there is there any vulnerabilities, in it I not, only have to keep the application, up and running for our customers, but, I actually need to make sure it's compliant I need to make sure that we don't get hacked and be the next sort of big news story I need to keep it up and running for my customers, and so forth and so it's really important, that we, address that as well even though again I really do care about getting the new features there but, I have another important job here it's probably more important than than. Yours. If. You say so. So. Containers. Give, me this okay so you. Know as. We were talking, about that so it's containers, to the rescue all right and so a, quick. Show of hands how many how. Many people are actively using containers right now. All. Right I can get through this blinding, light yeah, I see a spattering, in the crowd okay, all. Right and so how, what. Is a container, exactly, all right so how. VMs, have hardware, virtualization. Containers. Have operating, system virtualization, all right we, have a single kernel shared, by all containers, all. Right, the. The individual container has a view. That is independent, of all the other containers. That are running specifically, amongst that, so. A, virtualization. Versus, containerization. All right virtualization. You have potential conflicts, with your dependencies, you, know. And, you're interacting with the OS whereas a container, it's. All packaged up nicely can, be moved anywhere wherever. You want to. All. Right and so the The Container advant advantage. Specifically. All right a. Low. Utilization of, container resources, in other words hey, I I'm, just, I'm. Just packaging. This app and deploying it wherever I want it to all right all.
Right And then you can have maximized the density, all right so migrate, the containers, and. Their dependencies, and you, want, density. And isolation, so I'm just going to deploy this somewhere and not have to worry about any. Of the other things that are deployed. With that and. Just a ton of cost savings, amongst that and so the. Key here. Specifically. Is immutability. All, right I can just take this and run it anywhere my machine your machine the cloud on-prem, wherever you want to go all, right. All. Right and then as we. Walk into the. Azure container, technology stack specifically. What we've got. Alright. We. Want to embrace you know the containers we want them everywhere across our platform, all right. So. That you can deploy wherever. You want to on any any and all of our services specifically. And so as we look at this we have tons. Of partner services. That. You can leverage some open. Ship news today. All. Right and then you know service broker which will help you deploy those services, and interact. With them all right so. With. That I'm gonna pass, it off to Brian. For, a little. ACR. Demo yeah absolutely so I I we, build these containers, we're talking about all the benefits to them how. Do we how do we actually use them well you do start by building something called a docker file this sort of describes, what the container, is. And what and what actually goes into it when. You use that docker file to actually build an image the image is essentially the source for the container and so I have to store those images somewhere centrally, not only so that they're protected, and we're only using images, that we want to use. But I also need them centrally because I hopefully am deploying them to a number of different services all over my my cloud and potentially, lots. Of clouds and so, with. With with, containers there there's something called a, a registry. And doctor actually is is really the one that created this you, hear a lot about doctor, doctor can mean a lot of different things they. Have various tooling to help you create containers, they also created something called the docker registry it's, an open source project something. That you can download and install on a virtual machine in your environment or anywhere and manage it yourself as. Your container registry is a hosted version of that docker registry so. In Azure, we have a managed, docker. Registry that we manage, it. Without your storage and we store your images so, that there can be available to various services not just in Azure but wherever wherever you want to deploy them it's obviously simple to use them within a sure we. Can manage all kinds of different image types so we support Linux and windows containers, but. You're using that standard docker registry. So, the tooling that you're used to using if you're using docker you, might be using various kubernetes. Tools like. Helm and so forth or maybe you use visual studio team services, or jenkins to deploy your containers, this. This works with those because it's using that standard api so, we're not having some special way of managing. Containers, for you in the cloud it's, just standard docker registry managed. By a j''r but. We do try to take advantage of azure where, we can to make it better and so as an example we, do geo replication, because. We have regions all over the world we can actually distribute your images all over the world and there's, a few different places where. We do that around security and identity to make that possible, I'll, talk a little bit more about that in a moment I'll show it to you in the demo but, before we do we, kind of think of as your container registry is that that central sort of repository, for. Our images as we distribute them to all of those different services you saw Joey put up that slide about all the different places we can use containers in. The cloud, we. Consider, as, your container registry to be the central sort of storage. For those you can create, them through various different models, and, distribute, them to various different services, typically, when we release a service, that supports containers, we make sure it supports Azure container registry first. But. Certainly you can use Azure container registry we could have a block up there for Google, cloud Amazon, Cloud your, cloud it's. Available anywhere. Now. Again one of the things that we do to make it easier to use ACR is, we integrate, Azure Active Directory and so when.
You Log into this docker registry we, don't want another identity, for you another identity. Store and then since it's an open-source platform we, had to integrate the azure ad credentials. And so when I want to do docker push and dr. poll which is how I move. My container to the registry, or retrieve, one I can, use my azure ad credentials, I can log into Azure and then, do an AZ, ACR. Login, which I'll show you here in a moment and then I could start interacting with that registry, and I might as 'read ad credentials, is only gonna let me do that with, registries, that have rights to and that's super powerful we. Do also support service. Principles, which are Azure, service accounts and so, we can also use those to interact with the registry, and that's important when I start to do things like CI. CD and I have some automation, with, the environment I don't need that automation. Tool to be able to grab images. Store. Images and so forth and we use service principles, to do that I. Mentioned. Geo replication. Again. We're storing these images in a natural region when you create a service you're putting in a particular region in this example I'm, out in West US I store an image if, I were to deploy that image in East US or Canada, central or over in Europe I have to pull that all the way across there it's, slow and perhaps more importantly, it costs extra money and so. Geo replication, essentially just automatically. Replicates, it to the regions I choose and then, when they get pulled it just pulls it from the local that the closest possible location. And so. In theory, I would just pick those regions where my applications, are being deployed and they'd always be pulled from the closest location, it's. So easy to set this up I'll show it to you in a moment but you're, just clicking on the map and. Picking, the ones you want it to be replicated to and it just happens there's, not anything else you have to do in. Your sort of environment, to do that, another. Thing that came that came this week actually was announced a new feature to a CR called a CR build and so. Typically, in order to build a dr container you have to have a docker, service. Or dr. Damon in the background to do the build and. So you're setting up these special build environments, you need some to kind of build machine to do that work to have that dr engine available maybe. It's a developer workstation, for some experimenting, but again in an autumn environment, have to have someplace to go do that build well. ACR since, you're gonna be storing, your images in a CR why, not have a CR take care of the build for me as well so I end up doing pushing my code up to the cloud and the build occurs there and of course since I'm already there, easy enough to store the image right, there in a CR and make it available to normal way this. Is very cool technology something I was very excited to see I now use this all the time now I can just be in a in a browser-based shell, as your cloud shell which, I'll show you in a moment and just quickly do a build and have it available and. Just. To give you an idea again before I jump into the demo it looks just like docker build so if I type docker build -, T which stands for image I don't know why - T stands for image.
The. AZ ACR, build uses the same syntax and, there's other parameters, that are typically a part of a build and, we tried to map those sort of end-to-end ACR. Build also supports. Triggers. So you can trigger it off of an update to a git repository. You. Can trigger it off of a dependency. Update so maybe the underlying base image got patched we, can trigger builds off off of that so, I'm going to show you a real quick demo of a CR here and a little bit of a CR build there are certainly more sessions, where you can learn a lot more about. About. A CR build their sessions will point you to at the end of the talk here so. Ready for demos. So. This is my local machine and. If. I was gonna do any kind of container, builds, I have, some images on the local machine and you, can see I have a bunch of different images here I'm always building images I'm speaking at events and I'm, building various images I have to do all of that locally, and if, I wanted to run a particular container, I would type something like docker run, and. It's saying hey you know I'm ready to run you just need to give me an image and so forth you're, gonna see when I switch over to Azure cloud shell how I can't do something like docker run or docker images these commands aren't available to me in that cloud shell and so, that's why it's it's important, you know obviously I can do this locally but I don't really want to be working in this local environment, I don't want to be having to make sure I have these things here for me and so. If I want to interact with with a CR I do an. ACR. List and it show me all of the a droid container registries I have rights to so, I have two in East US and one in East Europe I have. Them all three as the premium, SKU because that's, how I roll and, we're. Gonna basically log into one of these so I do AZ ACR. Login. I have. To give it the resource group. And. I give it the registry, name. It's. Called Breyer ACR, build which stands for two things stands, for the build conference and it also stands for the. The, new feature called build and so now, I'm logged in and if I want to pull an image from from. A CR I'm gonna show you how to do that let me actually show you in the portal the images here. If. I go over and take a look at this registry, I just logged into we're. Gonna pull one of these images. So. This is my portal experience you can see I can see some basic information, about my ACR, my quotas and so forth I click on repository. And. We'll. See an image and we'll pull one of these. And. So. I have this one called. K8s. How am i Ted, this particular tag and so I'm just gonna cut and paste this command a bit to make this easier so you don't have to watch me type. And. So I say doctor pull obviously. Have to have credentials to pull this oh. And. What did we type for on there. Could. Be a typo that doesn't, really matter but obviously I need to have rights to pull that because it's a private registry, and so doing. That that ACA Z ACR log and gives me rights actually pull from that and that takes care of all that credentialing, for me if, I want to push an image up there I could, take one of the images that we have here. And. I could say hey you know I want to take this particular, SMS, ratings that's actually the one that was collecting your votes that, we were doing earlier if, I want to push that up to ACR I first need to tag it, and. So, I do a tag and. Then I do a doctor push. And. So it starts pushing it again I would need rights to do this it's already taken care of that for me this is simple for just a simple interaction, here I did have to build it on my local machine there's, a big process to this and that's not really the kind of the ideal scenario what. We really want to do is actually take advantage of this ACR build and so, in my ad report all I have this this. Utility. Called cloud shell hopefully you're familiar with Azure cloud shell but, it is a virtual.
Shell That's just running in the browser here for me it has all the after tools that I need it's already logged me into my address subscription, makes it very simple for me to take advantage of, anything, that comes available in Azure via the azure CLI, and so I'm now logged in I can do some of the same things like a jure, ACR. List. And. You can see those same ones that I have access to and so in this directory. That. We're using for our demo. I'm. Going to show you a quick docker file and we're gonna build it. And. So. Very simplistic sort of format if you haven't seen a doctor file before I mean typically it's just start with this source image copy, in this particular source code run. These various components to get the application, installed and essentially this is where the app starts and I would normally type something at this point like docker. Build and typically, when you do that you're gonna see a message, like this. Hey. Doctor isn't running here and because, this is a virtual environment I can't run a doctor Damon here it's a proof that SAP Rivlin service it's not something that that's possible in cloud shell and that's where ACR build comes in we, can do that docker build just. By passing and. I'll, paste this here and then explain, the command. And. So what I've said is do. A build here's my image name I, give it a build. Rating web I give it a. Tag. Called live stage and I say the context, is this current directory, and I tell it the registry I want and I said no log so it's just it's happening it's been queued it's happening in the cloud now I could, just sit here and wait for the result but, we can actually use the the azure CLI, to get, status. For this and so I put a watch and I say show. Me the bills that are happening and, you can see I ran 100, lots of lots of builds here, but our build idea here is a, a to a and you can see it's currently running and. We can tell approximately. How long it will probably take it'll take it about a minute and, we can wait for that status to complete we, could also check, it and so I could come into this. Kill. That that watch here. And. I, could get some details about the build. It. Was a 2a. And. It's saying hey it's still running so we're waiting for that to actually finish, but. I can actually see the logs I don't really have to wait if. I go in and type that same command. Actually. That wasn't the the actual image name so let's get the one we're waiting on. And. So. You can see what's actually happening, it's pushing it right now so it did build the image and we're just waiting for that to complete and, you can see that where we'll end up seeing the status here when it's actually completed, I'm, gonna show you what it ends up looking like when it's done, and. One. Thing I want to point out here and this is the last thing I'll kind of say about a CR but look down at the bottom there it finished the build and you may not have seen all this before so a lot of its out of context but at the very bottom it's, that a CR, builder discovered, the following dependencies. The images that we built and then, this runtime dependency, which turns out it is based off of the node, base, image in this particular tag, well, that's going to be useful later imagine, that that particular image has a security, vulnerability may, see our build can be triggered off of any base dependency. Updates so, it's detected, them and it's very simple for me to use that later to, do those kind of image updates and so, you'll, see more about this if you want to go to the top that's a super deep dive Steve Lasker will talk about a CR builder and a lot more about it you can see some of those other scenarios. I just did a basic build here we will use that image in. A moment when we deploy this to add your app service with, containers, so. Let me jump back over to the slides here and keep us going.
Backstage. Fever. Sleep voting, for JavaScript, so. Okay. So, what we're gonna do now. We're. Gonna walk. You through actually. Deploying. That. Deploying. That specific. Website. To as. Your app service just, switch this around look. And. I apologize. And. I'm gonna switch over real quick tomorrow. Mate. Okay, so just. Just. To walk, you through that so the app is currently, available right now if you go out to github github.com. Slash. A sure slash build, 2018, container. Demo it'll. Walk you through specifically. Running. This entire app all by yourself okay. Just. Some some some key points behind it is running cosmos DB instance. All right with the Mongo, API behind it, alright. And. Basically. It's. Got three, parts to it which I think Brian showed you some of those specifically. Alright, our, four parts to it so we've got the web and then you've got. Three. Services, that are, underneath. It specifically. That are running, in IKS so I'm just gonna go, show. You those services. Running out there on a KS and Ryan's cluster so. Okay. So those, are out there running there's there's a ratings one there's, a sites one and there's a subject so the subjects, are hey the different programming languages, the, site is actually hey how do we how do we lay this out specifically, and then the ratings are the ratings, themselves. And so. Within. There you get you can. On. That github, repo you can go in and grab all the data that you need and everything that's involved in this specifically, alright so, we need that front end and so. Prior. To this I had also set up some that, are not running in aks. Out, out, on app, service just just to set that up and so so. I can do it, yes. Go, ahead. And talk to that. Oops. Right. So I just I just, want to make an introduction, to app services, on, so. How many people actually use, your. App services in a room well. That's a lot, thank. You so this is just a quick introduction. About your. App services at. Your absences is a fully managed platform, you include a set of application. Services, so, where you can actually deploy your like a Windows or, Linux apps, to, the service and. We support a like different type of application. Stack such as low G as, PHP. Donate. Donnell core and Java so. It. Enable, you to be highly productive. So, basically, you can only have to worry about your, application code right your application and you, don't have to worry, about the, useful structure which is hosting or your application. And also. You don't have worry about scaling as. We will taking, care of the scaling as, based, on your business needs, so. So. This also we provide, high.
Availability And, also, currently, the SLA, if you run your application, on, App Service. App. Services, into an application, platform so. It has we. Support different type of application. Services, such as web. Maps API. Apps and mobile apps. Which. Makes it super, easy for you to like build deploy. Tests. And eventually. Like. Hosts of your application, on App service for. Like your API apps for, your web apps for your mobile. Apps etc. So. A dual function is another service we own. Which. Add reflection lets you to deploy, a service, application. To. Microsoft, Azure and you, will only be charged for the time your application code is running our and you, also don't have war was scaling because. We would, scale. On your behave when you need it so. AB, services, actually start on Windows, platform, a few years ago. We. Were very excited, actually now AB, services, is available. For. Linux applications, as well we. Made an announcement general. Available availability. Allows for the lastest September. So. Now you. Can actually. Deploy. Your application, to your Linux application to AB service as well, with. A, juror. Apps observers. On Linux so, you can deploy, your application. Written in different languages. Such as PHP, node.js, Java. And you can deploy your application, to like to, AB. Service in the field literally. Seconds so, you don't have worry about again. Worry about the infrastructure, what about scaling and you, don't even have to worry about the containerization, so we take care of everything under the hood for you, for. Where that whole container this. Is a different use case this is the word you actually you can't organize your, application, in, the docker image, you, can host the docker image in. A. Your. Content. Content, container registry or, docker hub or your own private, registry, and you just need a point in your application, tutor and deploy it to us and then we will, run the application on, our, platform, for you. So. Like, with, web app or container so, you have the flexibility, of like, manage your source code the way you want you can you can manage the your. Image report, any way you want but, you still get the full benefit, of app. Service, as a full managing service, you. Can you can use let's, say you can use a dual container registration. Or Pat hard for the host your own image you, can, you. Can set up a continuous. Continuous. Deployment from, your source repo you, can also set, up a continuously, deployment. With. A wet book, which. You trigger a deployment. When you make a change. So. Also, we provide a building. Support for like darker logs and you can get those building. Doubt, that, pelvises. Informations. From. The service and troubleshooting, your apps. So. Now I'm going to switch back to Joey and he's gonna show you how, easy to deploy a pretty. Complicated app to. App service ok alright, so Brian. Actually built a. You. Saw him built a container, image with a CR build alright and so we're. Just gonna deploy that web front-end frankly I want to see the results currently you, know so. Let's. Go ahead and walk, through that and. With. The help of ye here we're. Gonna, create a simple web app alright, so this is the portal add reporter, so this is a Joey. Just could go into the engine PO in the world you can start create a web app. He's. Typing in the name for the app ok, so that has to be unique so he's chewing the right name okay, go. Ahead and use that and I'm gonna choose dog so he's using the web of a wipeout, for contender so we made it some UI changes make it easier for you to start to create a web of any. Container. Based application, okay, and, so I'm gonna choose as. Your container registry absolutely. And so. Through. The magic, of, AD Bryan has branded me access to that repo right. Oh so. We. We have access to that he's granted, me access to. That specifically, so I'm gonna go through and pick that. Pick. That image that he created, is. That.
Build. Rating, web, fourth. One now okay there we go and, the actual tag is going to be live stage okay. So. We're gonna say okay on that all, right now. Now. We need to create a service plan to host this application, okay so that that service plan specifically, we're gonna go ahead and create a new one all right just, we. Better several, our lungs from the yesterday, so we're adding a, different type of skills. For. You to host the web a Linux web app so I see this is it I get, free 30-days oh yeah, you get, a a be one the, first two beautiful freeform month from. Today on okay, try doc yeah, all, right so I'm gonna choose that one basic. I'm gonna put this in west you. Anywhere, you want okay, we'll go west us you're pretty, close, proximity, here Oh Union after the S plan, live. Stage, how about that oh good all right. And, then we've already got that and so let's go ahead and say create. Alright. And, so, that, normally, through, the magic of cooking. Shows and Martha. Stewart guess what it's, already there alright fantastic. It's. Up in live and you guys can go there it's it's build - web as. Your web sites dotnet. Learn. It using, using all that and frankly we all want to see what the leaderboard is right I have. A sneaky, suspicion it's, gonna be Microsoft, heavy so there. We go. Right, now c-sharp is. That - it. Nobody. Likes JavaScript, why not oh. Yeah. There's, no surprise there was C sharp leading there, okay. So with that with that you saw the ease in which you could deploy a simple. Container and so now, with, that I'm gonna let you take over and he's gonna show, you how to do something a lot, more cooler, from there so thanks, QE alright anything. So. With Joey's, demo you can say is how easy to deploy this application to, app services, on Linux or web app for container you literally, few minutes. So. We. Have thousands, of customer actually use web of a web app for, container to build it our application. Say. They also ask for like if I I actually have more about containers are running on the same app. For. Example the wonder the use case where. They want to put a nginx, in, front of your web app in. The same AB service. Plan as a reverse, proxy. Some. People also say can I have a radius, cache on. So. Which he sitting. In beats between my web app and the same a, juror, my, C code database. Right. So for those use case we. Just made an announcement in the yesterday we are supporting, model container in web apps. So. With. The new, model container web app feature, you. You are able to create a. Multiple. Containers within, the same web web. App, service plan but. You can operate all this container as a single, unit so. Next I'm gonna show you how, to use.
Model Container to, build a same application, is Joey demoed in this time instead of deploying. Mobile web. Apps make, them talk to each other over a public Internet, I'm gonna deploy all those containers in the same web app. So. Now I'm switching to my Linux. Machine. Which is where I'm kind of doing demo from so. First, I want to show you the source code of. Joey. And Brian's, demo, it's, unclean hot so. As. Usual, let p.m. always do the sins in upfront so I already, cloned. A feature, or, cooling that repo locally so it can show you, where. It is there, you go so. So. Now in, order for me to deploy, this to. A web, app model. Container so. I need to create. A docker. Compose file, because in this remember, in this publicly real, public, pre-release, we, suffered two type of some type of self of configuration. Format we support, docker compose format. We, also support. Kubernetes, config fulfillment, in, this demo I will use docker, compose. So. Again. I already, created this docker, compose file, yamo file up front, so, you can say this is how you describe. So you just use docker, compose form it you can describe a model container app so, so, in this case I have. Four containers, the. First one is the web front and it, also have three, other containers, for AP eyes so. With. This. With. This the tagger compose is ready to go and kind of switch back and. Before. I actually publish, to app service I want, to test it locally right normally people would want to debug find, any show locally before you actually preheat it to a, service so, what you can do here is like. You can do or dr. Campos up I'm pretty sure a lot of folks in this room familiar, with that so, you can just run that to dr. Campos and what's. Happening, under the hood is the. Darker compo is putting all the images from, from. Brian's, repo right now on this, face lifetime. So, it takes a little bit time to fold like four images. Once. The image is pulled on locally. And you were wrong either, wrong that Yama file I just to show you guys, and. It created. The application running on my desktop so now the front. Is running so I'm gonna just quickly show show. You the, local. Version of it to make sure everything is working, correctly. So. We're running off portal, 8080, so that's where I'm gonna hit there. You go it works locally great, so, let's, try it out make sure actually, works as expected so. Let's do a loading sorry, no offence about who is familiar if we is more favorite, about which language I'm just randomly chose it. Sorry. Oops. Yeah. Okay. So. See. They're working. Let. Me do it again. Okay, I presume. He's working locally let's, move. Forward. So. Let's let's, deploy this same application, to the service so. Let me let. Me kill that. So. Now, what, I need to do is wrong I say I command. To deploy the Yama file to. Add services. So. Instead, of type everything, in. Front of you so I just actually just the pool from history so here, you, do a AC web, app create, and you, need to specify our resources, group as. Usual and a user you also need to specify a, AB service plan and also. Give a name for the app and then. You. Specify. This. Is a model content or config, use, compose, file. And. Then you just, the type. Also, gave you the path to your file and then you just need the right and, it, would take a couple of seconds to actually.
Push This to AB stories. Yeah. This time either world work oh the, works there, you go so. Now let's go back to the actual application wrongly, in, the cloud running. Actually hung so. This is actually wrong lean in. The app service plan in West us us West so, let me show you, this. Time. I'll. Give more for yes oh. Okay. So there's something, there's something cool yeah okay. Alright, so let's, say this. Is a demo. Either again. We. Will make sure the application is, working before we actually pop news source all. Right so now let me switch, back to the slides. So. With. All the demos you so long app services definitely. Apps observers, give you choices, right, so you can use. Different languages. Runtimes, like we mentioned done. It right, Tunnel Corps, nodejs. PHP. Java, and we're actually support for goal line and Python. Later this year right you can also use different type of application, platform. Templates. WordPress. To poll etc, and definitely. On the deployment side you can you. Can put your image you. Know on docker, hub or add, your registration, or and, or. You can use, let's. Say you can also use, like, a CI say the pipeline, software. To, help, you to manage your deployment. Like chickens, and everything like that so so. The, App Store is definitely give you a choice and the one I want to mention before I hand over back to Bryce we have a session, this afternoon at 4:45. My. Colleague. Jennifer. Nishi is gonna present how you, -. How, you use. The dialysis. Features and absences, so, you if you guys interested go join her at 4:45. All. Right awesome thank you thank you yep sure. So. Yeah. Very cool technology regardless of we didn't get to see the final leaderboard I'm sure c-sharp, continues, to win, the. The great thing about that is did, you I mean we didn't have to think about all this infrastructure, happening behind thing that's one of the advantages of app service, and using past kind of technology, we have some similar functionality, in, our kubernetes. Service our aks giving, you that ability to host a kubernetes based cluster, and not think about all of that overhead. Certainly. Sometimes, we just want to run a container, I don't even want to think about a complex. Orchestration, system I don't necessarily have all of those needs I just have a container and I want to run it and really that's where as your container instances, comes in in some. Ways I just need I just need a container and. I probably need Clippy to come along and help me through that it's, kind of sad Clippy has this legacy I'm sure there was some person, on the team that thought up Clippy and I'm sure they were really, had really great ideas and I don't think it was that terrible vite of an idea but unfortunately, Clippy, will be around as a negative legacy, forever but, what. Do we need I just need serverless containers, I really just want to run a container, and not think about any infrastructure, at all and so when we say surrealist services are certainly a popular term thrown around a lot today I'll tell you what I mean I'm thinking about Surrealists, the, first thing it is that it's invisible infrastructure, there's. Obviously infrastructure, behind it there's physical, servers. There are virtual, servers, there is all that that's happening there but. From my point of view of running the container that's invisible to me I not only don't see it I don't have to see it I don't even know how it works and I don't want to know I don't want to be responsible for having it up and running I just want run my container and, ignore that kind of detail I want some metrics back from it perhaps about my container I want it to be treated as just.
That Resource, the. Other big characteristic. About, service, is micro billing the, concept, that I only pay for this the, second, while this particular container. Is running if I run it for long periods of time I pay for long periods of time if I run it for three, seconds I pay for three seconds and so, that's really important, to that service concept, and the third area is its event based it's event-driven, some event occurs that triggers, this to actually execute and. My container runs and does its work it perhaps actually, triggers other events and so forth as well and so, I have this kind of surrealist sort of concept, and we want to apply that to containers, we built this container maybe, to do work for us I want to quickly kind of get that up and running and that's what a CI is for us I easily, can run serverless, containers, I don't think about that infrastructure, there is some sort of infrastructure. Everywhere, in the azure cloud and I basically run a container, as a first-class resource, in our cloud in the same way that you use virtual machines and you, create maybe a distributed, set of VMs. In the cloud and you do various things with them you're. Doing the same thing with containers here I just have a container that needs to do some work run. It for me and I'm our, customers made it do all kinds of interesting things with it at that standpoint and, again. I am build per second based, on the resources that I'm using in the cloud the, other thing that's really important, that we provide with a CI is. We have isolation, a hypervisor, level, so you're not just running in some farm alongside, other customers, or even other. Other, resources, that you're deploying you always have hypervisor. Level isolation, but, you still get that super fast startup, time obviously, if we created a VM for every one of your containers, booted. It up every, time you started, one it might take us minutes to start your container and you'll, see when I do the demo it's not minutes it's seconds, it's, the, speed of containers charting is one of those big benefits that we talked about at the beginning I still, get that speed, but somehow I also have that hypervisor, level isolation, for it which is critical, in. That serverless kind of environment, so what, can you do without your container instances, well you, can do anything you want we, really, once you understand kind of how it works you can build interesting solutions, we, do find customers, doing these kinds of things and we're it's, fun to kind of learn about what. Customers are doing with it I certainly have modular, apps some of the things that we've been showing today I have, some components, running an azure app service that maybe are what our web app related, I may have some batch processing, component, in the background, doing. Some work for me I may have another component running in a different different, sort of area and so AC eyes can help me in these applications that have a number of different components distributed. In the cloud environment, lets, me take advantage, of containers, in a simple way certainly, event-driven, apps I may, have cut some kind of workflow there may be some webhook occurs I may, want to kick off some sort of process and having a container run and do work for me and certainly that's, a very obvious use case for using a CI, batch.
Jobs, And things like that are very common, in this kind of scenario, the. Other thing that's also interesting is elastic, bursting, for something. Like a managed, cluster, IKS. Or a jakku Brunetti service I have, a set of nodes running, this kubernetes, cluster we, haven't talked a lot about kubernetes, today but. To expand the size of that cluster I've got a I've got a add, VMs, to it I can, actually use a CI to. Be a way, to elastic. Have, that elasticity of that cluster without actually adding VMs, to it and that's, very exciting cool cool work, that the team has done I'm going to show you here in a moment what that looks like and. So let's do it do some demos here of a CI. Of. Course my cloud shell timed out, wouldn't. Be a cloud shell thing without that. So. Before before, I wait for that to come up we'll go and take a look at my resource. Groups here and just take a look at my container instances. That. I have running so I don't have any container instances, deployed at this point so we're certainly gonna go in and do some deployments, around this let's go over and take take. A look at my cloud shell. The. Same way that in the portal we could see all of the the, containers that I'm running I can use the azure CLI, to do the same thing here and so if I type a. Z container, list I bring it back as a table I don't have any containers and so we're gonna go and do a deployment. The. Scenario that I'm showing here just, again going back to the demo we had these programming, languages, we all voted for them imagine. That we wanted to do some interesting analytics, around the, votes so we wanted to take the vote the summary of the votes may be the total votes and that's the average score by. Time and take it over to another analytic, system in the cloud we have all these interesting. Analytic. Solutions, in Azure maybe we can do something where we compare it to the number of bugs reported, in these particular platforms. And decide did, the votes actually vary based on that and do some sort of analytics, around it and so, I need some sort of job that's actually gonna pull that data out of Cosmos DB and maybe write it over to HD insight that's an example something I could do so, I have a container that maybe I want to run every once in a while and do that sort of data export, and so, that's what this container will be. It. Is actually over in the github, repository, it's. A we, called it build a CI demo, and so, this is a very simplistic JavaScript. Application, it goes out to cosmos DB and every, every, few minutes or every few seconds it grabs the latest summary and is going to push it over to this other database, so be honest this is a simulation, it really just logs. It to the output here we're. Not actually going to HD insight so it's a little bit of smoke. And mirrors of course and so you can see I created the container notice, all I had to do to supply to create this container I said here's, the resource group here's the name of the container like, a supplied, memory and CPU resources, that I want it and. I gave it the image name very, simple from that standpoint I didn't supply any networking information. IP addresses and ports and so forth because, it's not a web app but I certainly could it, could automatically, generate a DNS name for us I can, do open the ports that I want to and make this container available, if, I want so. If we go over and take a look at my container, instances, in the portal I refresh, here we'll see a container. Instance again this AC I test that we just ran, to. Be honest I've waited too long to come to this it's already running it honestly was probably running within a second up. Up and available you. Can see some performance. Statistics it'll. Take a few seconds, here for these to actually show, up in this display, here but, I can see some details around the containers, that are running in this container, instance, you. Can actually have more than one container in an in an azure container, instance so we actually refer to it as a container group and they run collectively, on the same the. Same virtual machine but notice. We get some details not only of the. Status of the container but the events that have occurred and so perhaps, I put in the wrong image title or I didn't provide credentials. To pull from things like a CR we, would see those events here and it helps us from a troubleshooting, standpoint, to. See in the portal actually what's happening, we, can get some properties, around things so there's a lot more that I can provide here that I'm not using for this demo I can, map volumes, and storage to this container so the next time we bring this up maybe we stop this I bring it up again I'll have access to those same files that have been stored there and they'll come online as well I have. Environment, variables that might be how, I get access to the database I may supply those as environment, variables instead.
Of Having them in the source code and so forth so. I get all of that access here from, that I also have access to the logs. And. You can see it's. A series of errors which is all fun so that, probably tells us why the leaderboard didn't come up we probably caused issues on our database. On the backend kind of fun so. This. This is a container, instance that's running it's actually executing, for me as soon as I were to go in and delete that it would we would actually stop the billing for that but let me actually bring it back up the cloud show and show you some of the other things especially since we had an error it's actually kind of good we. Can actually go and do some troubleshooting around, it so, let's take a look at the logs and see what's actually happening, this. So. I have access to the logs for the container so this is helpful something has something went wrong here go, through the logs find out what's actually happened here not. Only could I see see the logs or a particular instance, and scroll through and see, what's going on but I can actually stream the logs and. So if this was a long-running. Transaction. That doesn't didn't stop I, can, actually do an attach here and, it'll just stream the logs and as things start to happen if, anything additional, comes in here we'll continue to see it this, thing is looping every three seconds and trying to do something on the database and continues, to get the same error so it's an opportunity for me to troubleshoot, and figure out what's going on I can, even exec into the container and do some troubleshooting in, the container, I'll. Just show you real quick kind of what that looks like oh. And. Notice by the by the way at the bottom it says warning. You have restart, policy, set, to always so. What, happens is something went wrong with the container and the ACI has restart, policies, that we can set I can configure that to say don't restart it always you. Know when if something goes wrong with that I actually want it to stop and report back a status, and so that's some of the features that have been added to a CI as. It was released to give me that but, I can do things like exec. In and have a bash. Prompt, in the container and, maybe see what's going on. And. So, I say a Z container, exec I point up to the container and I tell I tell, it I want the command bash if, you've worked a bit with containers and doctor and kubernetes and so forth this looks very similar you exact into containers, and, do work like that I do, this and I'll end up with a bash prompt, and, perhaps, because it failed I won't actually get that prompt and so again we have to go in and kind of troubleshoot, what's actually happening, with it so. That's that's the ACI from. A simple container a couple other things I want to show you again when I delete this, this. Particular container, I. Will. Immediately stop, from a billing standpoint so we ran there may be a total of five six, minutes from, a billing standpoint I'm no longer being billed it's gone and I may have some sort of process orchestrating. Those things being run I may actually kick this thing off a few times a day I have, to have some other system to take care of that for me there's a lot of things I could do I could use Azure functions, to, trigger the execute one of those you, can imagine a lot of scenarios where we could kick these things off and take advantage of ACI now. I want to tie back to what we were doing earlier with, with, Azure container, registry you. May, have noticed in the demo I used a container, from from docker hub and that's a public container registry where, I can just store an image perhaps. I actually want to use ACR, like we showed earlier and so, I can't actually do that but I need that service account credentials, to access ACR. I can't just have a CI having. Built-in rights at least in the way that we have it today and that's where we take advantage of something called key vault if, you if you've used key Balt before it's a way to store. Particular. Keys and values such, as passwords, so, that I can use them in in applications. And services, to access things and so, I have this key vault my keyboard is actually called the same thing as. My ACR, and so my keyboard is called Bryer ACR, and before. The demo earlier, last night I actually put the keys for. My ACR, in, this keyboard and so we don't have to sort of go through the tedious commands, of me going.
And Executing, that so, I want to show you actually what what a container, create command looks like using. Key vault and, so I've set some environment, variables you'll see when I do my container, create I'll use these but I'm just telling it resource group key. Vault name ACR, name and I'm gonna call my container a CI with key Balt and. We're gonna use the same image, that we used before. Except. We're going to point it to the one that's running an ACR, so. I did that a Z container, create before but. Now I'm specifying my, image as Bryer ACR, build Dodger, cRIO. And. The container image and tag and, so now it, would have to have rights to do that and so I've said here's my registry, username and password grab them from key vault and, actually, do the the execution and create this for us and. We. Kicked that off and. We'll. Actually see this thing get created pretty quickly. So. Again I want, to be able to have have this done securely we can certainly do a lot a lot, of different mechanisms to do this but again containers, start fast this, is really important to 8/2. As, your container instances, to take care of work like that for us if, I go in and do my refresh here you can see I have this up and running I click this it will probably be at a running State pretty. Quickly we're at creating, typically. Again these things are start starting, within seconds, of this to, be up and running and so it's again going out and doing that same batch processing, work but now we pulled it from a secure location and that's important to note you don't really want to be running containers from doctor hub you don't want to be storing your containers, there you, want to store them in a way that's. Secure and. There are a lot of other ways to use make. Sure that you're used safe. Images, as well and scan them and secure them lots. Of solutions for that kind of thing as well. So. That is a CI I'm, going to come back to slides. Here. Just. To summarize from a future standpoint I showed a few of these obviously. I can create and manage them in the portal I did it with a CLI, here but you can actually do it with a portal experience, you can say new container and. Supply all those same parameters, you, saw the sort of CPU and memory and performance statistics so we can see things like events. That are occurring and the streaming, of the logs and so forth again. I mentioned the restart policies, and things like volumes, to, be able to have storage so persist, data that can be used the next time this thing is run and. Of course we have an SLA, because. This. ACI service, actually went GA I, think, it was last week and so we now are general, available with this technology it's very exciting stuff, one. Of the other ways that we can use as your container instances, I mentioned, this elastic, bursting so, we have something called the ACI connector, for kubernetes. It's based on a technology called the virtual couplet, and so if you've worked with kubernetes a sort, of agent component, of it is called the couplet and so, if we could somehow take advantage, of our this this technology, called HCI and tie, it in with aks, and kubernetes we could do some really interesting things we now have that rich orchestration, capability, that kubernetes offers, but. We get the infinite, scale of Azure container instances, so that maybe our applications, they run in kubernetes some, components, of it actually, over an ACI and, I want to show you in a picture what this looks like so, this is an e KS cluster running, kubernetes control plane I have four nodes in this cluster and I'm running various workloads, or containers, on, those on those virtual.
Machines In. The kubernetes world we call containers pods and so I'm distributing, various applications, there is a point where I've actually run out of space in this cluster I could. Add nodes I could scale, this cluster up easily, from four nodes to ten and so forth and aks makes that operation, very simple but, maybe I this is where I can take advantage of a CI and I, add this thing called the ACI connector, as a virtual, node and now when I push containers, or pods, to that a CI connector, instead, of running on a VM they actually run as a container instances, very. Powerful, from that standpoint essentially, what I now have is I have four virtual. Machines as nodes and I have the fifth one as a, virtual. Node of unlimited, size I can, spin up as many as I want that, pay for them while they're over there running and have this burst of demand they spun up very fast and. When that demand goes away I delete, them I've stopped paying for them and that a CI connector. V node becomes. Free there's, absolutely no cost to it while it's not running and all, I have to do from a kubernetes standpoint, is direct. Pods to that node there's nothing special about it it actually acts and looks, like a standard, kubernetes, node, so. That's what the a CI connector, is all about you can learn a ton more about the a CI connector, and azure kubernetes, service at. A session later today by Gabe Monroy from, our product, team around. Containers, and I highly encourage you to go see that session there's lots of great stuff in there I'll direct you in a moment here with a summary slide, about. Where those sessions are and so forth, so. Kind of to summarize we. Started today talking, about, I guess, relationship, counseling, for. IT and DevOps hopefully. You sort of see that standpoint that, these. Technologies actually immerse, those teams together if, you're working with containers, you're, not sort of having the apps app team build something and hand it over to the the operations, team it's, impossible, to work with this kind of technology without working together so, whether they like each other or not or whether they used to working together or not we're going to be doing it, by taking advantage of containers, and Azure so, these are the services where we use containers today particularly, on the right hand side of this slide you saw a few of them you saw app service, for containers, we, saw a dry container registry as that base storage. Component, and build component, for our registries, for our, images we, didn't see service fabric, or aks we saw a little bit of a chaos but you can go learn about containers, on those platforms as well there are sessions around that you, can use containers and as your batch we, certainly saw the usage, of Azure container instances, so a lot of different ways to use containers. In our cloud and. We continue that we expect, this to expand we expect containers to be everywhere in our cloud and. We continue we expect that to sort of be everywhere, eventually. So. Again, resources, to get started I mentioned Gabe Monroy the blog post came out yesterday with some of the exciting announcements, that we made here at build and some, of the really interesting innovation. That we've done around this and it's, it's a great blog post and a lot of great technology that happened there and there's also some great sessions that build that you can go learn more, by.
Kubernetes, On Azure a couple, of these were yesterday so. Again you can catch the recordings, on some of them there's, probably more around, containers, than, this list but these are ones we would encourage you to go to the. Source code the git repository that, we showed the based on the demos that we had is at AKMs, slash build, containers, you, can find Brian and Joey on Twitter at those at those yi, is on Twitter but he's not as big a Twitter person so please. Feel free to follow, us and you'll hear more more, stuff about containers, and we're down at the expo we, have booths. Around all these different technologies we encourage you to come in and check things out so with. That I do want to give people a chance to ask questions you please come to the microphone, or not and we'll get Joey and you to come back up but, we certainly will take questions I appreciate, everyone's time we have about 10 minutes or so to take some questions so please please, do. Any. Questions. For. Which which, metrics, at. Service, or. ACI. Yeah so the question was the. Metrics, that are shown there in preview, mode yeah so that's my container. Itself again it's running it's there's an underlying virtual environment, that's running that says CPU and memory usage but I really as a container I just want to know about CPU in memory so, it's just collecting those and exposing them through the portal, I can. Stream those and see those it's data that's available through, the azure API, but. It's its actual usage like you saw when I created the container I said I wanted one CPU and a gig of memory. But. That graph and that chart shows actual usage, so if they're just kind of dormant and sitting there you'll, actually see, that and see the actual usage of them. Yeah. So people often, when they're talking about containers, talking about things, like Prometheus, and so yeah, you can stream this data it's, a kind of some back-end platform. And we certainly have a tzer's as. Your monitor a place, to look at data there as well and. So we'll have our services, doing that kind of thing it's storing data and as your monitor question right over here on the left, or your right. The. Normal. App. Service, has like limited CPU and memory what is the limitation, on memory and CPU for each container. So. So. You're all your applications are, running on a single we end right so in so, so if, you have multiple if you have a single container, we. Have some overhead, right we need a rollover service, so, so you probably get most of the share so, in your application. If. It's multiple containers running on the same a same app, service plan and you, all, your like, contenders, are sharing those resources as well so you have to be mindful, when you choose the size of your via, basically, this skew so. It's still the same limitations, that what yes four CPUs and, 14. Gigs of ram I think this is max so.
In. A past, we. Only support the. Basic skills. Under. The standard, skills so, you can go up to like let's say as I believe it says eight seven gig that's a memory, and for, CPU as at most but, in this. Yesterday. We announced the support framing skill for app service in Linux so, you can, definitely I think you can double the, capacity there so. To go check out the training skill and also. Also. That, we have, now. With support app, services, environment. For Linux as well so go check those out so those are give you most scale, you. Know if, you want to scale out to more instances. Question. Oh yeah, question here yeah. That. Was all great only knows what. About us old timers back, with Windows containers, yeah great, question and we get we get a lot of questions about Windows containers, and yeah these, services, we're, moving. To have Windows container support happening everywhere as you know as you may know Windows containers, came, with Windows Server 2016, so. So if you think about the way containers, work we, used kernel, functions, inside of the inside of the Linux kernel to create. The actual containers, that actually had to be built into Windows and so, that's been done and that works been done but, n
2018-07-17 21:40