$30 off During Our Annual Pro Sale. View details »

Jun2022 [Slides]: Azure Container Apps by Mo Nofal

Jun2022 [Slides]: Azure Container Apps by Mo Nofal

Slides from the following meetup: https://www.meetup.com/de-DE/microsoft-azure-zurich-user-group/events/286652334/

In this session we will unpack the components that make up Azure container apps, we will also cover how its different than other container platforms in Azure and its use cases, and we will demonstrate its different features by deploying a sample application.

About Mo:
Mohammad works as Cloud Native Apps Architect at Microsoft and is part of the Azure Global Black Belt team. He is focused on everything with Containers and Kubernetes on Azure and the surrounding cloud native ecosystem. Previously he worked 4 years at Amazon Web Services in different capacities, and before that 10 years in the telecommunication industry building distributed systems.

Links:
Github: @mohmdnofal
Twitter: @mohmd_nofal
Linkedin: https://www.linkedin.com/in/mnofal/

Azure Zurich User Group
PRO

June 28, 2022
Tweet

More Decks by Azure Zurich User Group

Other Decks in Technology

Transcript

  1. 28.06.2022 Azure Zurich Container Night

  2. Azure Zurich - Who Are We? Manuel Meyer www.manuelmeyer.net @manumeyer1

    www.azurezurichusergroup.com - info@azurezurichusergroup.com – https://www.twitter.com/azurezurich Thomas Hafermalz https://thomashafermalz.net
  3. Speakers Azure Global Black Belt @Microsoft www.azurezurichusergroup.com - info@azurezurichusergroup.com –

    https://www.twitter.com/azurezurich Arindam Mitra Infra Geek & DevOps Architect
  4. Agenda 18:00 Welcome 18:05 Azure Container Apps by Mohammad Nofal

    18:50 Drinks, Food & Networking 19:30 Real-World Containers: ACR Container Scanning with Aquasec Trivy and Azure DevOps by Arindam Mitra 20:15 End
  5. www.digicomp.ch

  6. Azure Container Apps Mohammad Nofal Architect – Cloud Native Apps

    – Global Black Belt
  7. None
  8. What can you build with Azure Container Apps? Public API

    endpoints Background processing Event-driven processing Microservices HTTP TRAFFIC REVISION 2 REVISION 1 80% 20% MICROSERVICE B MICROSERVICE C MICROSERVICE A HTTP requests are split between two versions of the container app where the first revision gets 80% of the traffic, while a new revision receives the remaining 20%. E.g. continuously-running background process that transforms data in a database. E.g. queue reader application that processes messages as they arrive in a queue. Deploy and manage a microservices architecture with the option to integrate with DAPR. AUTO-SCALE CRITERIA AUTO-SCALE CRITERIA AUTO-SCALE CRITERIA AUTO-SCALE CRITERIA Scaling is determined by the number of concurrent HTTP requests Scaling is determined by the level of CPU or memory load Scaling is determined by the number of messages in the queue Individual microservices can scale independently using any KEDA scale triggers
  9. Deep dive

  10. Environments Environments define an isolation and observability boundary around a

    collection of container apps deployed in the same virtual network Container app 1 Revision 1 Revision 2 Replica Replica Container(s) Container(s) Container app 2 Revision 1 Revision 2 Replica Replica Container(s) Container(s) Environment (virtual network boundary)
  11. Container App Containers in Azure Container Apps can use any

    and development stack of your choice Container app 1 Revision 1 Revision 2 Replica Replica Container(s) Container app 2 Revision 1 Revision 2 Replica Replica Container(s) Container(s) Environment (virtual network boundary) Container(s) Container(s) Container(s) Replica Replica
  12. Revisions Revisions are immutable version snapshots of a container app

    Container app 1 Revision 1 Revision 2 Container app 2 Revision 1 Revision 2 Replica Replica Container(s) Container(s) Environment (virtual network boundary) Replica Replica Container(s) Container(s) Container(s) Container(s) Replica Replica
  13. Ingress Internal or external visibility with TLS termination and support

    for HTTP/1.1 and HTTP/2 Container app 1 Revision 1 Revision 2 Ingress 80% 20% Environment (virtual network boundary) Replica Replica Container(s) Container(s) Container(s) Container(s) Replica Replica
  14. GitHub Actions integration Publish revisions as commits are pushed to

    your GitHub repository by triggering a GitHub Action to build a new container image Container app 1 Revision 1 Revision 2 Build container using GitHub Action GitHub repository Code check-in Azure Container Registry Environment (virtual network boundary) Replica Replica Container(s) Container(s) Container(s) Container(s) Replica Replica
  15. Secrets management Securely store sensitive configuration elements that are then

    available to containers through environment variables, scale rules, and Dapr "template": { "containers": [ { "image": "myregistry/myQueueApp:v1", "name": "myQueueApp", "env": [ { "name": "QueueName", "value": "myqueue" }, { "name": "ConnectionString", "secretref": "queue-connection-string" } ] } ], }
  16. Logging Containers write logs to standard output or standard error

    streams surfaced via Log Analytics Container app 1 Revision 1 Revision 2 Replica Replica Container(s) Container(s) stderr/stdout stderr/stdout Log Analytics Environment
  17. Scaling and using the Kubernetes Event Driven Autoscaling (KEDA)

  18. Application autoscaling made simple Open-source, extensible, and vendor agnostic Kubernetes-based

    Event Driven Autoscaler Drive the scaling of any container based on a growing list of 35+ event sources, known as: scalers keda.sh Intelligently scale your event-driven applications Out-of-the-box scalers for various vendors, databases, messaging systems, telemetry systems, CI/CD, and more Event-driven Built-in scalers Support for triggers across variety of cloud providers & products Bring rich scaling to every workload Vendor-agnostic Rich capabilities Metrics Adapter | Controller | Scaler
  19. Scaling HTTP { "name": "http-rule", "http": { "metadata": { "concurrentRequests":

    50 } } } CPU { "name": "cpu-rule", "custom": { "type": "cpu", "metadata": { "type": "Utilization", "value": "50" } } } Memory { "name": "mem-rule", "custom": { "type": "memory", "metadata": { "type": "AverageValue", "value": "512" } } } Event-driven artemis-queue, kafka, aws-cloudwatch, aws- kinesis-stream, aws-sqs- queue, azure-blob, azure- eventhub, azure- servicebus, azure-queue, cron, external, gcp- pubsub, huawei-cloudeye, ibmmq, influxdb, mongodb, mssql, mysql, postgresql, rabbitmq, redis, redis- streams, selenium-grid, solace-event-queue, .. Support for scale to zero and specifying minimum/maximum replicas Support for specifying minimum/maximum replicas
  20. Using the Distributed Application Runtime (Dapr)

  21. Microservices using any language or framework Any cloud or edge

    infrastructure Distributed Application Runtime Portable, event-driven, runtime for building distributed applications across cloud and edge dapr.io Application code Microsoft services written in any code or framework HTTP API gRPCz API Service-to- service invocation State management Publish and subscribe Resource bindings and triggers Actors Observability Extensible Secrets Hosting infrastructure Azure Arc On-premises
  22. Service to service secure communication 1.1 TLS encryption and mutual

    TLS authentication 1.2 Reliability and retries 1.3 Observability and distributed tracing Independent component lifecycle: versioning and scaling Data encapsulation and governance (Enabled with revisions and KEDA) (Enabled with Dapr) (Enabled with Dapr) Common microservices requirements
  23. Fully managed Dapr using the sidecar model Service-to-service invocation POST

    http://localhost:3500/v1.0/invoke/cart/method/neworder State management GET http://localhost:3500/v1.0/state/inventory/item67 Publish and subscribe POST http://localhost:3500/v1.0/publish/shipping/orders Containerized application sidecar Dapr API HTTP of gRPC
  24. Dapr components Swappable YAML files with resource connection details Over

    70 components available Create components for your resource at: github.com/dapr/components-contrib Observability Prometheus AppInsights Jaeger Zipkin State Stores PubSub Brokers Containerized application sidecar
  25. Service to service invocation Fully managed Dapr APIs provide a

    rich set of capabilities and productivity gains Container app 1 Containerized application sidecar Dapr API HTTP of gRPC Container app 2 Containerized application sidecar Dapr API HTTP of gRPC Service to service call POST http://localhost:3500 /v1.0/invoke/app2 Environment
  26. POST http://localhost:3500/v1.0/state/corpdb [{ "key": “fruit", "value": “Orange" }] Container app

    1 Containerized application sidecar Dapr API HTTP of gRPC Firebase Redis cache Azure Cosmos DB Any Dapr state store State management Dapr provide apps with state management capabilities for CRUD operations, transactions and more Environment
  27. AWS SQS GCP Pub/Sub Azure Event Hub POST http://localhost:3500/v1.0/state/corpdb [{

    "key": “fruit", "value": “Orange" }] Cart app (Publish) Containerized app sidecar Dapr API HTTP of gRPC Publish and subscribe Create event-driven, loosely coupled architectures where producers send events to consumers via topics. Environment Any Dapr pub/sub Shipping app (Subscribe) Containerized app sidecar Dapr API HTTP of gRPC
  28. Observability Intercept traffic and extract tracing, metrics, and logging information.

    Configure Azure Application Insights for distributed tracing across your services Container app 1 Containerized application sidecar Service to service call Environment Collector Container app 2 sidecar Containerized application Azure Application Insights
  29. None
  30. None
  31. © Copyright Microsoft Corporation. All rights reserved.