Azure Container Registry (ACR) Deep Dive

Transcript

1. ACR Unleashed Thorsten Hans @ThorstenHans Consultant A deep dive into

   Azure Container Registry

2. Consultant @ Thinktecture #Azure #Kubernetes #CloudNative #Terraform [email protected] thinktecture.com thorsten-hans.com

   @ThorstenHans Thorsten Hans

3. • Introduction • Azure Container Registry Jumpstart • Azure Container

   Registry Patterns & Practices • Conclusion Talking Points - What we will cover today

4. • Introduction • Azure Container Registry Jumpstart • Azure Container

   Registry Patterns & Practices • Conclusion Talking Points - What we will cover today

5. • Azure Container Registry (ACR) is a OCI distribution spec

   compliant registry • Distribution of container images and OCI spec compliant artifacts • Seamless integration with Azure Active Directory (AAD) • Three SKUs available Basic | Standard | Premium ( $5 | $20 | $50 ) Introduction

6. Different service tiers have limits Introduction Basic Standard Premium Included

   Storage in GB 10 100 500 Read operations p. minute 1_000 3_000 10_000 Write operations p minute 100 500 2_000 Download bandwidth in Mbps 30 60 100 Upload bandwidth in Mbps 10 20 50 WebHooks 2 10 500

7. Features only available in Premium SKU Introduction • Geo Replication

   • Availability Zones • Content Trust • Private link with Private Endpoints • Private Endpoints • Public IP network rules • Service Endpoint Virtual Network access • Virtual Network rules • Customer-managed encryption keys • Repository scoped permissions • Tokens • Scopes

8. • Introduction • Azure Container Registry Jumpstart • Azure Container

   Registry Patterns & Practices • Conclusion Talking Points - What we will cover today

9. Azure Container Registry Basics - Create an Azure Container Registry

   instance - Authenticate - Push container images - Browse container images - Pull container images Demo

10. Create an ACR instance

11. Authenticate with custom ACR instance

12. Push container image to ACR

13. List images and tags in ACR

14. Pull an image from ACR

15. • Introduction • Azure Container Registry Jumpstart • Azure Container

    Registry Patterns & Practices • Conclusion Talking Points - What we will cover today

16. • The following section consists of live-demos • Corresponding code

    is availible on GitHub at • https://github.com/ThorstenHans/acr-unleashed-cloudsummit-2021 ACR Patterns & Practices

17. • ACR offers four types of webhooks push, delete, chart_push,

    chart_delete Webhooks

18. • Azure Traffic Manager routes your requests to the closest

    ACR replication • All replications can accept write operations • ACR replicates modifications across GEO replications behind the scenes Geo-Replication

19. • You can store everything in ACR as long as

    it is OCI spec compliant • For example WebAssemby (Wasm) modules Deal with OCI compliant artifacts

20. • Authenticate and Authorize external identities with ease • GitHub

    Actions / Jenkins / TeamCity / other services • Azure Resources that are under external control Tokens

21. • Build your container images directly in ACR • Container

    build for scheduled and event based builds • ACR quick task for one-off builds ACR Container Build & Tasks

22. Vulnerability scanning with Microsoft Defender for Cloud

23. Vulnerability scanning with Microsoft Defender for Cloud

24. • Introduction • Azure Container Registry Jumpstart • Azure Container

    Registry Patterns & Practices • Conclusion Talking Points - What we will cover today

25. further questions?!?! Thorsten Hans @ThorstenHans Consultant Don’t be afraid. Shoot

    your question now in person, or later at [email protected] or @ThorstenHans thns.io/slides