In software development, it seems that containers, no matter where you go, no matter who you talk to, are the new normal. If you are not developing them or are already migrating your application, create supportive systems that you use to support a legacy application. Containers are everywhere.
However, this means that as an engineer you have to put your containers somewhere. In the past, this meant creating an artifact, be it a binary or archive, then writing and distributing it to a disc or file share. The container ecosystem is a container registration, and the artifacts you create are container images.
Ideally, container registration is in a safe place that could automate some of the work for you, e.g. B. Container scanning and triggering actions on every commit or on a schedule. Fortunately, Azure has covered all of the above with the Azure Container Registry, or ACR for short.
To participate, you need the following:
- An Azure account
- A. Repository Push and Pull Container
- (Optional) A PowerShell terminal that is authenticated to Azure or a CloudShell instance.
For this reason, the container does not have to be more than
Hello World is a tutorial on container registers, not on containers themselves. If you are not familiar with Docker or containers, you can learn more about them here.
Create the registry
First, you need to create a registry by first using the Azure portal and then using Azure PowerShell.
Using the Portal
Go to "Create Resource" and search under “Container”
"Container Registration". "Width =" 938 "height =" 650 "src =" / pagespeed_static / 1.JiBnMqyl6S.gif "onload =" pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon (this); "onerror =" this.onerror = null; pagespeed.lazyLoadImages.loadIfVisibleAndMaybe9; ] You will then be asked to enter some information about the storage account and subscription in which you want to register. It is considered a best practice to register in the same region in which you deploy containers.
After deployment, go to the resources page and look for the Access Keys tab. From here, make sure that you activate the "Administrator" option so that you can log in later using the CLI.
Using Azure PowerShell
Azure PowerShell does this with one line, either on a CloudShell instance or on a locally authenticated PowerShell console with Azure PowerShell module installed.
Then use the cmdlet
Get-AzContainerRegistry to link the registers to your client . You still need the property LoginServer to transfer your image to the registry. However, you can get this from Azure PowerShell, which is shown in the rest of the demo.
As long as you have inserted the
-EnableAdminUser flag, you can also use the
Get-AzContainerRegistryCredential cmdlet to get the credentials for the next step.
Sending the image to ACR
Now that the registration and user is set up for It, it's time to log in and transfer an image to it. You can log in with the Docker login command
. If you are using a script, make sure that the credentials are not displayed in clear text by passing them as follows or using Azure Key Vault.
# Azure PowerShell $ RG_NAME =
$ ACR_NAME = $ registry = Get-AzContainerRegistry -ResourceGroupName $ RG_NAME -Name $ ACR_NAME $ creds = Get-AzContainerRegistryCredential -Registry $ registration $ creds.Password | Docker-Login $ registry.LoginServer -u $ creds.Username --password-stdin
If you do this manually, just run Docker login
After you are logged in, you can move and retrieve container images from the repository as often as you like. If you have created or dragged a container locally, add the registration URL and the version tag to the image with the
Docker Tag command. Then press Docker Push on ACR with the
command. It should look something like this:
# Docker CLI Docker Day
/ : Docker Push / :
With the image in ACR, you can use the Docker-Pull
By now you should be familiar with setting up registration in ACR using the Azure portal or Azure PowerShell, and moving and dragging containers
From here, you can investigate how You can enable container vulnerability scanning with Azure Security Center or enable automation using ACR tasks.