Azure CLI #
Install Azure CLI (Linux) #
# Install Azure CLI
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
Login to Azure #
# Login to Azure: Desktop version
az login
# Login to Azure: Server version (Device Code Authentication)
az login --use-device-code
# Shell output: (Open URL in Browser and pose the code)
To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code C2763DNGS to authenticate.
Verify Login #
# List details about current user and subscription
az account show
Container Registry #
Create Resource Group #
# Create resouce group
az group create --name container-playground --location westeurope
Create Container Registry #
# Create Azure container registry (ACR)
az acr create \
--resource-group container-playground \
--name jkwregistry \
--sku Basic
Verify Container Registry #
# List resources in the "container-playground" resource group
az acr list --resource-group container-playground --output table
# Shell output:
NAME RESOURCE GROUP LOCATION SKU LOGIN SERVER CREATION DATE ADMIN ENABLED
----------- -------------------- ---------- ----- ---------------------- -------------------- ---------------
jkwregistry container-playground westeurope Basic jkwregistry.azurecr.io 2024-07-17T12:47:33Z False
Container Registry Authentication #
Create a Service Principal #
Find your Azure subscription ID: https://portal.azure.com/#view/Microsoft_Azure_Billing/SubscriptionsBladeV2
# Create a new service principal for the container registry
az ad sp create-for-rbac \
--name jkwuser \
--scopes /subscriptions/0176a19a-some-subscription.../resourceGroups/container-playground/providers/Microsoft.ContainerRegistry/registries/jkwregistry \
--role acrpush
# Shell output
{
"appId": "2ec0b720-51a0-41f1-b62b-d083daeeec31",
"displayName": "jkwuser",
"password": "L1~8Q~sxzfj5EWqiyDFvwsID9iuzBTsN0Rzwub0m",
"tenant": "30d87815-some-tenant..."
}
Verify the Service Principal #
# Verify the Service Principal user: Syntax
az ad sp show --id <appId>
# Verify the Service Principal user: Example
az ad sp show --id 2ec0b720-51a0-41f1-b62b-d083daeeec31
Example Container Image #
Build Container Image #
# Create a directory for the example application
mkdir example-app
# Create a HTML file
cat << EOF >> "example-app/index.html"
<html>
<body>
<h1>Example App</h1>
<p>Simple Container App </p>
</body>
</html>
EOF
# Create a Dockerfile
cat << EOF >> "example-app/Dockerfile"
FROM httpd:latest
LABEL Owner="Juergen"
COPY index.html /usr/local/apache2/htdocs/
EXPOSE 80
EOF
# Build the container image
cd example-app &&
docker build -t example-app:v1 .
Verify the Container Image #
# Verify the image
docker images
# Shell output
REPOSITORY TAG IMAGE ID CREATED SIZE
example-app v1 a48789bd03b7 About a minute ago 148MB
Test the Container Image #
Optional, test the new container image:
# Test the image: Run container from image
docker run -d --name example-app -p 8080:80 example-app:v1
# Verify the container
curl localhost:8080
Stop and delete the container:
# Stop the container
docker stop example-app
# Delete the container
docker rm example-app
Login to Azure Container Registry #
Use the Service Principal credentials to authenticate to the container registry:
# Login the Azure container registry: Syntax (provide credentials)
docker login jkwregistry.azurecr.io --username APP_ID --password PASSWORD
# Login the Azure container registry: Example (provide credentials)
docker login jkwregistry.azurecr.io --username 2ec0b720-51a0-41f1-b62b-d083daeeec31 --password L1~8Q~sxzfj5EWqiyDFvwsID9iuzBTsN0Rzwub0m
# Shell output:
Login Succeeded
Alternative login:
# Login the Azure container registry: (Ask for credentials)
docker login jkwregistry.azurecr.io
# Username:
2ec0b720-51a0-41f1-b62b-d083daeeec31
# Password:
L1~8Q~sxzfj5EWqiyDFvwsID9iuzBTsN0Rzwub0m
Tag and Push Image #
Tag the image with the fully qualified name of the login server for the Azure Container Registry:
# Tag the container image
docker tag example-app:v1 jkwregistry.azurecr.io/example-app:v1
Push the image to the Azure Container Registry:
# Push the image
docker push jkwregistry.azurecr.io/example-app:v1
Verify Image in Container Registry #
# List container images
az acr repository list --name jkwregistry --output table
# Shell output:
Result
-----------
example-app
# List available tags of the container image
az acr repository show-tags --name jkwregistry --repository example-app --output table
# Shell output:
Result
--------
v1
Pull Image & Run Container #
# Login to Azure container registry
docker login jkwregistry.azurecr.io
# Username:
2ec0b720-51a0-41f1-b62b-d083daeeec31
# Password:
L1~8Q~sxzfj5EWqiyDFvwsID9iuzBTsN0Rzwub0m
Pull the image and run the container from the Azure container registry:
# Run container
docker run -d --name example-app -p 8080:80 jkwregistry.azurecr.io/example-app:v1
# Verify the container
curl localhost:8080
# Stop the container
docker stop example-app
# Remove the container
docker rm example-app
Delete Azure Resources #
Delete Service Principal #
# List Service Principal ID
az ad sp list --display-name "jkwuser" --query "[].appId" --output tsv
# Shell output:
2ec0b720-51a0-41f1-b62b-d083daeeec31
# Delete Service Principal
az ad sp delete --id "2ec0b720-51a0-41f1-b62b-d083daeeec31"
Delete Azure Container Registry #
# Delete the Azure container registry
az acr delete --name jkwregistry --resource-group container-playground --yes
Delete Azure Resource Group #
# Delete the Azure resource group
az group delete --name container-playground --yes --no-wait