Q&A

Living the Container Life in Azure with Esteban Garcia

With containers taking over the Azure cloud-native development space, the first thing organizations new to the scene need to do is understand how they work.

The second thing to do is think about how best to run them in Azure.

For the latter, cloud-native expert Esteban Garcia is on hand to explain all the various options, their various pros and cons and learning curves.

The CEO of Xpirit USA will share his expertise about working with Kubernetes (AKS) and Azure Container Apps, along with running containers within an App Service, in an upcoming session at the big five-day Visual Studio Live! developer conference being held at Microsoft HQ in Redmond, Wash., July 17-21.

Azure Kubernetes Service
[Click on image for larger view.] Azure Kubernetes Service (source: Microosft).

Speaking of his July 20 presentation titled "Living the Container Life in Azure," Esteban said, "Hosting and maintaining containers in Azure can be complicated and understanding the choices that you have and when to apply them, will make your development and operations easier. We will spin up containers within each of these Azure services as part of this session."

Specifically, attendees will learn:

  • About container deployment and operations
  • Understand Azure Container Apps
  • Deploy and run containers with AKS

To learn more, we caught up with Esteban for a short Q&A.

VisualStudioMagazine: What are the primary benefits of using containers for application development and deployment?
Garcia: Containers offer consistency, efficiency and agility, making them a great choice for modern software development and deployment practices. Containers are like self-contained packages that hold everything an application needs to run.

"Imagine a container as a small virtual computer that has the application, its dependencies (like libraries and frameworks) and all the necessary settings and configurations neatly packaged inside."

Esteban Garcia, CEO, Xpirit USA

Imagine a container as a small virtual computer that has the application, its dependencies (like libraries and frameworks) and all the necessary settings and configurations neatly packaged inside.

They offer several benefits, and in my opinion, the most important ones are:

  • Portability: One of the great things about containers is that they can work on different types of computers and environments, like your own laptop, a server or even a cloud platform. This means you don't have to worry about whether your application will work properly when you move it from one place to another.
  • Isolation: Containers also help make applications more reliable and secure. Each container is isolated from others, so if something goes wrong with one application, it won't affect the others. It's like having separate rooms for different tasks, so they don't interfere with each other.
  • Scalability: Another advantage is that containers are really fast and efficient. They start up quickly, so you don't have to wait long to use your application. They also use resources efficiently, meaning they don't waste a lot of memory or processing power. You can easily scale containers up and down, based on demand.
  • Fast Deployment and Consistency: Containers make it easier to develop and deploy applications. You can build an application in a container and then share it with others, knowing they'll have the same setup and environment. It's like giving someone a ready-to-use package that contains everything they need to run your application without any surprises.
  • Versioning: If you need to update your application or fix a bug, containers make it easy to do that too. You can create different versions of your application and switch between them easily. If something goes wrong with a new version, you can quickly switch back to a previous version without much trouble.

Inside the Session

What: Living the Container Life in Azure

When: July 20, 8 a.m. - 9:15 a.m.

Who: Esteban Garcia, CEO at Xpirit USA

Why: Containers are taking over! And once you get a handle on how containers actually work and containerizations concepts, it's time for you to think about how you will run them in Azure.

Find out more about Visual Studio Live!, taking place July 17-21 in at Microsoft HQ in Redmond, WA

How do you choose the best Azure service for your container needs?
Azure gives you a lot of choices when it comes to deploying your containers. It's important to evaluate your specific requirements, capabilities and constraints to select the best Azure service that fits your needs.

You want to try to find the right balance between ease of use, scalability, manageability and cost. There's no perfect solution for every use case and every team

Some things to consider:

  • Orchestration: Consider Azure Kubernetes Service (AKS) if you need to manage a large number of containers across multiple hosts and ensure high availability, scalability and automated management.
  • Managed Platform: Managing the underlying infrastructure requires a set of skills and responsibilities that may not always fit your scenario. For those cases, Azure Container Apps or Azure Container Instances (ACI) are a good choice.
    • Azure Container Apps give you a fully managed experience, while letting you build Kubernetes-style applications that don't require direct access to all the native Kubernetes APIs and cluster management.
    • ACI allows you to run containers quickly and easily without worrying about managing the infrastructure. It is ideal for scenarios that require short-lived containers or burstable workloads. ACI does not provide scale, load balancing, or certificates.
  • Serverless Execution: If you want to run containers in a serverless fashion, where you only pay for the actual usage and don't have to manage the infrastructure at all, Azure Functions with the Docker container runtime might be the way to go. Azure Functions enables you to run individual functions in containers, allowing you to focus on writing code without worrying about the underlying infrastructure.
  • Web Apps: If you are looking for a fully managed solution that is optimized to run web applications, you may want to pick Azure App Service.

What are the main differences between Azure Kubernetes Service, Azure Container Apps and Web App for Containers?
AKS is a fully managed Kubernetes service for advanced container orchestration. Azure Container Apps is a serverless event-driven platform for running containers. It provides you with similar functionality as AKS, without the need to access or master native Kubernetes functionality. Web App for Containers is a managed service for hosting and scaling containerized web applications. The choice between them depends on the specific requirements and characteristics of your application, such as scalability, orchestration needs, event-driven architecture and hosting type (web app or general-purpose container workload).

How complicated is it to use Azure Container Apps with serverless containers?
Azure Container Apps abstracts away the underlying infrastructure and container orchestration complexities, allowing you to focus on defining event-driven workflows and running your containerized application in a serverless manner. Typically, you would follow these steps to use Azure Container Apps:

  • Containerize your application
  • Create an Azure Container Apps Resource
  • Define an application withing Azure Container Apps
  • Configure Event Sources and Triggers
  • Specify Environment Variables and Secrets
  • Deploy and monitor

How do you use Dapr to build microservices with Azure Container Apps?
Azure Container Apps handles the deployment and management of the containers, while Dapr provides the runtime and features for building microservices. Together, they enable you to develop distributed applications with ease, leveraging the benefits of containers and the capabilities of Dapr.

You start by containerizing your microservices using Docker. You would then incorporate Dapr into your microservices by including Dapr sidecar containers alongside each microservice container. The Dapr sidecar provides capabilities such as service-to-service communication, state management, pub/sub messaging and more. The Dapr sidecar runs alongside your microservice container, allowing your microservices to interact with the Dapr runtime.

Next, you can define bindings and components in the Dapr configuration files for each microservice. Dapr bindings enable communication with external resources, such as databases, message queues, or storage systems. Dapr components define how your microservices interact with these external resources. If you need to enable communication between microservices, you can use Dapr's service invocation and pub/sub capabilities.

Most applications will need to handle state management. You can use Dapr's state management features to store and retrieve state.

Finally, you will need to deploy your microservices with Dapr sidecars using Azure Container Apps. You can define your microservices, including the Dapr sidecars, event triggers and bindings, within the Azure Container Apps configuration.

How do you enable HTTPS or TCP ingress and secure internal endpoints with Azure Container Apps?
HTTPS ingress allows you to securely handle incoming web traffic. You can associate your custom domain with Azure Container Apps and configure it to handle HTTPS requests. You'll need an SSL certificate, which you can obtain from a trusted certificate authority or manage with Azure Key Vault. By defining routing rules, you can ensure that incoming HTTPS traffic is directed to the appropriate container applications.

Sometimes you have applications that communicate over non-web protocols like TCP. You'll need a public IP address, and then you can define TCP routing rules to map incoming traffic to the correct container applications based on the specified TCP port.

Azure Container Apps provides features to ensure that your container applications communicate privately and securely within a network. You can integrate Azure Container Apps with an Azure Virtual Network (VNet) using VNet Integration. This allows your container applications to communicate privately within the VNet. For even stronger security, you can use Azure Private Link to create a private endpoint, establishing a private network connection for accessing your container applications. You can also leverage Network Security Groups (NSGs) to provide network-level access control, allowing you to define rules to restrict inbound and outbound traffic to your container applications.

Note that those wanting to attend Garcia's session who register for the VSLive! event by Friday, June 23, can save hundreds of dollars according to the event pricing page.

About the Author

David Ramel is an editor and writer at Converge 360.

comments powered by Disqus

Featured

Subscribe on YouTube