Another container service?
Recently Microsoft released a new container service called Azure container apps. Those familiar with Azure should know that the platform already supports containers in numerous forms.
AKS
Pros
Need full orchestration of containers then use AKS and managed service.
Provides full Kubernetes feature set, integrated into Azure control plane services such as Azure AD with support for other services such as Managed identity, Azure policies and fault tolerance via clusters that span Azure zones.
Cons
Still requires a lot of good design and planning to meet your project requirements. Kubernetes is complex and has many moving parts, extensions (Ingress, Services, Pods, Operators, CRDs..)
Azure Web App for containers
Pros
PaaS driven container service. Get started easily by using Docker containers for existing legacy Web applications that can be containerised. Concentrate on your applications and business logic without thinking about the concerns of a full blown orchestrator such as Kubernetes.
Cons
Multi container support still in preview, auto slot swap feature missing.
ACI
Pros
Need to experiment, build small task automation, simple web apps, ephemeral build agents, fast start up times. I have used it to build a Jenkins instance with slaves and it is fast to start up the containers.
Cons
No support for TLS/SSL. Bring your own TLS/SSL through a side car proxy.
Container Apps – Currently in preview
Azure container app is in currently in preview so expect more features to evolve as users provide feedback.
Interesting architecture
Azure container apps actually runs on top of Kubernetes. In terms of layers it is essentially a AKS cluster with a KEDA and Dapr layer on-top. As far as end user it exposes a simple control plane to develop your container apps against.
In a way it is similar to Google Cloud run which itself is built on using KNative.
Some key features that I found that distinguish it from Azure container instances:
- Support for TLS/SSL ingress – via Json (again seems to abstract the Kubernetes ingress away)
- Support for any KEDA event (https://keda.sh/docs/2.5/scalers/)
- Dapr support
Features not available
Whenever a new feature in Azure is announced i always think of customer requirements where PaaS and serverless will cause an issue in terms of private networking requirements. Looking at the forum below it seems that the Azure container apps product team are thinking about this scenario:
Infrastructure as Code
Natively you can build Azure container apps in Azure using Bicep (next generation ARM templates)
Here is a code repo to look at:
In terms of terraform there is currently no resource. But there is a submission on Github for the azure provider:
https://github.com/hashicorp/terraform-provider-azurerm/issues/14122
Summary
In summary this service is its early days. However its use case is quite clear. Allow developers to start using Kubernetes (without actually installing it) by providing a platform on top of it.
Look out for my next blog post where I demo an application using Dapr and Azure container apps.
The Cloud Native Blog 