-
Notifications
You must be signed in to change notification settings - Fork 4.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Azure Container Apps as a host option (#1952)
* Update bicep for ACA * First working version * Support workload profile * Add support for CORS and fix identity for openai * Add aca-host * Make acr unique * Add doc for aca host * Update ACA docs * Remove unneeded bicep files * Revert chanes to infra/main.parameters.json * Fix markdown lint issues * Run frontend build before building docker image * remove symlinks and update scripts with paths relative to its own folder instead of cwd * Merge with main.bicep * output AZURE_CONTAINER_REGISTRY_ENDPOINT * Fix deployment with app service * Improve naming and README * Fix identity name and cost esitmation for aca * Share env vars in bicep and update docs * Revert "remove symlinks and update scripts with paths relative to its own folder instead of cwd" This reverts commit 40287f2. * Add containerapps as a commented out host option * Update app/backend/.dockerignore * Apply suggestions from code review * More steps for deployment guide * Update azure.yaml * Update comment * cleanup bicep files and improve docs * Update condition for running in production for credential * Update ManagedIdentityCredential to use UAMI for containerapps --------- Co-authored-by: Pamela Fox <pamela.fox@gmail.com> Co-authored-by: Pamela Fox <pamelafox@microsoft.com>
- Loading branch information
1 parent
8f3abc4
commit 0225f75
Showing
19 changed files
with
730 additions
and
89 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
.git | ||
__pycache__ | ||
*.pyc | ||
*.pyo | ||
*.pyd | ||
.Python | ||
env |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
FROM python:3.11-bullseye | ||
|
||
WORKDIR /app | ||
|
||
COPY ./ /app | ||
|
||
RUN python -m pip install -r requirements.txt | ||
|
||
RUN python -m pip install gunicorn | ||
|
||
CMD ["python3", "-m", "gunicorn", "-b", "0.0.0.0:8000", "main:app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
# Deploying on Azure Container Apps | ||
|
||
Due to [a limitation](https://github.com/Azure/azure-dev/issues/2736) of the Azure Developer CLI (`azd`), there can be only one host option in the [azure.yaml](../azure.yaml) file. | ||
By default, `host: appservice` is used and `host: containerapp` is commented out. | ||
|
||
To deploy to Azure Container Apps, please follow the following steps: | ||
|
||
1. Comment out `host: appservice` and uncomment `host: containerapp` in the [azure.yaml](../azure.yaml) file. | ||
|
||
2. Login to your Azure account: | ||
|
||
```bash | ||
azd auth login | ||
``` | ||
|
||
3. Create a new `azd` environment to store the deployment parameters: | ||
|
||
```bash | ||
azd env new | ||
``` | ||
|
||
Enter a name that will be used for the resource group. | ||
This will create a new folder in the `.azure` folder, and set it as the active environment for any calls to `azd` going forward. | ||
|
||
4. Set the deployment target to `containerapps`: | ||
|
||
```bash | ||
azd env set DEPLOYMENT_TARGET containerapps | ||
``` | ||
|
||
5. (Optional) This is the point where you can customize the deployment by setting other `azd1 environment variables, in order to [use existing resources](docs/deploy_existing.md), [enable optional features (such as auth or vision)](docs/deploy_features.md), or [deploy to free tiers](docs/deploy_lowcost.md). | ||
6. Provision the resources and deploy the code: | ||
```bash | ||
azd up | ||
``` | ||
|
||
This will provision Azure resources and deploy this sample to those resources, including building the search index based on the files found in the `./data` folder. | ||
|
||
**Important**: Beware that the resources created by this command will incur immediate costs, primarily from the AI Search resource. These resources may accrue costs even if you interrupt the command before it is fully executed. You can run `azd down` or delete the resources manually to avoid unnecessary spending. | ||
|
||
## Customizing Workload Profile | ||
|
||
The default workload profile is Consumption. If you want to use a dedicated workload profile like D4, please run: | ||
|
||
```bash | ||
azd env AZURE_CONTAINER_APPS_WORKLOAD_PROFILE D4 | ||
``` | ||
|
||
For a full list of workload profiles, please check [here](https://learn.microsoft.com/azure/container-apps/workload-profiles-overview#profile-types). | ||
Please note dedicated workload profiles have a different billing model than Consumption plan. Please check [here](https://learn.microsoft.com/azure/container-apps/billing) for details. | ||
|
||
## Private endpoints | ||
|
||
Private endpoints is still in private preview for Azure Conainer Apps and not supported for now. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,130 @@ | ||
metadata description = 'Creates or updates an existing Azure Container App.' | ||
param name string | ||
param location string = resourceGroup().location | ||
param tags object = {} | ||
|
||
|
||
@description('The number of CPU cores allocated to a single container instance, e.g., 0.5') | ||
param containerCpuCoreCount string = '0.5' | ||
|
||
@description('The maximum number of replicas to run. Must be at least 1.') | ||
@minValue(1) | ||
param containerMaxReplicas int = 10 | ||
|
||
@description('The amount of memory allocated to a single container instance, e.g., 1Gi') | ||
param containerMemory string = '1.0Gi' | ||
|
||
@description('The minimum number of replicas to run. Must be at least 1.') | ||
@minValue(1) | ||
param containerMinReplicas int = 1 | ||
|
||
@description('The name of the container') | ||
param containerName string = 'main' | ||
|
||
@description('The environment name for the container apps') | ||
param containerAppsEnvironmentName string = '${containerName}env' | ||
|
||
@description('The name of the container registry') | ||
param containerRegistryName string | ||
|
||
@description('Hostname suffix for container registry. Set when deploying to sovereign clouds') | ||
param containerRegistryHostSuffix string = 'azurecr.io' | ||
|
||
@allowed(['http', 'grpc']) | ||
@description('The protocol used by Dapr to connect to the app, e.g., HTTP or gRPC') | ||
param daprAppProtocol string = 'http' | ||
|
||
@description('Enable or disable Dapr for the container app') | ||
param daprEnabled bool = false | ||
|
||
@description('The Dapr app ID') | ||
param daprAppId string = containerName | ||
|
||
@description('Specifies if the resource already exists') | ||
param exists bool = false | ||
|
||
@description('Specifies if Ingress is enabled for the container app') | ||
param ingressEnabled bool = true | ||
|
||
@description('The type of identity for the resource') | ||
@allowed(['None', 'SystemAssigned', 'UserAssigned']) | ||
param identityType string = 'None' | ||
|
||
@description('The name of the user-assigned identity') | ||
param identityName string = '' | ||
|
||
@description('The name of the container image') | ||
param imageName string = '' | ||
|
||
@description('The secrets required for the container') | ||
@secure() | ||
param secrets object = {} | ||
|
||
@description('The keyvault identities required for the container') | ||
@secure() | ||
param keyvaultIdentities object = {} | ||
|
||
@description('The environment variables for the container in key value pairs') | ||
param env object = {} | ||
|
||
@description('Specifies if the resource ingress is exposed externally') | ||
param external bool = true | ||
|
||
@description('The service binds associated with the container') | ||
param serviceBinds array = [] | ||
|
||
@description('The target port for the container') | ||
param targetPort int = 80 | ||
|
||
@allowed(['Consumption', 'D4', 'D8', 'D16', 'D32', 'E4', 'E8', 'E16', 'E32', 'NC24-A100', 'NC48-A100', 'NC96-A100']) | ||
param workloadProfile string = 'Consumption' | ||
|
||
param allowedOrigins array = [] | ||
|
||
resource existingApp 'Microsoft.App/containerApps@2023-05-02-preview' existing = if (exists) { | ||
name: name | ||
} | ||
|
||
module app 'container-app.bicep' = { | ||
name: '${deployment().name}-update' | ||
params: { | ||
name: name | ||
workloadProfile: workloadProfile | ||
location: location | ||
tags: tags | ||
identityType: identityType | ||
identityName: identityName | ||
ingressEnabled: ingressEnabled | ||
containerName: containerName | ||
containerAppsEnvironmentName: containerAppsEnvironmentName | ||
containerRegistryName: containerRegistryName | ||
containerRegistryHostSuffix: containerRegistryHostSuffix | ||
containerCpuCoreCount: containerCpuCoreCount | ||
containerMemory: containerMemory | ||
containerMinReplicas: containerMinReplicas | ||
containerMaxReplicas: containerMaxReplicas | ||
daprEnabled: daprEnabled | ||
daprAppId: daprAppId | ||
daprAppProtocol: daprAppProtocol | ||
secrets: secrets | ||
keyvaultIdentities: keyvaultIdentities | ||
allowedOrigins: allowedOrigins | ||
external: external | ||
env: [ | ||
for key in objectKeys(env): { | ||
name: key | ||
value: '${env[key]}' | ||
} | ||
] | ||
imageName: !empty(imageName) ? imageName : exists ? existingApp.properties.template.containers[0].image : '' | ||
targetPort: targetPort | ||
serviceBinds: serviceBinds | ||
} | ||
} | ||
|
||
output defaultDomain string = app.outputs.defaultDomain | ||
output imageName string = app.outputs.imageName | ||
output name string = app.outputs.name | ||
output uri string = app.outputs.uri | ||
output id string = app.outputs.id | ||
output identityPrincipalId string = app.outputs.identityPrincipalId |
Oops, something went wrong.