Open in app

Sign in

Write

Sign in

Deploy an application in Azure Container Instances (ACI) using Azure Resource Manager (ARM) templates

Vikash Kumar
Nerd For Tech
Published in
5 min readDec 21, 2021
banner

Containers have become the preferred way to package & deploy cloud applications. Azure’s Container Instances (ACI) brings a minimal orchestration alternative to their Kubernetes Service (AKS), which can be ideal for small & mid-sized applications.
Similarly, automated and bug-free provisioning of cloud resources has lead to rising need for Infrastructure as Code (IaC). ARM (IaC) templates brings in robust capabilities for managing Azure cloud resources.
Today, I will guide you to deploy your application in ACI using ARM.

This post is divided into 3 sections.
Section#1 talks about dockerizing an (NodeJs) application;
Section#2 will help you to create an Azure Service Principal;
Section#3 will walk you through the steps to deploy your docker image to Azure Container Instances.

Section#1: Dockerize an application

In this section, I will dockerize an existing NodeJs application, create a docker image of it and verify that it works perfectly in local. Skip this section if your application is already dockerized.

Step#1: Add Dockerfile to your application

I have a NestJs application which I am Dockerizing. This application launches at port 80 by default. Adding a Dockerfile to build image.

Step#2: Verify in local

Build & run the docker image in local and verify that it works fine.

$ docker build -t hello-world:1.0.0 .
$ docker run -p 80:80 hello-world:1.0.0
Works in local

Section#2: Create Azure Service Principal

This Section will guide you though creating a Resource Group scoped Service Principal. These secrets will then be used to authenticate to Azure CLI. Feel free to skip this section if you already have completed these steps.

Step#1: Install Azure CLI in your local

We will be creating all the resources using Azure CLI and is mandatory to be installed in your local machine before moving forward.
Use this link to download Azure CLI.

Step#2: Login to Azure CLI interactively

$ az login --tenant <tenant_id>

If you associate with a single tenant then the tenant argument can be avoided. Otherwise, replace <tenant_id> in the command with your Azure Tenant ID and run in terminal. Azure CLI will use your default browser to log you in.

Step#3: Create a resource group

A resource group is a logical collection of resources in Azure.

$ az group create -l centralindia -n TestGroup

Create a resource group with a name and location of your choice. I am creating ‘TestGroup’ in ‘centralindia’.

Step#4: Create a Service Principal

An Azure service principal is an identity created for use with applications, hosted services, and automated tools to access Azure resources. It assumes some roles within which it can take actions.
To create a service principal, make sure that you have enough permissions (Application Administrator) or your tenant owner has allowed any user to register application.

$ groupId=$(az group show --name TestGroup --query id --output tsv)
$ MSYS_NO_PATHCONV=1 az ad sp create-for-rbac --name TestApp --role contributor --scope $groupId --sdk-auth

In the first command, use the name of your resource group you created in the previous step.
Put the name of the service principal in the second command of your choice. I have named it ‘TestApp’.

Save the JSON of the service principal generated by Azure.

Section#3: Deploy your image to ACI

This section uses Azure CLI, ARM templates to deploy your locally built image to ACI.

Step#1: Login though service principal

Login to Azure through service principal. Replace the <client_id>, <client_secret> with the clientId, clientSecret generated for service principal above.

$ az login — service-principal -u <client_id> -p <client_secret> --tenant <tenant_id>

Step#2: Create a Container Registry (ACR)

Provide a name of your choice to create a new ACR using the command below.

$ az acr create --resource-group TestGroup --name testgroupregistry --sku Basic

Step#3: Build and push to the created registry

In this step, we will build a docker image locally, tag it and push it to the created ACR. Before pushing to ACR, we must login to it.

$ docker build . -t hello-world:1.0.0
$ docker tag hello-world:1.0.0 testgroupregistry.azurecr.io/samples/hello-world:1.0.0
$ az acr login --name testgroupregistry
$ docker push testgroupregistry.azurecr.io/samples/hello-world:1.0.0
Build & push docker image

Step#4: Create an ARM template for ACI

Create an ARM template in bicep format for creating an ACI at ‘<git_repo>/infra/aci.bicep’ with the following content.

Step#5: Create an ACI

Run the command below in your repository’s root to create an ACI and deploy the generated docker image.
Note: The ACI can access the ACR image only through service principal credentials. Hence, replace the <client_id>, <client_secret> with the clientId, clientSecret generated for service principal above.

$ az deployment group create --resource-group TestGroup --template-file infra/aci.bicep --parameters name=helloworlddev image=testgroupregistry.azurecr.io/samples/hello-world:1.0.0 registryServer=testgroupregistry.azurecr.io clientId=<client_id> clientSecret=<client_secret> dnsNameLabel=helloworlddevtest port=80
Deploy

Step#8: Verify

Login to Azure Portal, Navigate to the created container instance, Locate the FQDN and browse.

Codebase:
https://github.com/sharmavikashkr/azure-test

Docker
Azureresourcemanager
Azure
Bicep
Containers

--

--

Vikash Kumar
Nerd For Tech

Written by Vikash Kumar

73 Followers
Writer for

A passionate coder, technology enthusiast, tutor and continually falling in love with JavaScript. Currently exploring latest JS frameworks and Flutter.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams