Integrating Azure Container Registry for Container Image management

  • Article

As part of our Enterprise readiness for the Container based program, one key component is to integrate with a Container Registry (in our case the Azure Container Registry) which is a private repository of you Docker based Container Images. Integrating ACR into your CI/CD process further helps creating a secure End-End dev-ops model for Enterprise readiness.

What is a Container Registry?

Azure Container Registry is a managed Docker registry service based on the open-source Docker Registry 2.0. Create and maintain Azure container registries to store and manage your private Docker container images. Use container registries in Azure with your existing container development and deployment pipelines, and draw on the body of Docker community expertise. Some of the Advantages to ACR over other registries are below, for more details visit https://azure.microsoft.com/en-us/services/container-registry/:

  • Manage different types of Containers
  • Provides a private Repo accessible only to your Org
  • Repo instance available in same region/Datacenter as your data hence reducing latency

Key Concepts

  • Registry - Create one or more container registries in your Azure subscription. Each registry is backed by a standard Azure storage account in the same location. A fully qualified registry name has the form myregistry.azurecr.io.
  • Managed Registry - A tier that offers additional capabilities for registries in three SKUs - Basic, Standard, and Premium. The images in these SKUs are stored in Storage Accounts managed by the Azure Container Registries service, which improves reliability and enables new features.
  • Repository - A registry contains one or more repositories, which are groups of container images. Azure Container Registry supports multilevel repository namespaces. This feature enables you to group collections of images related to a specific app, or a collection of apps to specific development or operational teams. For example:
    rtrappscontainerregistry.azurecr.io/[Offerin]/[ServiceLine]/[Service]/[App Name]:[Build ID]
  • Image - Stored in a repository, each image is a read-only snapshot of a Docker container. Azure container registries can include both Windows and Linux images. You control image names for all your container deployments. Use standard Docker commands to push images into a repository, or pull an image from a repository.

Steps to Create ACR

1) Login to Azure Portal https://portal.azure.com/
2) Click on “+”
3) Select ‘Azure container registry’ then Select it

4) In the ‘Azure Container Registry’ blade, enter the following information. Then click on ‘Create’
a) Registry name: A globally unique top-level domain name for your specific registry. In this example, the registry name is ‘myazurecontainerregistry1’, but substitute a unique name of your own. The name can contain only letters and numbers.
b) Resource group: Select an existing resource group or type the name for a new one.
c) Location: Select an Azure datacenter location where the service is available, such as South Central US.
d) Admin user: If you want, enable an admin user to access the registry. You can change this setting after creating the registry.

Steps to pull and push an image in Azure Container Registry
1) Open PowerShell shell as Administrator
2) Run below command to login to Azure Container Registry

docker login myazurecontainerregistry1.azurecr.io -u demouser -p myPassword

3) Create a tag of the image to be pushed into Azure Container Registry

The following command creates an alias of the image, with a fully qualified path to your registry.

docker tag myApp myazurecontainerregistry1.azurecr.io/samples/myApp
4) Push the image to your Azure Container Registry

docker push myazurecontainerregistry1.azurecr.io/samples/myApp

5) Pull the image from Azure Container Registry

docker pull myazurecontainerregistry1.azurecr.io/samples/myApp