11/24/2024 Admin

DotNet Aspire: Publishing to an Existing Azure Container Registry


When working with Microsoft Azure Aspire, ensuring your deployment aligns with your organizational standards and project needs is crucial. One common scenario is deploying Aspire projects into an existing Azure Resource Group instead of creating a new one with default naming conventions.

Deploying a Microsoft Aspire application to Azure involves a streamlined three-step process. First, developers build the Aspire application in Visual Studio, which produces an image file. This image is then pushed to the Azure Container Registry, ensuring it’s securely stored and easily accessible. The final step involves creating a container from the stored image within the Azure Container Registry and deploying this container to the Azure Container Apps Environment.

The container instance delivers the application to the end-users. This process not only ensures efficient deployment but also leverages the robust capabilities of Microsoft Azure for scalable and reliable application management.

 

Why Choose This Approach?

The official Microsoft documentation describes a method to perform these steps. However, it creates objects that have weird names and doesn’t allow you to deploy multiple Aspire applications to the same Azure objects. Instead, we can create the Azure objects in advance and use them instead.

The reason for doing this is:

  • Control Over Naming Conventions
    The default Azure Aspire deployment using the azd Command Line Interface (Azure Developer CLI), generates names that are functional but lack the clarity or consistency your team might need. By deploying Aspire projects into an existing Azure Resource Group, you can ensure that resource names reflect your chosen structure, improving maintainability and ease of identification.

  • Consolidated Management for Multiple Aspire Projects
    Many organizations run multiple Aspire projects. Deploying these projects into a shared Azure Resource Group simplifies resource management and enables efficient cost tracking, role assignments, and monitoring.

By following this approach, you maintain control, streamline operations, and ensure your Azure environment is tailored to your specific needs. This post will guide you through the steps to deploy Microsoft Azure Aspire to an existing Azure Resource Group, Azure Container Registry, and Azure Container Apps Environment.

 

Create The Azure Resource Group and Objects Manually

image

The best way to understand what the normal publishing process does is to set it up ourselves manually. This will also allow us to give all the objects names that make sense.

Go to: https://portal.azure.com/ and log in with an Administrator account.

 

Create a Resource Group

image

Select Resource groups and then select the Create button.

 

image

Give the resource group a name that begins with RG- (at this time, for all this to work, this is required) .

 

Create a Container Registry

image

Click Create a resource.

 

image

Search for Container Registry and click Create.

 

image

Ensure you select the resource group you just created, give the registry a name, and click Review + create, then the Create button.

 

image

When the deployment is complete, click the button to Go to the resource.

 

Create a Azure Container Apps Environment

image

In order to create a Container Apps Environment you must first create a Container. To create a Container, you deploy a image from the container registry.

Click the Quick start link, and follow the directions to install Docker, and push the hello-world image to your container registry (Note: Using PowerShell to do this is recommended).

 

image

Note: You will need to first click Access keys and click the Admin user check box to create a Username and password that you will need to access the container registry from Docker.

 

image

After you have pushed the image to your container registry, you will see it when you click on Repositories.

We will now create a container and that will consume this image.

 

image

Select the Create a resource button, search for Container App and click Create.

 

image

On the Create Container App screen, select the existing resource group, give the container app a name, and click the Create new button for Container Apps Environment.

 

image

Give the Container Apps Environment a name and click Create.

 

image

This will return you to the main screen, click the Next: Container button.

 

image

Select the existing image and click the Next: Ingress button.

 

image

Enable Ingress, accepting traffic from anywhere, and click the Review + create button.

 

image

On the next screen click the Create button.

 

Create a Managed Identity

image

We will now create a Managed Identity that will be used by the Azure Developer CLI to push the Docker image into the registry.

Select the Create a resource button, search for User Assigned Managed Identity and click Create.

 

image

Given a name that begins with mi- , and click the Review + create button.

 

image

Click the Create button.

 

image

After it is created click the Resource groups link.

 

image

Select the resource group.

 

image

This will always bring you to the best place to manage all the Azure objects that are part of the resource group.

Important: When deploying from Aspire, this is the root of the deployment, and the environment name that it will use, will be the name of your resource group without the “RG-“ part.

 

image

Click on the container registry.

 

image

Select Access control (IAM), and select Add, then Add role assignment.

 

image

Select AcrImageSigner and click Next.

 

image

Select the the Managed Identity you created earlier.

 

image

Click Review+assign.

 

image

Repeat the process until you have assigned it the following roles: acrpull, acrpush, acrimagesigner.

 

image

Navigate to the Identity page, select the User assigned tab, click Add, and assign the Managed Identity you created earlier.

 

image

We now have our Azure objects created with names that make sense and we can use these objects for all our deployments.

 

Create The Aspire Application

Now that Azure is fully set-up, we can now create an application using Aspire and deploy to Azure.

This is a step-by-step breakdown of the process:

 

  1. Build Aspire Application in Visual Studio:

    • Start by developing your Aspire application in Visual Studio.

  1. Create an Image:

    • Once the application is built, create a Docker image of the application. This image encapsulates the application and its environment, making it portable and ready for deployment.

  1. Push Image to Azure Container Registry:

    • After creating the image, push it to the Azure Container Registry. This step involves authenticating with Azure and using the Azure Developer CLI to upload the image to your Azure Container Registry.

  1. Create Container from Image in Registry:

    • With the image now in the Azure Container Registry, create a container instance from this image.

  1. Deploy Container to Azure Container Apps Environment:

    • Finally, deploy the created container to the Azure Container Apps Environment. This step ensures that your application is running in a managed environment, allowing for scaling and management of resources.

 

image

Using the latest Visual Studio 2022 (or higher), create an Aspire application.

 

image

Ensure that it builds and runs locally.

At this point your have completed the following steps:

  1. Build Aspire Application in Visual Studio

  1. Create an Image

 

Deploy The Aspire Application To Azure

What is "azd"? | Awesome Azure Developer CLI

We will deploy the application using the Azure Developer CLI. You can install Azure Developer CLI using this documentation.

 

image

In Visual Studio, right-click on the AppHost project and select Open Folder in File Explorer.

 

image

This will open the folder in File Explorer. In the address bar, click on it.

 

image

Type CMD and press the Enter key.

 

image

This will put you on the command window, in the correct location, and allow you to use the Azure Developer CLI to deploy the application to Azure.

 

image

Type azd auth login and press Enter.

 

image

A web browser window will open and ask you to log into your portal.azure.com administrator account.

 

image

Return to the command window and type azd init and press Enter.

 

image

A list of options will display, press Enter to select Use code in the current directory.

 

image

It will scan the AppHost project, discovering all the parts of the Aspire application.

 

image

Press Enter to select Confirm and continue initializing my app.

 

image

You will now be prompted to enter an environment name.

Important: Enter the name of your existing Azure resource group without the beginning “RG-“ part.

(In my case my Azure resource group is called RG-AspireEnvironment, so I simply enter AspireEnvironment and press Enter).

 

image

The environment is set-up and ready for deploy.

 

Update the Environment (.env) File

image

Navigate to the .azure folder that was just created.

 

image

We open the environment folder.

 

image

 

We then open the .env file in notepad.

The AZURE_ENV_NAME will be the only environment value set.

Add the following lines:

AZURE_LOCATION=""
AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN=""
AZURE_CONTAINER_APPS_ENVIRONMENT_ID=""
AZURE_CONTAINER_APPS_ENVIRONMENT_NAME=""
AZURE_CONTAINER_REGISTRY_ENDPOINT=""
AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID=""
AZURE_CONTAINER_REGISTRY_NAME=""
AZURE_LOG_ANALYTICS_WORKSPACE_NAME=""
AZURE_SUBSCRIPTION_ID=""
MANAGED_IDENTITY_CLIENT_ID=""
MANAGED_IDENTITY_NAME=""

We now need to update the values…

 

image

On the Resource group page, in the Azure portal, you can get:

  • AZURE_SUBSCRIPTION_ID (Subscription ID)

 

image

In the list of objects in the Resource group (available when you click the Overview tab), you will see that a Log Analytics workspace has been created when we created the Container App.

Use this name for:

  • AZURE_LOG_ANALYTICS_WORKSPACE_NAME

 

image

Go to Container Apps Environment.

 

image

Click on the JSON button to get:

  • AZURE_CONTAINER_APPS_ENVIRONMENT_DEFAULT_DOMAIN (defaultDomain)
  • AZURE_CONTAINER_APPS_ENVIRONMENT_ID (id)
  • AZURE_CONTAINER_APPS_ENVIRONMENT_NAME (name)

 

image

 

On this page you can also get:

  • AZURE_LOCATION

 

image

Go to Container Registry.

 

image

Click on the JSON button to get:

  • AZURE_CONTAINER_REGISTRY_ENDPOINT (loginServer)
  • AZURE_CONTAINER_REGISTRY_NAME (name)

 

image

Go to Managed Identity.

 

image

Click on the JSON button to get:

  • MANAGED_IDENTITY_CLIENT_ID (clientId)
  • MANAGED_IDENTITY_NAME (name)
  • AZURE_CONTAINER_REGISTRY_MANAGED_IDENTITY_ID (id)

 

IMPORTANT: SAVE the values in another file because they will be overwritten in the next step, and you will need to paste them in again.

 

Deploy To Azure

At this point we put the values in the .env file so that our desired Resource group will be used.

 

image

Return to the command window and type azd provision and press Enter.

 

image

It will create an environment and add a bunch of Azure objects we don’t want…

 

image

We also see them in the Azure portal.

Check them…

image

.. and click the Delete button to delete them.

(Note: This may take some time to complete. You can continue but you may still see these objects for 20 minutes)

 

image

You will also see that the .env file has been updated to point to the Azure objects we just deleted.

Replace the entire contents of the .env file with the values we created earlier.

 

image

Return to the command window and type azd deploy and press Enter.

 

image

It will deploy the Aspire application.

 

image

When we look in the Azure portal we see the new elements have been deployed from the Aspire solution.

 

image

If we go into our Azure Container Registry

 

image

We see the images have been properly deployed to the correct place.

 

image

If we go into our Azure Container Apps Environment

 

image

We see the containers have been properly deployed to the correct place.

 

image

If we select a container…

 

image

…and navigate to it…

 

image

Everything will work as intended.

 

Performing Updates

  • Run azd deploy to update Azure with the latest changes at any time
  • If you only wanted to deploy one part of the application, like the frontend project, you could use a command like: azd deploy webfrontend
  • Do not run azd provision again, it will wipe out the values

 

Links

 

An unhandled error has occurred. Reload 🗙