Many organizations and developers are choosing to containerize their applications, taking advantage of benefits such as portability (“build once, run anywhere”), isolation, and security. This often leads to organizations choosing Kubernetes, the world’s leading container orchestrator, for hosting. Azure Kubernetes Service (AKS) is a managed Kubernetes platform that provides ease of cluster creation, a managed control plane, and automated host OS upgrades. Still, the learning curve of Kubernetes is steep, and significant DevOps and operational overhead remain. What if we could get all the benefits of running containers in Kubernetes without all the complexity? Enter Azure Container Apps.
What are Azure Container Apps?
Azure Container Apps is a serverless platform for running containerized applications that provides features such as:
- Private VNets and managed ingress
- Granular, flexible autoscaling with KEDA
- Built-in observability
- Built-in revision management and green/blue deployments
Container Apps runs on AKS under the hood, but you don’t need to manage the underlying infrastructure. Think of it as running your containers in Kubernetes, but with Microsoft operating the clusters. Here is an example architecture for Azure Container Apps:
Container App Environments
Similar to Azure App Service Environments, a Container App Environment provides a secure boundary around a set of container apps, and this is where you define the environment type and plan. Container apps deployed to an environment also share the same networking boundaries and log to the same logging destination.
Ready for Prime Time
Azure Container Apps became generally available in May 2022. Since then, it has been maturing and gaining features. One feature in particular that I have been following is end-to-end encryption in a Container Apps Environment, as requested in this GitHub issue. It is now a feature that can be enabled in your Container Apps Environment. Container Apps also support Managed Identity for secret-free access to Azure resources like Key Vault. Microsoft has also recently added support for Job workloads.
See it in Action
The azure-container-apps-mtls repo has a demo with a UI service and an order service that the UI calls. It includes instructions to build the container images, set up an Azure Container Apps environment with mTLS enabled, deploy the container apps, and give it a test drive.
Then learn more about ACA by exploring Microsoft’s Azure Container Apps documentation.
In Conclusion
For cases where you need access to the Kubernetes API and more control over your clusters and deployments, the managed Kubernetes service provided by AKS remains an excellent choice. But when you do not, Azure Container Apps gives you the best of Kubernetes in a serverless platform without the complexity.