Azure Container Registry

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
14 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
15
Video Transcription
00:00
>> Hello Cybrarians.
00:00
Welcome to Lesson 5.1 of Module 5
00:00
>> of this course titled,
00:00
>> Azure-301: Microsoft Azure Architect Design.
00:00
Here are the objectives that we'll cover in this video.
00:00
We'll start by introducing Azure Container Registry,
00:00
and what exactly this service provides.
00:00
We'll then discuss further concepts of the service.
00:00
I'll show you some nice visualization of
00:00
how the service works and how it does what it does.
00:00
We'll discuss tags and versioning.
00:00
We'll talk about the different SKUs that are available.
00:00
Finally, we'll talk about pricing for the service.
00:00
Let's get into this.
00:00
Let's discuss Azure Container Registry.
00:00
An Azure Container Registry is
00:00
a private docker registry where
00:00
we can store and manage private docker container images.
00:00
An easy way to understand the purpose of the service
00:00
is to refer to the popular Docker Hub service.
00:00
I refer to it as GitHub for containers.
00:00
Docker Hub is a container registry that supports
00:00
open source community and
00:00
serves as a general catalog of images.
00:00
But when you're talking about private organization,
00:00
we probably don't want to be pulling down
00:00
our container images that we use for
00:00
production workloads from
00:00
a public registry like Docker Hub.
00:00
Most likely, we want to host
00:00
approved continent images for
00:00
our organizations privately.
00:00
This is one of the use cases of ACR.
00:00
ACR also has built-in integration with
00:00
many services that runs containers in Azure,
00:00
so that we can easily deploy
00:00
container images to such services.
00:00
Also, the billing option for ACR is flexible.
00:00
It supports daily billing and there are
00:00
different SKUs that we can select,
00:00
and we'll talk about that later in this lesson.
00:00
Let's look at two important ACR concepts.
00:00
The first one is around supported content formats.
00:00
In addition to container images,
00:00
the Azure Container Registry can store
00:00
a wide range of other artifacts.
00:00
That includes docker-compatible container images
00:00
, that's no surprise.
00:00
It also includes any image
00:00
that supports
00:00
the Open Container Initiative specification.
00:00
It also covers OCI distribution specific artifacts,
00:00
and that extends to things
00:00
like docker compose manifest files.
00:00
ACR can also host Helm Charts.
00:00
Helm Chart is a packaging format that's used to
00:00
quickly manage and deploy applications for Kubernetes.
00:00
An easy way to understand Helm Charts is if you
00:00
understand applications like APT on Linux or YAML.
00:00
These applications can be used to easily
00:00
download and deploy applications on Linux.
00:00
It's the same thing with Helm Charts,
00:00
it helps us to be able to easily
00:00
download and deploy applications for Kubernetes.
00:00
Another concept that I want to cover
00:00
is the concept of webhooks.
00:00
ACR supports the use of webhooks to trigger
00:00
events when certain actions take
00:00
place in one of our registry repositories.
00:00
Actually WebHooks can respond
00:00
to events at the registry level,
00:00
or we can even scope them down
00:00
to a specific repository tag.
00:00
Let's look at how we work with ACR.
00:00
The first thing that we need to do is
00:00
to create a container registry,
00:00
and we can do this with the Azure Portal,
00:00
with Azure CLI,
00:00
or with Azure PowerShell.
00:00
We can then use the docker commands to push
00:00
our container images into the registry.
00:00
We can then deploy our images that are stored in
00:00
ACR to services that can run container images.
00:00
The services will pull down and run the images from ACR.
00:00
Let's talk about tags and versioning very quickly.
00:00
When pushing container images
00:00
to our Azure Container Registry,
00:00
we need a strategy for versioning.
00:00
An image tagging is
00:00
an option to achieve versioning of our images.
00:00
When we create our image,
00:00
we can have a tag in the format of a column,
00:00
and an identifier after the image name,
00:00
like what you see on your screen.
00:00
I have the image name as frontend,
00:00
but I have a column and I have the identifier too.
00:00
We can then use this to store
00:00
multiple versions of the same image in ACR,
00:00
which we can then reference
00:00
both the image name and the tag in
00:00
our deployment to pull down
00:00
the version of the image that we want to deploy.
00:00
When we create our registry,
00:00
we need to specify SKU,
00:00
and I'll share with you very quickly
00:00
the differences between the available SKUs
00:00
that we have for ACR.
00:00
The first SKU is the basic SKU.
00:00
It has similar functionalities as the standard SKU,
00:00
so there's no difference in functionality between them.
00:00
The main differentiator between the basic
00:00
understand the SKU is around scale and performance.
00:00
For example, the amount of
00:00
included storage is less in basic,
00:00
it's about 1,000 read operations per minute,
00:00
a 100 write operations per minute,
00:00
30 megabits per second download bandwidth,
00:00
and 10 megabit per second upload bandwidth.
00:00
If we look at the standard,
00:00
it's the same functionalities like what I mentioned,
00:00
but it has more SKU than basic.
00:00
If you look at the amount of
00:00
included storage that's 10 times more,
00:00
if you look at the amount of read operations,
00:00
that's three times more,
00:00
the amount of write operations,
00:00
that's five times more,
00:00
and that's 60 megabits per second download bandwidth
00:00
and 20 megabits per second upload bandwidth.
00:00
Then we have the premium SKU.
00:00
The premium SKU is the SKU that actually has
00:00
functionalities that differs from the audit tool.
00:00
For example, functionalities like geo-replication and
00:00
content trust is only supported for the premium SKU,
00:00
and also it as more SKU than the standard SKU.
00:00
It supports more included storage,
00:00
more read operations per minutes,
00:00
write operations per minute,
00:00
upload and download bandwidths.
00:00
In terms of pricing,
00:00
we mentioned earlier that we can pay per
00:00
day in terms of the flexibility of the pricing,
00:00
and you can see what the pricing costs over there.
00:00
Also, when it comes to geo-replication,
00:00
be aware that if we enable
00:00
geo-replication for the premium SKU ACR,
00:00
that essentially doubles the cost.
00:00
We're going to be paying the cost for
00:00
premium SKU in the region that we're replicating into.
00:00
Also, if we need to get additional storage,
00:00
we can pay for additional storage or gigabits per day.
00:00
It's also important to note that whenever
00:00
we're doing things like geo-replication,
00:00
or whenever we're pulling down images,
00:00
be aware that network bandwidth costs in Azure applies.
00:00
In other words, when data is being transferred outside
00:00
of Azure or data has been
00:00
transferred outside of a region to another region,
00:00
there are certain network bandwidth costs
00:00
that applies to that.
00:00
This brings me to the end of this lesson.
00:00
Thanks very much for watching,
00:00
and I'll see you in the next lesson.
Up Next