Azure Container Registry

In the previous article, we tackled Azure Container Instances Service (aka ACI) and the intricacies surrounding it. This article will present Azure Container Registry (ACR) and how it works cohesively with ACI and AKS.


By the end of this article, you will learn about:

  • Some of the basic Docker components associated with Docker registries.
  • What are container registries.
  • What are the advantages of using private container registries
  • What is Azure Container Registry (aka ACR).
  • When to pick Azure Container Registry over its competitors.

Docker Components Associated with Docker Registries.

The diagram above presents the correlation between the basic docker concepts that you need to understand to be capable of containerizing your applications.

  • Application - An application in the context of Containerization is a piece of software that you want to ship to your production environment to produce business value.
  • Application Environment - An application environment can be defined as the ecosystem that your application need to survive and perform its responsibilities.
  • Docker Build - Docker build is an operation that aims to produce an immutable snapshot of your application and its environment.
  • Docker Image - Docker images are the output of a docker build operation. Docker images are immutable because they are physically frozen and if stored in reliable storages like Azure Container Registry, they can provide immense value to your business by giving you the capability to spin, tear and re-create your application and its environment in a couple of seconds.
  • Docker Push - Docker push is an operation that involves uploading of a Docker Image to a Docker Repository that resides inside Docker Registries.
  • Docker Repositories - A Docker Repository is a collection of Docker images with identical names with different tags.
  • Image Tag - It is basically an identifier that enables you to identify which version of a specific Docker Image.
  • Docker Registry - is a server-side application that enables you to store and distribute Docker Images organized through Repositories.
  • Docker Pull - Docker pull is an operation that enables a Docker Client to download an image from a remote or local registry.
  • Docker Container - A container in the context of Docker is an instance of a Docker Image (your application and its environment snapshot).
  • Docker Run - Is an operation that enables you to instantiate Docker Containers out of Docker Images. If you are a software developer with OOP background, you can compare a Docker Image with a class and a Docker Container with an object.

Container Registries

The diagram above presents the correlation of Docker Registries and the components that reside inside them.

Container registries are basically stateless, highly scalable server side application that enables you to store and distribute docker image repositories (Repositories are collection of docker images with the same name with different tags).

They are generally used to centralize and control the storage of your images. Registries can be grouped into to two types (public and private).

Container registries would usually be integrated with CI/CD pipelines which makes them highly valuable. It is always a good idea to place your Container registries geographically close to your application servers as they speed up deployment time and reduce downtimes associated with application releases.

Why use Private Container Registries?

Public registries like Dockerhub are by all means legit and awesome, But using private registries offer added value as they enable you to:

  • Secure sensitive content inside your images from the public.
  • They allow you to comply to organization and government rules.
  • They decrease the latency factor associated with the transfer of images to your web server if you co-locate them.
  • They allow you to have better integration with your organization's SSO and LDAP

Azure Container Registry (ACR)

Azure Container Registry is a managed Docker registry service based on the open-source Docker Registry 2.0. You can create and maintain Azure container registries to store and manage your private Docker container images.

Using container registries in Azure with your existing container development and deployment pipelines improves the throughput of your release pipeline by reducing the transfer time between the registry and your web-servers (Azure Container Instances, Azure Kubernetes Service, VMs your manually setup for custom containerization purposes).

Use Azure Container Registry Build (ACR Build) to build container images in Azure. Build on demand, or fully automate builds with source code commit and base image update build triggers. ACR basically is the image registry to go especially for very large application releases that requires Docker registries with high elasticity (Large number of various image pulls) during software releases.

When to pick Azure Container Registry over its competitors

If the majority of your software platform resides on Windows Azure, then you definitely have to go with ACR as it provides you better integration (SSO + LDAP) and lower latency levels between your server and registry.

If your platform resides on-prem or in other cloud providers, it would be more sensible to co-locate your Docker Registry with your infrastructure as it provides the same benefits when provisioning applications and registries in Azure.

Related Articles

Get some cool stuff from Amazon to help me fund my articles.


Popular posts from this blog

API Gateway in a Nutshell

API Gateway: Response Aggregation with Ocelot and Core

Building Simple API Gateways with Ocelot and Core

Security: HTTP headers that expose web application / server vulnerabilities