Azure Friday: Best practices for Azure Container Instances (ACI) with GitHub Actions

Jessica Deen

Jessica

What are Azure Container Instances?

Azure Container Instances (ACI) allow for a quick, simple, and cost effective way to run serverless containers in production. ACI is a GA (generally available) service for hosting serverless containerized workloads​, including ETL (Extract, Transform, Load) pipelines, serverless batch jobs, and API microservices.

What are container best practices?

  • Avoid pulling from public container registries for production
  • In production, only use approved container images
  • Use specific version tags rather than latest
  • Avoid allowing the container to run as root; enforce least privileged
  • Use container scanning tools to detect vulnerabilities, as well as ensure there aren’t any CIS (Center for Internet Security) Benchmark violations.

How hard is it to use GitHub Actions with container best practices AND Azure Container Instances?

Azure Container Instances integrates easily with CI/CD tools such as GitHub Actions, Azure Devops, and even 3rd party tools like Jenkins. In this demo, we use GitHub Actions due to the simplicity of configuration as well as the locality of where our code is hosted. GitHub Actions in particular makes it easy to follow these best practices in a developer friendly automated workflow.

Using continuous integration and continuous delivery as part of your workflow helps you increase development velocity​, minimizes risk for human-error in config files​, and allows you to integrate and codify best practices into your release process.

Come hang out with Scott Hanselman and I as we learn about Azure Container Instances (ACI), GitHub Actions, and container best practices, today, on Azure Friday.


Where can I go to get started and learn more?

I’m so glad you asked! I have linked all the resources, including the code we used in our Azure Friday demo, where you can go and learn more.

0 comments

Leave a comment