Awesome

About

This shows how to create a Azure Container Instances Container Group with Caddy (for Let's Encrypt TLS Certificate) reverse proxy for an internal test container.

This is wrapped in a vagrant environment to make it easier to play with this stack without changing your local machine.

Usage

If you are using Hyper-V, configure Hyper-V in your local machine.

If you are using libvirt, you should already known what to do.

Start the vagrant environment:

vagrant up --no-destroy-on-error

Enter the created vagrant environment and play with the example terraform project:

# enter the vagrant environment.
vagrant ssh

# login into azure.
az login

# list the subscriptions.
az account list --all
az account show

# set the subscription.
export ARM_SUBSCRIPTION_ID="<YOUR-SUBSCRIPTION-ID>"
az account set --subscription "$ARM_SUBSCRIPTION_ID"

# provision the example infrastructure.
cd /vagrant
export CHECKPOINT_DISABLE=1
export TF_LOG=TRACE
export TF_LOG_PATH=terraform.log
terraform init
terraform plan -out=tfplan
time terraform apply tfplan

# use the app.
wget -qSO- "$(terraform output -raw url)"

# show the app logs.
# NB to show all the containers logs omit --container app.
az container logs \
  --resource-group rgl-terraform-container-instances-example \
  --name example \
  --container app \
  --follow

# destroy the infrastructure.
terraform destroy

Caveats

• There is no way to known the end-user client IP address.
  • NB The ACI container is behind a load balancer that does not preserve the client IP address.

Reference

• azurerm_container_group
• Container groups in Azure Container Instances
• YAML reference: Azure Container Instances
• Caddy
• Caddy Docker Image