Container service

Learn how to add a container to your Radius Application

Container provides an abstraction for a container workload that can be run on any platform Radius supports.

Resource format

resource frontend 'Applications.Core/containers@2023-10-01-preview' = {
  name: 'frontend'
  properties: {
    application: app.id
    container: {
      image: 'registry/container:tag'
      env:{
        DEPLOYMENT_ENV: {
          value: 'prod'
        }
        DB_CONNECTION: {
          value: db.listSecrets().connectionString
        }
      }
      ports: {
        http: {
          containerPort: 80
          protocol: 'TCP'
        }
      }
      volumes: {
        ephemeralVolume: {
          kind: 'ephemeral'
          mountPath: '/tmpfs'
          managedStore: 'memory'
        }
        persistentVolume: {
          kind: 'persistent'
          source: volume.id
        }
      }
      readinessProbe:{
        kind:'httpGet'
        containerPort:8080
        path: '/healthz'
        initialDelaySeconds:3
        failureThreshold:4
        periodSeconds:20
      }
      livenessProbe:{
        kind:'exec'
        command:'ls /tmp'
      }
      command: [
        '/bin/sh'
      ]
      args: [
        '-c'
        'while true; do echo hello; sleep 10;done'
      ]
      workingDir: '/app'
    }
    connections: {
      inventory: {
        source: db.id
      }
      azureStorage: {
        source: azureStorage
        iam: {
          kind: 'azure'
          roles: [
            'Storage Blob Data Contributor'
          ]
        }
      }
    }
    extensions: [
      {
        kind: 'daprSidecar'
        appId: 'frontend'
      }
      {
        kind:  'manualScaling'
        replicas: 5
      }
      {
        kind: 'kubernetesMetadata'
        labels: {
          'team.contact.name': 'frontend'
        }
      }
    ]
    runtimes: {
      kubernetes: {
        base: loadTextContent('base-container.yaml')
        pod: {
          containers: [
            {
              name: 'log-collector'
              image: 'ghcr.io/radius-project/fluent-bit:2.1.8'
            }
          ]
          hostNetwork: true
        }
      }
    }
  }
}

Top-level

Key Required Description Example
name y The name of your resource. See common values for more information. frontend
location y The location of your resource. See common values for more information. global
properties y Properties of the resource. See below

Properties

Key Required Description Example
application y The ID of the application resource this container belongs to. app.id
container y Container configuration. See below
connections n List of connections to other resources. See below
extensions n List of extensions on the container. See below
runtimes n Runtime specific configurations for the container. See below

Container

Key Required Description Example
image y The registry and image to download and run in your container. Follows the format <registry-hostname>:<port>/<image-name>:<tag> where registry hostname is optional and defaults to the Docker public registry, port is optional and defaults to 443, tag is optional and defaults to latest. ghcr.io/USERNAME/myimage:latest
env n A list of environment variables to be set for the container. Environment variables can either be of value or a reference to a Application.Core/SecretStore resource id in the format valueFrom. 'ENV_VAR': { value: 'value' } or 'ENV_VAR': { valueFrom: { secretRef: { source: secret.id key: 'SECRET_KEY' } } }
command n Entrypoint array. Overrides the container image’s ENTRYPOINT. ['/bin/sh']
args n Arguments to the entrypoint. Overrides the container image’s CMD. ['-c', 'while true; do echo hello; sleep 10;done']
imagePullPolicy n How to pull images. Defaults to the runtime’s default behavior. For Kubernetes behavior refer to https://kubernetes.io/docs/concepts/containers/images/#required-image-pull 'Always'
workingDir n Working directory for the container. '/app'
ports n Ports the container provides See below.
readinessProbe n Readiness probe configuration. See below.
livenessProbe n Liveness probe configuration. See below.
volumes n Volumes to mount into the container. See below.

Ports

The ports offered by the container are defined in the ports section.

Key Required Description Example
name y A name key for the port. http
containerPort y The port the container exposes. 80
protocol n The protocol the container exposes. Options are ‘TCP’ and ‘UCP’. 'TCP'

Volumes

Key Required Description Example
name y A name key for the volume. tempstore
kind y The type of volume, either ephemeral or persistent. ephemeral
mountPath y The container path to mount the volume to. \tmp\mystore
managedStore y* The backing storage medium to use when kind is ’ephemeral’. Either disk or memory. memory
source y* A volume resource to mount when kind is ‘persistent’. myvolume.id
rbac n The role-based access control level when kind is ‘persistent’. Allowed values are 'read' and 'write'. Defaults to ‘read’. 'read'

Readiness probe

Key Required Description Example
kind y Type of readiness check, httpGet or tcp or exec. httpGet
containerPort n Used when kind is httpGet or tcp. The listening port number. 8080
path n Used when kind is httpGet. The route to make the HTTP request on '/healthz'
command n Used when kind is exec. Command to execute to probe readiness '/healthz'
initialDelaySeconds n Initial delay in seconds before probing for readiness. 10
failureThreshold n Threshold number of times the probe fails after which a failure would be reported. 5
periodSeconds n Interval for the readiness probe in seconds. 5

Liveness probe

Key Required Description Example
kind y Type of liveness check, httpGet or tcp or exec. httpGet
containerPort n Used when kind is httpGet or tcp. The listening port number. 8080
path n Used when kind is httpGet. The route to make the HTTP request on '/healthz'
command n Used when kind is exec. Command to execute to probe liveness '/healthz'
initialDelaySeconds n Initial delay in seconds before probing for liveness. 10
failureThreshold n Threshold number of times the probe fails after which a failure would be reported. 5
periodSeconds n Interval for the liveness probe in seconds. 5

Connections

Key Required Description Example
name y A name key for the port. inventory
source y The id of the resource the container is connecting to. For network connections to other services this is in the form '[scheme]://[serviceName]:[port]' db.id, 'http://inventory:8080'
iam n Identity and access management (IAM) roles to set on the target resource. See below

IAM

Identity and access management (IAM) roles to set on the target resource.

Key Required Description Example
kind y Type of IAM role. Only azure supported today 'azure'
roles y The list IAM roles to set on the target resource. 'Owner'

Extensions

Extensions define additional capabilities and configuration for a container.

Key Required Description Example
kind y The kind of extension being used. kubernetesMetadataextension

Additional properties are available and required depending on the ‘kind’ of the extension.

kubernetesMetadata

The Kubernetes Metadata extension enables you set and cascade Kubernetes metadata such as labels and Annotations on all the Kubernetes resources defined with in your Radius Application. For examples refer to the extension overview page.

Properties
Key Required Description Example
kind y The kind of extension being used. Must be ‘kubernetesMetadata’ kubernetesMetadata
labels n The Kubernetes labels to be set on the application and its resources See below
annotations n The Kubernetes annotations to set on your application and its resources See below
labels
Key Required Description Example
user defined label key y The key and value of the label to be set on the application and its resources. 'team.name': 'frontend'
annotations
Key Required Description Example
user defined annotation key y The key and value of the annotation to be set on the application and its resources. 'app.io/port': '8081'

daprSidecar

The daprSidecar extensions adds and configures a Dapr sidecar to your application.

Properties
Property Required Description Example
kind y The kind of extension. daprSidecar
appId n The appId of the Dapr sidecar. backend
appPort n The port your service exposes to Dapr 3500
config n The configuration to use for the Dapr sidecar

manualScaling

The manualScaling extension configures the number of replicas of a compute instance (such as a container) to run.

Properties
Property Required Description Example
kind y The kind of extension. manualScaling
replicas Y The number of replicas to run 5

Runtimes

Key Required Description Example
kubernetes n Kubernetes specific configuration for the container. See below

Kubernetes

Key Required Description Example
base n The base Kubernetes resource manifest on top of which Radius specified properties will be applied. Supported resource types are documented here. loadTextContent('manifest/base-container.yaml')
pod n The pod specifications to apply to the Kubernetes resource created by Radius. Any field defined on PodSpec can be set here. topologySpreadConstraints