Container service
Learn how to add a container to your Radius Application
Container
provides an abstraction for a container workload that can be run on any platform Radius supports.
resource frontend 'Applications.Core/containers@2023-10-01-preview' = {
name: 'frontend'
properties: {
application: app.id
container: {
image: 'registry/container:tag'
env:{
DEPLOYMENT_ENV: {
value: 'prod'
}
DB_CONNECTION: {
value: db.listSecrets ().connectionString
}
}
ports: {
http: {
containerPort: 80
protocol: 'TCP'
}
}
volumes: {
ephemeralVolume: {
kind: 'ephemeral'
mountPath: '/tmpfs'
managedStore: 'memory'
}
persistentVolume: {
kind: 'persistent'
source: volume.id
}
}
readinessProbe:{
kind:'httpGet'
containerPort:8080
path: '/healthz'
initialDelaySeconds:3
failureThreshold:4
periodSeconds:20
}
livenessProbe:{
kind:'exec'
command:'ls /tmp'
}
command: [
'/bin/sh'
]
args: [
'-c'
'while true; do echo hello; sleep 10;done'
]
workingDir: '/app'
}
connections: {
inventory: {
source: db.id
}
azureStorage: {
source: azureStorage
iam: {
kind: 'azure'
roles: [
'Storage Blob Data Contributor'
]
}
}
}
extensions: [
{
kind: 'daprSidecar'
appId: 'frontend'
}
{
kind: 'manualScaling'
replicas: 5
}
{
kind: 'kubernetesMetadata'
labels: {
'team.contact.name' : 'frontend'
}
}
]
runtimes: {
kubernetes: {
base: loadTextContent ('base-container.yaml' )
pod: {
containers: [
{
name: 'log-collector'
image: 'ghcr.io/radius-project/fluent-bit:2.1.8'
}
]
hostNetwork: true
}
}
}
}
}
Top-level
Key
Required
Description
Example
name
y
The name of your resource. See common values for more information.
frontend
location
y
The location of your resource. See common values for more information.
global
properties
y
Properties of the resource.
See below
Properties
Container
Key
Required
Description
Example
image
y
The registry and image to download and run in your container. Follows the format <registry-hostname>:<port>/<image-name>:<tag>
where registry hostname is optional and defaults to the Docker public registry, port is optional and defaults to 443, tag is optional and defaults to latest
.
ghcr.io/USERNAME/myimage:latest
env
n
A list of environment variables to be set for the container. Environment variables can either be of value
or a reference to a Application.Core/SecretStore resource id in the format valueFrom
.
'ENV_VAR': { value: 'value' }
or 'ENV_VAR': { valueFrom: { secretRef: { source: secret.id key: 'SECRET_KEY' } } }
command
n
Entrypoint array. Overrides the container image’s ENTRYPOINT.
['/bin/sh']
args
n
Arguments to the entrypoint. Overrides the container image’s CMD.
['-c', 'while true; do echo hello; sleep 10;done']
imagePullPolicy
n
How to pull images. Defaults to the runtime’s default behavior. For Kubernetes behavior refer to https://kubernetes.io/docs/concepts/containers/images/#required-image-pull
'Always'
workingDir
n
Working directory for the container.
'/app'
ports
n
Ports the container provides
See below .
readinessProbe
n
Readiness probe configuration.
See below .
livenessProbe
n
Liveness probe configuration.
See below .
volumes
n
Volumes to mount into the container.
See below .
Ports
The ports offered by the container are defined in the ports
section.
Key
Required
Description
Example
name
y
A name key for the port.
http
containerPort
y
The port the container exposes.
80
protocol
n
The protocol the container exposes. Options are ‘TCP’ and ‘UCP’.
'TCP'
Volumes
Key
Required
Description
Example
name
y
A name key for the volume.
tempstore
kind
y
The type of volume, either ephemeral
or persistent
.
ephemeral
mountPath
y
The container path to mount the volume to.
\tmp\mystore
managedStore
y*
The backing storage medium to use when kind is ’ephemeral’. Either disk
or memory
.
memory
source
y*
A volume resource to mount when kind is ‘persistent’.
myvolume.id
rbac
n
The role-based access control level when kind is ‘persistent’. Allowed values are 'read'
and 'write'
. Defaults to ‘read’.
'read'
Readiness probe
Key
Required
Description
Example
kind
y
Type of readiness check, httpGet
or tcp
or exec
.
httpGet
containerPort
n
Used when kind is httpGet
or tcp
. The listening port number.
8080
path
n
Used when kind is httpGet
. The route to make the HTTP request on
'/healthz'
command
n
Used when kind is exec
. Command to execute to probe readiness
'/healthz'
initialDelaySeconds
n
Initial delay in seconds before probing for readiness.
10
failureThreshold
n
Threshold number of times the probe fails after which a failure would be reported.
5
periodSeconds
n
Interval for the readiness probe in seconds.
5
Liveness probe
Key
Required
Description
Example
kind
y
Type of liveness check, httpGet
or tcp
or exec
.
httpGet
containerPort
n
Used when kind is httpGet
or tcp
. The listening port number.
8080
path
n
Used when kind is httpGet
. The route to make the HTTP request on
'/healthz'
command
n
Used when kind is exec
. Command to execute to probe liveness
'/healthz'
initialDelaySeconds
n
Initial delay in seconds before probing for liveness.
10
failureThreshold
n
Threshold number of times the probe fails after which a failure would be reported.
5
periodSeconds
n
Interval for the liveness probe in seconds.
5
Connections
Key
Required
Description
Example
name
y
A name key for the port.
inventory
source
y
The id of the resource the container is connecting to. For network connections to other services this is in the form '[scheme]://[serviceName]:[port]'
db.id
, 'http://inventory:8080'
iam
n
Identity and access management (IAM) roles to set on the target resource.
See below
IAM
Identity and access management (IAM) roles to set on the target resource.
Key
Required
Description
Example
kind
y
Type of IAM role. Only azure
supported today
'azure'
roles
y
The list IAM roles to set on the target resource.
'Owner'
Extensions
Extensions define additional capabilities and configuration for a container.
Key
Required
Description
Example
kind
y
The kind of extension being used.
kubernetesMetadataextension
Additional properties are available and required depending on the ‘kind’ of the extension.
The Kubernetes Metadata extension enables you set and cascade Kubernetes metadata such as labels and Annotations on all the Kubernetes resources defined with in your Radius Application. For examples refer to the extension overview page.
Properties
Key
Required
Description
Example
kind
y
The kind of extension being used. Must be ‘kubernetesMetadata’
kubernetesMetadata
labels
n
The Kubernetes labels to be set on the application and its resources
See below
annotations
n
The Kubernetes annotations to set on your application and its resources
See below
labels
Key
Required
Description
Example
user defined label key
y
The key and value of the label to be set on the application and its resources.
'team.name': 'frontend'
annotations
Key
Required
Description
Example
user defined annotation key
y
The key and value of the annotation to be set on the application and its resources.
'app.io/port': '8081'
daprSidecar
The daprSidecar
extensions adds and configures a Dapr sidecar to your application.
Properties
Property
Required
Description
Example
kind
y
The kind of extension.
daprSidecar
appId
n
The appId of the Dapr sidecar.
backend
appPort
n
The port your service exposes to Dapr
3500
config
n
The configuration to use for the Dapr sidecar
manualScaling
The manualScaling
extension configures the number of replicas of a compute instance (such as a container) to run.
Properties
Property
Required
Description
Example
kind
y
The kind of extension.
manualScaling
replicas
Y
The number of replicas to run
5
Runtimes
Key
Required
Description
Example
kubernetes
n
Kubernetes specific configuration for the container.
See below
Kubernetes
Key
Required
Description
Example
base
n
The base Kubernetes resource manifest on top of which Radius specified properties will be applied. Supported resource types are documented here .
loadTextContent('manifest/base-container.yaml')
pod
n
The pod specifications to apply to the Kubernetes resource created by Radius. Any field defined on PodSpec can be set here.
topologySpreadConstraints