Container service

Learn how to add a container to your Radius Application

Container provides an abstraction for a container workload that can be run on any platform Radius supports.

Resource format

resource frontend 'Applications.Core/containers@2023-10-01-preview' = {
  name: 'frontend'
  properties: {
    application: app.id
    container: {
      image: 'registry/container:tag'
      env:{
        DEPLOYMENT_ENV: {
          value: 'prod'
        }
        DB_CONNECTION: {
          value: db.listSecrets().connectionString
        }
      }
      ports: {
        http: {
          containerPort: 80
          protocol: 'TCP'
        }
      }
      volumes: {
        ephemeralVolume: {
          kind: 'ephemeral'
          mountPath: '/tmpfs'
          managedStore: 'memory'
        }
        persistentVolume: {
          kind: 'persistent'
          source: volume.id
        }
      }
      readinessProbe:{
        kind:'httpGet'
        containerPort:8080
        path: '/healthz'
        initialDelaySeconds:3
        failureThreshold:4
        periodSeconds:20
      }
      livenessProbe:{
        kind:'exec'
        command:'ls /tmp'
      }
      command: [
        '/bin/sh'
      ]
      args: [
        '-c'
        'while true; do echo hello; sleep 10;done'
      ]
      workingDir: '/app'
    }
    connections: {
      inventory: {
        source: db.id
      }
      azureStorage: {
        source: azureStorage
        iam: {
          kind: 'azure'
          roles: [
            'Storage Blob Data Contributor'
          ]
        }
      }
    }
    extensions: [
      {
        kind: 'daprSidecar'
        appId: 'frontend'
      }
      {
        kind:  'manualScaling'
        replicas: 5
      }
      {
        kind: 'kubernetesMetadata'
        labels: {
          'team.contact.name': 'frontend'
        }
      }
    ]
    runtimes: {
      kubernetes: {
        base: loadTextContent('base-container.yaml')
        pod: {
          containers: [
            {
              name: 'log-collector'
              image: 'ghcr.io/radius-project/fluent-bit:2.1.8'
            }
          ]
          hostNetwork: true
        }
      }
    }
  }
}

Top-level

Key	Required	Description	Example
name	y	The name of your resource. See common values for more information.	`frontend`
location	y	The location of your resource. See common values for more information.	`global`
properties	y	Properties of the resource.	See below

Properties

Key	Required	Description	Example
application	y	The ID of the application resource this container belongs to.	`app.id`
container	y	Container configuration.	See below
connections	n	List of connections to other resources.	See below
extensions	n	List of extensions on the container.	See below
runtimes	n	Runtime specific configurations for the container.	See below

Container

Key	Required	Description	Example
image	y	The registry and image to download and run in your container. Follows the format `<registry-hostname>:<port>/<image-name>:<tag>` where registry hostname is optional and defaults to the Docker public registry, port is optional and defaults to 443, tag is optional and defaults to `latest`.	`ghcr.io/USERNAME/myimage:latest`
env	n	A list of environment variables to be set for the container. Environment variables can either be of `value` or a reference to a Application.Core/SecretStore resource id in the format `valueFrom`.	`'ENV_VAR': { value: 'value' }` or `'ENV_VAR': { valueFrom: { secretRef: { source: secret.id key: 'SECRET_KEY' } } }`
command	n	Entrypoint array. Overrides the container image’s ENTRYPOINT.	`['/bin/sh']`
args	n	Arguments to the entrypoint. Overrides the container image’s CMD.	`['-c', 'while true; do echo hello; sleep 10;done']`
imagePullPolicy	n	How to pull images. Defaults to the runtime’s default behavior. For Kubernetes behavior refer to https://kubernetes.io/docs/concepts/containers/images/#required-image-pull	`'Always'`
workingDir	n	Working directory for the container.	`'/app'`
ports	n	Ports the container provides	See below.
readinessProbe	n	Readiness probe configuration.	See below.
livenessProbe	n	Liveness probe configuration.	See below.
volumes	n	Volumes to mount into the container.	See below.

Ports

The ports offered by the container are defined in the ports section.

Key	Required	Description	Example
name	y	A name key for the port.	`http`
containerPort	y	The port the container exposes.	`80`
protocol	n	The protocol the container exposes. Options are ‘TCP’ and ‘UCP’.	`'TCP'`

Volumes

Key	Required	Description	Example
name	y	A name key for the volume.	`tempstore`
kind	y	The type of volume, either `ephemeral` or `persistent`.	`ephemeral`
mountPath	y	The container path to mount the volume to.	`\tmp\mystore`
managedStore	y*	The backing storage medium to use when kind is ’ephemeral’. Either `disk` or `memory`.	`memory`
source	y*	A volume resource to mount when kind is ‘persistent’.	`myvolume.id`
rbac	n	The role-based access control level when kind is ‘persistent’. Allowed values are `'read'` and `'write'`. Defaults to ‘read’.	`'read'`

Readiness probe

Key	Required	Description	Example
kind	y	Type of readiness check, `httpGet` or `tcp` or `exec`.	`httpGet`
containerPort	n	Used when kind is `httpGet` or `tcp`. The listening port number.	`8080`
path	n	Used when kind is `httpGet`. The route to make the HTTP request on	`'/healthz'`
command	n	Used when kind is `exec`. Command to execute to probe readiness	`'/healthz'`
initialDelaySeconds	n	Initial delay in seconds before probing for readiness.	`10`
failureThreshold	n	Threshold number of times the probe fails after which a failure would be reported.	`5`
periodSeconds	n	Interval for the readiness probe in seconds.	`5`

Liveness probe

Key	Required	Description	Example
kind	y	Type of liveness check, `httpGet` or `tcp` or `exec`.	`httpGet`
containerPort	n	Used when kind is `httpGet` or `tcp`. The listening port number.	`8080`
path	n	Used when kind is `httpGet`. The route to make the HTTP request on	`'/healthz'`
command	n	Used when kind is `exec`. Command to execute to probe liveness	`'/healthz'`
initialDelaySeconds	n	Initial delay in seconds before probing for liveness.	`10`
failureThreshold	n	Threshold number of times the probe fails after which a failure would be reported.	`5`
periodSeconds	n	Interval for the liveness probe in seconds.	`5`

Connections

Key	Required	Description	Example
name	y	A name key for the port.	`inventory`
source	y	The id of the resource the container is connecting to. For network connections to other services this is in the form `'[scheme]://[serviceName]:[port]'`	`db.id`, `'http://inventory:8080'`
iam	n	Identity and access management (IAM) roles to set on the target resource.	See below

IAM

Identity and access management (IAM) roles to set on the target resource.

Key	Required	Description	Example
kind	y	Type of IAM role. Only `azure` supported today	`'azure'`
roles	y	The list IAM roles to set on the target resource.	`'Owner'`

Extensions

Extensions define additional capabilities and configuration for a container.

Key	Required	Description	Example
kind	y	The kind of extension being used.	`kubernetesMetadataextension`

Additional properties are available and required depending on the ‘kind’ of the extension.

kubernetesMetadata

The Kubernetes Metadata extension enables you set and cascade Kubernetes metadata such as labels and Annotations on all the Kubernetes resources defined with in your Radius Application. For examples refer to the extension overview page.

Properties

Key	Required	Description	Example
kind	y	The kind of extension being used. Must be ‘kubernetesMetadata’	`kubernetesMetadata`
labels	n	The Kubernetes labels to be set on the application and its resources	See below
annotations	n	The Kubernetes annotations to set on your application and its resources	See below

labels

Key	Required	Description	Example
user defined label key	y	The key and value of the label to be set on the application and its resources.	`'team.name': 'frontend'`

annotations

Key	Required	Description	Example
user defined annotation key	y	The key and value of the annotation to be set on the application and its resources.	`'app.io/port': '8081'`

daprSidecar

The daprSidecar extensions adds and configures a Dapr sidecar to your application.

Properties

Property	Required	Description	Example
kind	y	The kind of extension.	`daprSidecar`
appId	n	The appId of the Dapr sidecar.	`backend`
appPort	n	The port your service exposes to Dapr	`3500`
config	n	The configuration to use for the Dapr sidecar

manualScaling

The manualScaling extension configures the number of replicas of a compute instance (such as a container) to run.

Properties

Property	Required	Description	Example
kind	y	The kind of extension.	`manualScaling`
replicas	Y	The number of replicas to run	`5`

Runtimes

Key	Required	Description	Example
kubernetes	n	Kubernetes specific configuration for the container.	See below
aci	n	Azure Container Instances specific configuration for the container.	See below

Kubernetes

Key	Required	Description	Example
base	n	The base Kubernetes resource manifest on top of which Radius specified properties will be applied. Supported resource types are documented here.	`loadTextContent('manifest/base-container.yaml')`
pod	n	The pod specifications to apply to the Kubernetes resource created by Radius. Any field defined on PodSpec can be set here.	`topologySpreadConstraints`

ACI

Key	Required	Description	Example
gatewayID	n	The gateway resource ID that provides L7 traffic for the container.	`'myGatewayId'`

Feedback

Was this page helpful?

Glad to hear it! Please feel free to star our repo and join our Discord server to stay up to date with the project.

Sorry to hear that. If you would like to also contribute a suggestion visit and tell us how we can improve.