What is an Azure Container Instance (ACI)?

Azure Container Instance (ACI) is serverless compute for long-running container workloads. It is particularly well suited for long-running data processing tasks.

For those more familiar with other major cloud providers, ACI is roughly analagous to AWS ECS Fargate Tasks or Google Cloud Run Jobs. For a comparision of these two services, check out our article here.

Executing Azure Container Instance via HTTP Request

The Motivation

Being able to run a long-running container without managing servers is great, but for our use case, we wanted to be able to consume Azure Container Instances as if it was an HTTP endpoint. This means sending an HTTP request with a variable JSON body that triggers an Azure Container Instance-hosted container execution.

Challenges

• We cannot directly trigger ACI using an HTTPS request (otherwise we would not be writing this article).
• Technically, ACI does not allow for direct updates of an instance. Rather, we have to essentially “re-create” the container group. We have to specify every single property on the container group during this re-create, otherwise that property’s value will revert to its default state.
• Interaction with Azure Container Instances is primarily done through the CLI or the Python SDK.

Solution

The algorithm for our solution is essentially as follows:

1. Host an HTTP endpoint within an Azure Container App
2. Grant the managed service identity assigned to the container app permissions to read and write to the Azure Container Instance you wish to make an HTTP service.
3. Within the Azure Container App, pull the current ACI configuration using the Azure Python SDK, update environment variables in the recieved configuration, and then re-create the ACI instance with the new environment variables.
4. The new environment variables in the ACI configure a dynamic container execution to your desired specifications.

Coded Solution

We built a Flask-based API to run in the Container App to serve as the HTTP endpoint wrapper of the ACI. The core logic of step 3) above is in a single endpoint which can be found in this file (part of a complete implementation of the solution).

Conclusion

Now we can send an HTTPS request to Azure with a set of new environment variables to update and kick-off a dynamically configured Azure Container Instance. With this, we are able to interact with Azure Container Instances as if they were HTTP enabled.

–

dragondrop.cloud’s mission is to automate developer best practices while working with Infrastructure as Code. Our flagship OSS product, cloud-concierge, allows developers to codify their cloud, detect drift, estimate cloud costs and security risks, and more — while delivering the results via a Pull Request. For enterprises running cloud-concierge at scale, we provide a management platform. To learn more, schedule a demo or get started today!