[英]How to issue a CLI command (or make use of Azure SDK) from an Azure Docker Container at startup
I need to issue the following command or accomplish the equivalent from the Azure SDK and C#.我需要发出以下命令或完成 Azure SDK 和 C# 的等效命令。
az network private-dns record-set a update --name <name> -g <resource-group> -z <zone-name> --set aRecords[0].ipv4Address=$(hostname -i)
This I need to do every time the ACI starts up (for whatever reason) so that the Private DNS Zone has the current IP address for the ACI (since private IP can change), which will be running in the same VNet.每次 ACI 启动时(无论出于何种原因)我都需要这样做,以便专用 DNS 区域具有 ACI 的当前 IP 地址(因为专用 IP 可以更改),它将在同一个 VNet 中运行。
I see several possible solutions, none of which I'm familiar enough to implement.我看到了几种可能的解决方案,但我都不熟悉,无法实施。
Appreciate any details on how to accomplish one of these solutions.感谢有关如何完成这些解决方案之一的任何详细信息。
Here is the solution to my question, including a link to what Microsoft suggested.这是我的问题的解决方案,包括 Microsoft 建议的链接。
https://learn.microsoft.com/en-us/learn/modules/secure-apps-azure-container-instances-sidecar/6-deploy-with-init-container https://learn.microsoft.com/en-us/learn/modules/secure-apps-azure-container-instances-sidecar/6-deploy-with-init-container
This YAML file uses an init container to run some Azure commands, including logging in with a Service Principal, and creating and updating Private DNS Zone entries so that containers can make HTTP calls to each other using DNS rather than IP address (which can change).这个 YAML 文件使用 init 容器来运行一些 Azure 命令,包括使用服务主体登录,以及创建和更新私有 DNS 区域条目,以便容器可以使用 DNS 而不是 IP 相互调用 HTTP 地址(这可以更改) .
YAML file: YAML 档案:
location: centralus
name: dns-zone-test-a
properties:
initContainers:
- name: inita
properties:
image: mcr.microsoft.com/azure-cli:latest
# redirection of output to a file for these commands is optional...a nice to have to confirm what's working
command: ['/bin/sh', '-c', 'az login --service-principal -u $SP_APPID -p $SP_PASSWORD --tenant $SP_TENANT > /scripts/outsp_a.txt;
az container show -n $ACI_NAME -g $RG --query ''ipAddress.ip'' -o tsv > /scripts/swac_a.txt;
my_private_ip=$(az container show -n $ACI_NAME -g $RG --query ''ipAddress.ip'' -o tsv);
az network private-dns record-set a create -n $HOSTNAME -z $DNS_ZONE_NAME -g $RG > /scripts/crzone_a.txt;
az network private-dns record-set a add-record --record-set-name $HOSTNAME -z $DNS_ZONE_NAME -g $RG -a $my_private_ip > /scripts/addzone_a.txt;']
environmentVariables:
- name: RG
value: myResourceGroup
- name: SP_APPID # service principal with the permissions to update private DNS zone
value: 5xxxxxxxxxxxxxx
- name: SP_PASSWORD # service principal password
secureValue: byyyyyyyyyyyyyyy
- name: SP_TENANT
value: bzzzzzzzzzzzzzzzzzz
- name: DNS_ZONE_NAME
value: dns-zone-mine.com
- name: HOSTNAME
value: dns-zone-test-a
- name: ACI_NAME
value: dns-zone-test-a
volumeMounts: # needed only if redirecting the output from the commands above to a file
- name: initscript
mountPath: /scripts/
containers: # any docker container you want
- name: cab-a
properties:
image: MyRegistry.azurecr.io/contest1:latest
ports:
- port: 80
protocol: TCP
resources:
requests:
cpu: 1.0
memoryInGB: 1.5
imageRegistryCredentials: # Credentials to pull a private image
- server: MyRegistry.azurecr.io
username: MyUserRegistry
password: 5xxxxxxxxxxxxx
volumes: # only needed if redirecting the output from the commands above to a file
- name: initscript
azureFile:
readOnly: false
shareName: initscript
storageAccountName: myStorage
storageAccountKey: zzzzzzzzzzzzzzzzzzzzzzzzzzz
ipAddress:
ports:
- port: 80
protocol: TCP
type: private
osType: Linux
subnetIds:
- id: /subscriptions/xxxxyyyyyzzzzz/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/MyVNet/subnets/MyTestSubnet
name: default
# dnsConfig: # DNS configuration for container group: not needed likely for this test, and may interfere with private DNS zone usage
# nameServers:
# - 192.168.1.44
tags: null
type: Microsoft.ContainerInstance/containerGroups
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.