Since launching support for Windows Containers in App Service back at Ignite in 2020, we’ve been working to close gaps in capabilities between code apps deployed to Windows app service plans and apps deployed in Windows Containers, and to improve the experience for customers who choose to deploy their apps in Windows Containers on Azure App Service.
Customers choose to deploy applications in Windows Containers for a variety of reasons, including but not limited to:
At BUILD 2023, we announced new Premium V3 SKUs and in particular memory optimized SKUs in App Service (Pmv3 series) and we are making these available to Windows Container customers also. These provide you with configurations from P1mv3 – 2 vCPU and 16GB memory up to P5mv3 – 32 vCPU and 256GB memory. Customers can achieve greater application density, per App Service Plan, with the increased memory SKUs.
Note: P0v3 is not available for customers wishing to run Windows containers on Azure App Service
Customers can now deploy applications in Windows containers using Windows Server 2022 and 2019 as your base OS. All Windows Containers running in App Service, run in Hyper-V isolation mode which means the platform can support multiple versions concurrently.
Azure App Service caches a set of base images, to help with speeding up the time it can take to pull and expand your Windows Container image. Customers can refer to the list of cached base images in our documentation. Customers are free to use other base images, however it can take much longer to download and extract containers based off images not cached by the platform. The image list and cache are regularly updated based on customer usage, to ensure we are catering for the most popular base images our customers use and to ensure the base images are regularly updated.
Customers deploying applications on Azure App Service, have long been able to use Key Vault references to source application settings and secrets from Key Vault, including in network-restricted vaults and customers deploying their applications in Windows Containers can do this too!
Customers now have the ability to use managed identities to pull Windows Container images from Azure Container Registry, and with recent updates, can also pull images from network protected registries, not only with App Service Environment v3, but in Azure App Service as well.
In addition to new capabilities when deploying your applications using Windows containers, we’ve also been working to bring other capabilities which can help with the day-to-day operation of your applications.
Application insights monitoring can be added during Web app creation or after creation without having to manually include and configure the Application Insights SDK with your containers. Application insights provide detailed application performance monitoring (APM) features enabling monitoring of applications throughout development, test, and production.
Azure App Service offers integration with Azure Monitor for both logs and metrics. As part of the updates for Windows Container workloads, we’ve added the ability to not only send single line stdout and stderr logs out to Azure Monitor, but to also send other types of application log content out to Azure Monitor. Examples include logs written to the application log channel in .NET core applications, stack traces and messages sent to trace listeners in .NET Framework applications.
Applications deployed in Windows Containers on App Service can now take advantage of Health check to monitor instance health. Using the health check feature customers can configure paths on which App Service will check health of application instances at 1-minute intervals and if an instance doesn’t respond with a status code of 200-299 after 10 requests (this number is configurable), then the instance is deemed unhealthy and is removed. Customers using this feature can increase their application’s availability.
Nano Server containers are an ultralight Windows offering for new application development and as such they have a significantly smaller API surface. Some key features such as PowerShell, WMI and the Windows servicing stack are not included in the Nanoserver image. Nanoserver images have just enough API surface to run apps that have a dependency on .NET core or other modern open-source frameworks.
Due to the limited API surface some features have been absent from our support in App Service until now:
It was not previously possible to set the time zone for Nano server containers only Server Core. Since Windows added support for this, customers can now set the time zone for their container. To set the time zone in App Service, customers should set the WEBSITE_TIME_ZONE App Setting (Environment variables and app settings in Azure App Service | Microsoft Learn)
We are always working hard to improve developer productivity and capabilities within Azure App Service across the entire service, and we have yet more updates coming for customers wishing to deploy their apps in Windows Containers.
App Service has long supported customers wishing to debug their .NET applications running in App Service using Visual Studio, we will be adding support for customers wishing to debug their Windows Containers in Azure App Service in the coming months.
App Service has a rich set of diagnostic capabilities (Diagnostics and solve tool - Azure App Service | Microsoft Learn) available to customers to troubleshoot your applications with no configuration changes. These help you to discover the issue(s) and guide you to the information and actions to troubleshoot the issue. Several categories and diagnostic reports are already available for applications hosted in Windows containers and many more will be enabled in the coming months.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.