I have an application splitted into 3 microservice, 1 frontend Vue (with NGINX) and 2 API backend (Asp.NET Core). For each of them I have a docker image:
- UI
- API1
- API2
All of them working properly on my local intranet with docker-compose, now I want to publish them to Azure Portal.
I know there is the WebApp with docker-compose (preview) feature, but I prefer to deploy each container alone.
The Questions:
- Can I realize this scenario without docker-compose (preview) ?
- Can I made public reachable ONLY the UI url (i.e. myapp.azurewebsites.net) ?
- Can I hide the API1 and API2 on (i suppose) VNet Integration ?
Take a look at this TechNet blog that covers some of the scenarios you desire. You can use a combination of VNET integration, service endpoints, and or private link to accomplish a multi-tiered app that is isolated.
The simpliest setup will be using VNET integration + Service endpoints and access restrictions locked down to to the subnet that the app is integrated with.
https://techcommunity.microsoft.com/t5/apps-on-azure/zero-to-hero-with-app-service-part-7-multi-tier-web-applications/ba-p/1752015