TechQA.

Windows Container in Azure and Network

1.5k views Asked by At

I have an old legacy application listening to some tcp ports and written in visual c++ and strictly bound to run on windows.

On Prem the application is running fine within a windows server core container. But now I have to deploy this container to azure. Azure in turn does not support windows container to connect to a vnet. Why? Where is the limitation? Are there any work arounds to run windows containers (server core) within a vnet in azure? I dont want and due to policies I am not allowed to use a public ip since the service is internal only.

Thanks in advance

azure docker azure-container-instances windows-container vnet
Original Q&A
3

There are 3 answers

4
Nancy On

Currently, only Linux containers are supported in a container group deployed to a virtual network. See limitations. As a workaround, you can run Windows containers on an azure VM or on the Azure app service for windows.

On the Azure VM, it works as the on-premise server as usual. You don't need to expose it with public Ip address, instead, you can access it with a VPN connection or Azure bastion host.

On the Azure app service, you can set up Azure App Service access restrictions for the incoming traffic and set the VNet integration to restrict the outgoing traffic from your app service in a VNet. Even you can use a VPN connection to route the traffic to your on-premise network.

Note that Windows Containers on the Azure app service is limited to Azure Files and does not currently support Azure Blob. Azure VM might be a better choice.

0
Charles Xu On

As I know, if you want to run the Windows container inside the VNet, then you can use the AKS and Web App, but I see your application listen to multiple TCP ports, and if you need to expose all of them, I mean more than one port, then the Web App is not suitable to you because it only can expose one port to outside. So the AKS is the choice for you and you can follow the steps here to run Windows nodes in VNet with the CNI network type in AKS.

I'm not familiar with Service Fabric, so I cannot give the advice for Service Fabric. You can read the article here to know more about them. There are some limits for Windows containers currently, so if you do not have a special purpose on Widows container, I recommend the Linux container.

0
dodjango On

Ok, currently there is no solution but some workarounds mentioned in the comments. As you can read here https://learn.microsoft.com/en-us/answers/questions/189525/windows-container-in-azure-and-network.html there will hopefuly be a real solution soon.

May be we can get some speed on this by voting for this feature request: https://feedback.azure.com/forums/602224-azure-container-instances/suggestions/35529496-virtual-network-for-windows-containers

Related Questions in AZURE

Related Questions in DOCKER

Related Questions in AZURE-CONTAINER-INSTANCES

Related Questions in WINDOWS-CONTAINER

Related Questions in VNET

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions