Skip to content
Dimko February 5, 2021 3 min read

How to use Azure ACI with Portainer

Using Portainer to manage Azure Container Instances

In this blog post we will learn how to add an Azure ACI instance to Portainer as an endpoint. We've also posted a 'how-to' video on this topic on our YouTube channel here.

There are some pre-reqs you want to make sure to check on the Azure portal:

  • At least one resource group has to be available;
  • Under Subscriptions->Resource providers->Microsoft.ContainerInstance is registered;
  • That your User role on the Azure Subscription is of Owner, System Administrator so you can manage roles to registered Apps via AAD.

Azure setup

  1. First step is to register and Application via the Azure Active Directory of your Azure subscription:

  2. Now select the App registrations option and New registraion:

  3. Give the App a name. Without changing the default Supported account types click on Register:

  4. On the next screen you will see an Overview of the App. Make sure to copy and store the ApplicationID and Directory (tenant) ID on a text editor of your choice:

  5. We also need to generate a Client secret so Portainer can access the ACI. On the left hand side menu select Certificates & secrets...:

  6. ...and create the secret by clicking the New client secret button followed by the Add button. The Description and the expiry of the secret can be set accordingly but they are not required:

  7. You now have to copy the secret value and store on a text editor along with the AppID and the TenantID and mentioned on step #4:

  8. The next step is to define a Contributor role to the App so we can manage ACI instances from Portainer. Go the the Subcription page on your Azure Portal:

    Select your Subscription:

    and click on Access control:

  9. You are going to add a Role of Contributor to the App by clicking on the Add button:

    On the Add role assignment you will select Contributor, keep the User,group or service principal selection. You can find the App by typing the name you gave to it on the Select input box:

    Once your app shows up you can finish the role assignment by clicking the Save button and that's it from the Azure side. Now let's add the endpoint on Portainer.

Portainer setup

  1. Open your Portainer interface and select the Endpoints option:

  2. Add an Endpoint:

  3. Select the Azure - Connect to Microsoft Azure ACI:

  4. Remember the values you wrote down from steps #4 and #7 from the Azure setup? This is where you will paste them in the Endpoint setup for Portainer:

    Click on Add endpoint and you will see a confirmation that your Endpoint has been added succesfully:

    The Portianer setup is done. Now let's add a Container Instance on the ACI endpoint.

Container instance setup

  1. Start by the ACI endpoint on the Home screen of Portainer:

  2. Select the Container instances option on the left hand side menu and then click on the Add container button:

  3. On the following screen you need to:
    1. Select the Subscription where the App was registered on the Azure portal;
    2. The Resource group where you would like to have the ACI instance;
    3. The Location of your preference on Azure;
    4. A name for your container;
    5. The image you want to deploy. In this example we are using nginx:alpine;
    6. The ports to access your container, and
    7. The resources you want to allocate to the container:
  4. If all goes well on the following screen you will see the public IP address and port configured for the container:

    Clicking on the IP address will open a new tab/window on your browser where you can access your container. In our example we deployed nginx so our result was the default installation page of the web server:

    And that's it!!

It is important to mention that there are a couple of limitations that will get resolved soon for this type of Endpoint and those are no persistent storage and no private networking.

Hope that worked well for you, and you're up and running with Portainer. If you have any questions or comments, please drop them into the comments section below, or join us on our Slack channel.

See a video of this blog here: