0
0
Azurecloud~5 mins

Azure Container Registry (ACR) - Commands & Configuration

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction
Azure Container Registry lets you store and manage container images securely in the cloud. It solves the problem of sharing container images easily between your development and deployment environments.
When you want to keep your container images private and secure within your Azure environment.
When you need a central place to store container images for your team or automated pipelines.
When you want to speed up deployments by pulling images from a registry close to your Azure services.
When you want to automate container image builds and scans in Azure.
When you want to integrate container image storage with Azure Kubernetes Service or Azure App Service.
Config File - acr-template.json
acr-template.json
{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "resources": [
    {
      "type": "Microsoft.ContainerRegistry/registries",
      "apiVersion": "2021-06-01-preview",
      "name": "exampleacr12345",
      "location": "eastus",
      "sku": {
        "name": "Basic"
      },
      "properties": {
        "adminUserEnabled": true
      }
    }
  ]
}

This JSON template creates an Azure Container Registry named exampleacr12345 in the East US region.

The sku is set to Basic, which is suitable for learning and small projects.

The adminUserEnabled property allows you to use an admin account to push and pull images.

Commands
This command creates a new Azure Container Registry named exampleacr12345 in the resource group myResourceGroup with Basic SKU and admin user enabled.
Terminal
az acr create --resource-group myResourceGroup --name exampleacr12345 --sku Basic --location eastus --admin-enabled true
Expected OutputExpected
{ "adminUserEnabled": true, "creationDate": "2024-06-01T12:00:00Z", "id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myResourceGroup/providers/Microsoft.ContainerRegistry/registries/exampleacr12345", "location": "eastus", "loginServer": "exampleacr12345.azurecr.io", "name": "exampleacr12345", "provisioningState": "Succeeded", "resourceGroup": "myResourceGroup", "sku": { "name": "Basic", "tier": "Basic" }, "tags": {}, "type": "Microsoft.ContainerRegistry/registries" }
--resource-group - Specifies the Azure resource group to create the registry in
--name - Sets the unique name for the container registry
--sku - Defines the pricing tier and features of the registry
Logs your local Docker client into the Azure Container Registry so you can push and pull images.
Terminal
az acr login --name exampleacr12345
Expected OutputExpected
Login Succeeded
--name - Specifies the name of the Azure Container Registry to log into
Tags your local Docker image named my-app with the registry login server prefix so it can be pushed to ACR.
Terminal
docker tag my-app:latest exampleacr12345.azurecr.io/my-app:latest
Expected OutputExpected
No output (command runs silently)
Pushes the tagged Docker image to your Azure Container Registry.
Terminal
docker push exampleacr12345.azurecr.io/my-app:latest
Expected OutputExpected
The push refers to repository [exampleacr12345.azurecr.io/my-app] latest: digest: sha256:abcdef1234567890 size: 1234
Lists all container repositories stored in your Azure Container Registry in a readable table format.
Terminal
az acr repository list --name exampleacr12345 --output table
Expected OutputExpected
Repositories ------------- my-app
--output - Formats the output for easier reading
Key Concept

If you remember nothing else from this pattern, remember: Azure Container Registry securely stores your container images close to your Azure services for easy and fast deployment.

Common Mistakes
Trying to push Docker images without logging into the Azure Container Registry first.
Docker will reject the push because it does not have permission to access the registry.
Always run 'az acr login --name yourRegistryName' before pushing images.
Using a registry name that is not globally unique in Azure.
Azure Container Registry names must be unique across all Azure users, otherwise creation fails.
Choose a unique registry name, often by adding random numbers or your company name.
Not enabling the admin user when creating the registry and then trying to use admin credentials.
Admin user credentials won't exist if admin user is disabled, causing login failures.
Enable admin user during creation or use Azure Active Directory authentication.
Summary
Create an Azure Container Registry with 'az acr create' to store your container images.
Log in to the registry using 'az acr login' so Docker can push and pull images securely.
Tag your local Docker images with the registry login server prefix before pushing.
Push images to the registry with 'docker push' and verify stored repositories with 'az acr repository list'.