問題描述
使用Github Action,透過 Azure/functions-container-action@v1 外掛來完成 yaml 檔案的配置,併成功部署Function Image 的過程記錄。
操作步驟
第一步: 準備Function的映象檔案
如在VS Code中,透過Terminal(命令列視窗),根據所使用的語言,建立或初始化DockerFile
func init --worker-runtime python --docker
# --docker 選項生成該專案的 Dockerfile,其中定義了適合用於 Azure Functions 和所選執行時的自定義容器 Python
執行後的效果為在Function 專案中新增Dockerfile檔案。
參考文件 -- 在 Linux 上使用自定義容器建立函式:https://docs.azure.cn/zh-cn/azure-functions/functions-create-function-linux-custom-image?tabs=in-process%2Cbash%2Cazure-cli&pivots=programming-language-python
第二步:上傳映象到ACR
首先,在本地啟動Docker Desktop後,使用Docker build 生產映象檔案。
然後,登入ACR(Azure Container Registry :Azure 容器登錄檔)。
命令示例如下:
## 本地生產Image檔案 docker build --tag azurefunctionsimage:v1 . ## 登入Azure映象庫 docker login <your-registry-name>.azurecr.cn --username <your-registry-username> ## 設定tag,推送到ACR docker tag azurefunctionsimage <your-registry-name>.azurecr.cn/azurefunctionsimage:v1 docker push <your-registry-name>.azurecr.cn/azurefunctionsimage:v1
第三步:配置使用者標識
啟用使用者標識,主要就是為了能夠讓它有許可權去訪問ACR並且拉取映象檔案
1:建立使用者標識:Create User Assigned Managed Identity - Microsoft Azure 由世紀互聯運營
2:在ACR中為使用者標識賦予許可權(Contributor or Reader):分配 Azure 角色的步驟 https://docs.azure.cn/zh-cn/role-based-access-control/role-assignments-steps
第四步:配置Github Action的 workflow yaml檔案
Action的workflow檔案中,有兩段內容需要配置,一是設定 使用者標識,二是設定映象路徑。
第一段,修改Function App的設定
- name: Azure App Service Settings uses: Azure/appservice-settings@v1 with: # Name of the Azure Web App app-name: fun-name general-settings-json: '{"acrUseManagedIdentityCreds": "true", "acrUserManagedIdentityID": "user managed identity id xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}'
第二段,配置Image 路徑
- name: 'Run Azure Functions Container Action' uses: Azure/functions-container-action@v1 id: fa with: app-name: fun-name image: youracrname.azurecr.cn/imagename:version
以上配置與 Azure Funciton 門戶上 Development Center 的設定對比關係如下:
參考的github上yaml檔案內容:https://github.com/Azure/actions-workflow-samples/tree/master/FunctionApp 和 https://github.com/Azure/actions-workflow-samples/blob/master/FunctionApp/linux-container-functionapp-on-azure.yml
修改後的yaml內容:
# Action Requires # 1. Setup the AZURE_CREDENTIALS secrets in your GitHub Repository # 2. Setup the REGISTRY_USERNAME secrets in your GitHub Repository # 3. Setup the REGISTRY_PASSWORD secrets in your GitHub Repository # 4. Replace REGISTRY, NAMESPACE, IMAGE, TAG in the following template with proper values # 5. Add this yaml file to your project's .github/workflows/ # 6. Push your local project to your GitHub Repository name: Linux_Container_Workflow on: [push] #on: # push: # branches: # - master jobs: build-and-deploy: runs-on: ubuntu-latest environment: dev steps: - name: 'Checkout GitHub Action' uses: actions/checkout@v3 #- name: 'Login via Azure CLI' # uses: Azure/login@v1.4.6 # with: # creds: ${{ secrets.AZURE_CREDENTIALS }} # environment: AzureChinaCloud # #allow-no-subscriptions: true - name: 'set subscriptions' run: | az cloud set --name AzureChinaCloud az login -u your azure user name -p "password" az account set --subscription "your subscription id" - name: 'Docker Login' uses: azure/docker-login@v1 with: login-server: youracrname.azurecr.cn username: ${{ secrets.REGISTRY_USERNAME }} password: ${{ secrets.REGISTRY_PASSWORD }} # - name: 'Compose Customized Docker Image' # shell: bash # run: | # # If your function app project is not located in your repository's root # # Please change the path to your directory for docker build # docker build . -t REGISTRY/NAMESPACE/IMAGE:TAG # docker push REGISTRY/NAMESPACE/IMAGE:TAG - name: Azure App Service Settings uses: Azure/appservice-settings@v1 with: # Name of the Azure Web App app-name: functionappname general-settings-json: '{"acrUseManagedIdentityCreds": "true", "acrUserManagedIdentityID": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"}' - name: 'Run Azure Functions Container Action' uses: Azure/functions-container-action@v1 id: fa with: app-name: functionappname #image: REGISTRY/NAMESPACE/IMAGE:TAG image: youracrname.azurecr.cn/azurefunctionimage:v1 #- name: 'use the published functionapp url in upcoming steps' # run: | # echo "${{ steps.fa.outputs.app-url }}" - name: Azure logout run: | az logout # For more information on GitHub Actions: # https://help.github.com/en/categories/automating-your-workflow-with-github-actions
以上操作完成後,即可上傳workflow yaml檔案到 .github/workflows/ 目錄下。因為條件設定為 on: [push],所以任何對程式碼庫的push操作就會觸發該workflow。
成功的效果圖如本文最開始“問題描述”中的圖片一致。
在Azure Function的log中,也能發現類似的Container啟動日誌:
2023-01-13T03:09:36.682Z INFO - Logging is not enabled for this container. Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here. 2023-01-13T03:09:45.209Z INFO - Initiating warmup request to container funtest01_1_b4054967_msiProxy for site funtest01 2023-01-13T03:09:45.261Z INFO - Container funtest01_1_b4054967_msiProxy for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T03:09:45.268Z INFO - Initiating warmup request to container funtest01_1_b4054967 for site funtest01 2023-01-13T03:10:01.707Z INFO - Waiting for response to warmup request for container funtest01_1_b4054967. Elapsed time = 16.4981389 sec 2023-01-13T03:10:13.069Z INFO - Container funtest01_1_b4054967 for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T03:10:13.089Z INFO - Initiating warmup request to container funtest01_1_b4054967_middleware for site funtest01 2023-01-13T03:10:17.032Z INFO - Container funtest01_1_b4054967_middleware for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T03:22:40.065Z INFO - Recycling container because of AppSettingsChange and isMainSite = True 2023-01-13T03:22:55.207Z INFO - Pulling image: mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart 2023-01-13T03:22:56.079Z INFO - 3.0-appservice-quickstart Pulling from azure-functions/dotnet 2023-01-13T03:22:56.080Z INFO - Digest: sha256:99f2de1ba2d097fe7fca8098351bd7d9d2e1cabbc32e3c3506321f7f1811bd1b 2023-01-13T03:22:56.081Z INFO - Status: Image is up to date for mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart 2023-01-13T03:22:56.084Z INFO - Pull Image successful, Time taken: 0 Minutes and 0 Seconds 2023-01-13T03:22:56.157Z INFO - Starting container for site 2023-01-13T03:22:56.165Z INFO - docker run -d --expose=80 --name funtest01_2_24a23a85 -e WEBSITE_CORS_ALLOWED_ORIGINS=https://portal.azure.cn -e WEBSITE_CORS_SUPPORT_CREDENTIALS=False -e WEBSITES_ENABLE_APP_SERVICE_STORAGE=false -e WEBSITE_SITE_NAME=funtest01 -e WEBSITE_AUTH_ENABLED=False -e PORT=80 -e WEBSITE_ROLE_INSTANCE_ID=0 -e WEBSITE_HOSTNAME=funtest01.chinacloudsites.cn -e WEBSITE_INSTANCE_ID=50a285a49ae3758d44951d408c7ec6cb3077821b90868ed2bf52d6c32be391fa -e WEBSITE_USE_DIAGNOSTIC_SERVER=False mcr.microsoft.com/azure-functions/dotnet:3.0-appservice-quickstart 2023-01-13T03:22:56.166Z INFO - Logging is not enabled for this container. Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here. 2023-01-13T03:23:10.342Z INFO - Initiating warmup request to container funtest01_2_24a23a85_msiProxy for site funtest01 2023-01-13T03:23:10.745Z INFO - Container funtest01_2_24a23a85_msiProxy for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T03:23:10.753Z INFO - Initiating warmup request to container funtest01_2_24a23a85 for site funtest01 2023-01-13T03:23:27.483Z INFO - Waiting for response to warmup request for container funtest01_2_24a23a85. Elapsed time = 17.1407378 sec 2023-01-13T03:23:38.014Z INFO - Container funtest01_2_24a23a85 for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T03:23:38.023Z INFO - Initiating warmup request to container funtest01_2_24a23a85_middleware for site funtest01 2023-01-13T03:23:54.109Z INFO - Container funtest01_2_24a23a85_middleware for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T06:14:26.600Z INFO - Recycling container because of AppFrameworkVersionChange and appFrameworkVersion = <youracrname>.azurecr.cn/azurefunctionimage:v1 2023-01-13T06:14:50.804Z INFO - Pulling image: <youracrname>.azurecr.cn/azurefunctionimage:v1 2023-01-13T06:14:51.203Z INFO - v1 Pulling from azurefunctionimage 2023-01-13T06:14:51.228Z INFO - 3f4ca61aafcd Pulling fs layer 2023-01-13T06:14:51.233Z INFO - 3f487a3359db Pulling fs layer 2023-01-13T06:14:51.233Z INFO - cf20d7997674 Pulling fs layer 2023-01-13T06:14:51.234Z INFO - 8fa944797ac7 Pulling fs layer 2023-01-13T06:14:51.234Z INFO - 268581bec5af Pulling fs layer 2023-01-13T06:14:51.235Z INFO - 320a9b97d2ed Pulling fs layer 2023-01-13T06:14:51.235Z INFO - 14bf15bf0e2a Pulling fs layer 2023-01-13T06:14:51.235Z INFO - 888c871585b1 Pulling fs layer 2023-01-13T06:14:51.243Z INFO - dc54e8c78a21 Pulling fs layer 2023-01-13T06:14:51.244Z INFO - 0b8d318d756a Pulling fs layer 2023-01-13T06:14:51.244Z INFO - 686f382362d7 Pulling fs layer 2023-01-13T06:14:51.252Z INFO - a108b4c555c7 Pulling fs layer 2023-01-13T06:14:51.253Z INFO - 07a70c22a7c4 Pulling fs layer 2023-01-13T06:14:52.512Z INFO - 3f487a3359db Downloading 799KB / 1MB ... 2023-01-13T06:17:09.734Z INFO - 07a70c22a7c4 Extracting 9MB / 9MB 2023-01-13T06:17:09.938Z INFO - 07a70c22a7c4 Pull complete 2023-01-13T06:17:09.955Z INFO - Digest: sha256:26a409b16044e27bdd97627a14118e33e84f840052d9fe4711f1ca471b09d22b 2023-01-13T06:17:09.957Z INFO - Status: Downloaded newer image for <youracrname>.azurecr.cn/azurefunctionimage:v1 2023-01-13T06:17:10.056Z INFO - Pull Image successful, Time taken: 2 Minutes and 19 Seconds 2023-01-13T06:17:10.688Z INFO - Starting container for site 2023-01-13T06:17:10.699Z INFO - docker run -d --expose=80 --name funtest01_3_e9514d82 -e WEBSITE_CORS_ALLOWED_ORIGINS=https://portal.azure.cn -e WEBSITE_CORS_SUPPORT_CREDENTIALS=False -e WEBSITES_ENABLE_APP_SERVICE_STORAGE=false -e WEBSITE_SITE_NAME=funtest01 -e WEBSITE_AUTH_ENABLED=False -e PORT=80 -e WEBSITE_ROLE_INSTANCE_ID=0 -e WEBSITE_HOSTNAME=funtest01.chinacloudsites.cn -e WEBSITE_INSTANCE_ID=50a285a49ae3758d44951d408c7ec6cb3077821b90868ed2bf52d6c32be391fa -e WEBSITE_USE_DIAGNOSTIC_SERVER=False <youracrname>.azurecr.cn/azurefunctionimage:v1 2023-01-13T06:17:10.707Z INFO - Logging is not enabled for this container. Please use https://aka.ms/linux-diagnostics to enable logging to see container logs here. 2023-01-13T06:17:20.451Z INFO - Initiating warmup request to container funtest01_3_e9514d82_msiProxy for site funtest01 2023-01-13T06:17:20.721Z INFO - Container funtest01_3_e9514d82_msiProxy for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T06:17:20.722Z INFO - Initiating warmup request to container funtest01_3_e9514d82 for site funtest01 2023-01-13T06:17:36.951Z INFO - Waiting for response to warmup request for container funtest01_3_e9514d82. Elapsed time = 16.4996091 sec 2023-01-13T06:17:44.426Z INFO - Container funtest01_3_e9514d82 for site funtest01 initialized successfully and is ready to serve requests. 2023-01-13T06:17:44.427Z INFO - Initiating warmup request to container funtest01_3_e9514d82_middleware for site funtest01 2023-01-13T06:17:45.431Z INFO - Container funtest01_3_e9514d82_middleware for site funtest01 initialized successfully and is ready to serve requests.
參考資料
Action Samples for deploying to Azure Functions :https://github.com/Azure/actions-workflow-samples/tree/master/FunctionApp