Course Navigation
5 min read·Lesson 4 of 10

Containers on Azure

Explore Azure's container ecosystem: AKS for managed Kubernetes, ACI for serverless containers, Container Apps for microservices, and Azure Container Registry.

Containers package an application and its dependencies into a portable, consistent unit that runs the same anywhere. Azure provides several container services at different levels of abstraction.

Azure Kubernetes Service (AKS)

AKS is Azure's managed Kubernetes service. Microsoft manages the control plane (API server, etcd, scheduler) at no extra cost. You pay only for the worker nodes (VM instances).

Key features:

  • Automated node provisioning, upgrades, and patching
  • Integration with Azure Monitor, Azure Policy, and Azure Active Directory
  • Cluster Autoscaler — automatically adds or removes nodes based on pod demand
  • Node pools — different VM sizes for different workloads (e.g., CPU for APIs, GPU for ML)
  • Azure CNI and kubenet networking options
  • Private cluster support — API server accessible only from within your VNet

Best for: Complex, multi-service containerised applications that need the full power of Kubernetes — service meshes, stateful workloads, custom scheduling.

Azure Container Instances (ACI)

ACI is the simplest way to run a container in Azure. You specify a container image, CPU/memory, and ACI launches it in seconds — no cluster, no VM, no orchestrator.

  • Billed per second of CPU and memory consumed
  • Scales to zero when stopped
  • Supports Linux and Windows containers
  • Can be integrated with AKS as a burst target (Virtual Nodes)

Best for: Simple, isolated containers — task runners, batch jobs, dev/test environments, CI build agents.

Azure Container Apps

Container Apps is a serverless, fully managed container service built on Kubernetes and KEDA (Kubernetes Event-Driven Autoscaling). It abstracts Kubernetes complexity while providing powerful event-driven scaling.

  • Scale to zero (Consumption plan) or keep minimum replicas (Dedicated plan)
  • Trigger scaling from HTTP requests, queue depth, event hubs, Dapr bindings, and more
  • Built-in Dapr integration for microservice patterns (service discovery, pub/sub, state)
  • Supports HTTP ingress and per-revision traffic splitting (blue/green deploys)

Best for: Microservices, APIs, event-driven workloads — when you want container flexibility without managing Kubernetes.

Service Comparison

ServiceAbstractionBest For
AKSManaged K8s clusterComplex multi-service apps, full K8s control
ACIServerless single containerSimple containers, batch, dev/test
Container AppsServerless K8s (no cluster to manage)Microservices, APIs, event-driven
App Service (containers)PaaS web hostingWeb apps via Docker image

Azure Container Registry (ACR)

ACR is Azure's private Docker container registry. It's geo-replicated, integrates with Azure DevOps and GitHub Actions, and supports geo-replication for distributing images globally.

Key features:

  • Private image storage — no public Docker Hub exposure
  • ACR Tasks — cloud-based image build and automation
  • Image vulnerability scanning (Microsoft Defender integration)
  • Works natively with AKS, ACI, and Container Apps

Key Takeaways

  • Azure Kubernetes Service (AKS) is the managed Kubernetes service — Microsoft manages the control plane.
  • Azure Container Instances (ACI) run single containers without cluster management, billed per second.
  • Azure Container Apps is serverless, KEDA-based, and ideal for microservices and event-driven apps.
  • Azure Container Registry (ACR) is the private registry for storing container images.
  • Choose ACI for simple isolated containers, AKS for complex multi-container applications.

Test your knowledge

Try exam-style practice questions to reinforce what you've learned.

Practice Questions →