Custom domain name for Container app

dotnet / aspire

An opinionated, cloud ready stack for building observable, production ready, distributed applications in .NET

https://learn.microsoft.com/dotnet/aspire

MIT License

3.63k stars 408 forks source link

Custom domain name for Container app #1498

Open KSemenenko opened 8 months ago

KSemenenko commented 8 months ago

I think we need an option to setup custom domain name for Container app https://learn.microsoft.com/en-us/azure/container-apps/custom-domains-certificates

KSemenenko commented 8 months ago

https://learn.microsoft.com/en-us/azure/container-apps/environment-custom-dns-suffix or domain name for environment

mitchdenny commented 7 months ago

We'll probably have this partially solved with the stuff that @davidfowl is doing around Bicep template support. But the trick will be how we tell the container app to apply the custom domain. This would probably be a good use of metadata.

KSemenenko commented 7 months ago

As I understands it’s impossible to do with bicep, because there is a step for validation, but it means app should be up an d running. Maybe it’s possible with mix mix of bixep to create resource, and then one more action to bind cert and domain

davidfowl commented 6 months ago

This is going to be out of scope for automatic deployment via aspire for GA.

adanbrownpaca commented 3 months ago

My first Aspire app is now deployed to production. Yup, this is a problem. Each time we update the deployment, the container loses the custom domain information. Public domain, of course. I'll follow this issue as it is a critical problem that every company will have.

davidfowl commented 3 months ago

azd is looking to work around this issue with an opt in feature https://github.com/Azure/azure-dev/pull/3955

rudiv commented 3 months ago

Until that feature lands, @adanbrownpaca you can use azd infra synth to correct this in the relevant container app's YAML file (they go in to /infra/{project}.tmpl.yaml).

Under ingress, add customDomains as so:

      customDomains:
        - name: { DomainName }
          bindingType: SniEnabled
          certificateId: "{{ .Env.AZURE_CONTAINER_APPS_ENVIRONMENT_ID }}/managedCertificates/{ Certificate Id }"

Making sure, of course, to replace the single { } with actual values. You can retrieve the certificate ID by using az container app env certificate list.

Note that you'll have to do this after the first deployment and manual configuration from portal. There's a wider issue with the Bicep support for ACA that isn't yet fixed that prevents even third party Bicep writing tools to implement this. See https://github.com/microsoft/azure-container-apps/issues/796

adanbrownpaca commented 3 months ago

Thanks @rudiv - will do.

davidfowl commented 3 months ago

Or you can use the daily build of azd and test the feature out 😄

adanbrownpaca commented 3 months ago

Two birds... got it! Will do @davidfowl