Getting Started with Azure Container Registry

azure logo

In software development, it seems that no matter where you go, no matter who you talk to, containers are the new standard. If you don’t develop them or migrate your application already, you create support systems that use them to support a legacy application. Containers are everywhere.

However, this means that as an engineer, you will have to place your containers somewhere. In the past, this meant building any artifact, be it a binary or an archive, then writing it to disk or sharing files and distributing it. In the container ecosystem, it will be a container registry, and the artifacts you build will be container images.

Ideally, a container registry would be a secure place that could automate some of the work for you, such as analyzing the containers and triggering actions at each validation or according to a schedule. Fortunately, Azure covers you with all of the above with Azure Container Registry, or ACR for short.


To follow, you will need the following:

An Azure account
A container to push and pull from the repository
(Optional) A PowerShell terminal authenticated with Azure or a CloudShell instance

The container should not be anything other than hello, because it is a tutorial on container registers, not on the containers themselves. If you are not familiar with Docker or containers, you can find out more about them here.

Creation of the register

The first thing to do is to create a registry, first using the Azure portal, then using Azure PowerShell.

Use of the portal

Go to “Create a resource”, then look under Containers> Container registry.

Container registry. “Width =” 938 “height =” 650 “onload =” pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon (this); “onerror =” this.onerror = null; pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon (this); “/>

You will then be asked to enter information about the storage account and subscription in which to place the registry. It is considered best practice to place the registry in the same region in which you will deploy containers.

Create the container registry.

Once provisioned, go to the resources page and look for the “Access Keys” tab. From here, be sure to enable the “Admin Admin” option so that you can log in using the CLI later.

Using Azure PowerShell

With Azure PowerShell, this is done with a single line, either on a CloudShell instance or a PowerShell console authenticated locally with the Azure PowerShell module installed.

New-AzContainerRegistry -ResourceGroupName -Last name -EnableAdminUser

You can then use the Get-AzContainerRegistry cmdlet to list the registers associated with your tenant. You will still need the LoginServer property to send your image to the registry, but you can get it from Azure PowerShell shown in the rest of the demo.

Use the Get-AzContainerRegistry cmdlet to list the registers associated with your tenant.

As long as you include the -EnableAdminUser flag, you can also use the Get-AzContainerRegistryCredential cmdlet to get the connection information for the next step.

Use the Get-AzContainerRegistryCredential cmdlet to obtain the connection information.

Push image to ACR

Now that the registry and its user are configured, it’s time to log in and send an image to it. You can connect using the docker connection command. If you are using a script, make sure that the credentials do not appear in plain text, by transmitting them like this or by using Azure Key Vault.

# Azure PowerShell


$ registry = Get-AzContainerRegistry -ResourceGroupName $ RG_NAME -Name $ ACR_NAME
$ creds = Get-AzContainerRegistryCredential -Registry $ register
$ creds.Password | docker login $ registry.LoginServer -u $ creds.Username –password-stdin

If you do it manually, just run the Docker connection and replace ” “With the value of” Login Server “under the Access keys tab of the previous one, then the administrator username and password.

Now that you’re connected, you can push and extract as many images as you want from the repository. Once you’ve created or checked out a container locally, use the docker tag command to add the registry URL and version tag to the image, then use the docker push command to push it to ACR. It should look something like this:

# Docker CLI

docker tag /:
docker push /:

With the image in ACR, you can use the docker pull from any authenticated device to pull the image down and run it.

Use the docker on any authenticated device to pull the image down and run it.


Now you need to know how to configure a registry in ACR using the Azure portal or Azure PowerShell, as well as how to push and extract containers from it.

From here, you can consider enabling container vulnerability scanning with Azure Security Center or automation using ACR tasks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.