Blog Post

Apps on Azure Blog
4 MIN READ

Generally available: Azure Container Apps workload profiles, more networking features, and jobs

AnthonyChu's avatar
AnthonyChu
Icon for Microsoft rankMicrosoft
Aug 30, 2023

Azure Container Apps is a service that enables you to deploy and run containerized applications and microservices without having to manage the underlying infrastructure. Today, we're excited to announce the general availability of the following features in Azure Container Apps: 

 

  • Workload profiles environment – supports apps in Consumption and Dedicated plans across workload profiles within the same Azure Container Apps environment. 
  • Dedicated plan – option to run your apps on dedicated compute resources and select from a range of compute sizes and types up to 32 vCPUs and 256 GiB of memory. 
  • Additional networking features – support for user defined routes (UDR), smaller subnet sizes, and network address translation (NAT) gateway. 
  • Jobs – ability to run containerized jobs on demand, on a schedule, or in response to events. 

 

These join other generally available features previously announced in August, including: 

 

In addition, the following features are now in public preview: 

 

Consumption and Dedicated Workload Profiles 

 

Workload profiles are designed to optimize spend and performance for microservices by selecting either serverless Consumption compute or customized Dedicated compute. Workload profiles determine the amount of compute and memory resources available to your apps in an Azure Container Apps environment. You can have multiple workload profiles of varying sizes within the same Azure Container Apps environment and select the optimal compute size for each of your applications’ resource requirements. This is ideal for developers when deploying a microservice solution.

 

A Consumption workload profile is available by default and provides serverless scale all the way to zero, and bills only for resources your apps use. 

Dedicated workload profiles provide dedicated compute resources for your apps and are ideal for running apps that require more compute and/or memory resources as you can select from a range of compute sizes and types up to 32 vCPUs and 256 GiB of memory. Apps running in these dedicated workload profiles use the new Dedicated pricing plan which bills per compute instance and provides better cost predictability.

 

To learn more about the Dedicated plan and workload profiles, see:

 

Additional networking features 

 

By selecting the workload profiles environment type, you also gain access to additional networking features. These features are available to you regardless of which workload profile and plan type you select, and both the Consumption and Dedicated plans are supported.  

You can now configure user defined routes (UDR) with the workload profiles environment type. UDRs control the routing of network traffic from your container apps to other resources in your virtual network such as Azure Firewall or other network appliances. Use UDR with Azure Firewall to restrict the outbound traffic from your container apps.

 

Workload profiles environments also have a minimum subnet size of /27. The minimum subnet size for Consumption-only environments is /23. The smaller required address space for your virtual network integration allows for greater flexibility when configuring your Azure network. 

In addition, network address translation (NAT) gateways are also supported with workload profiles environments. Configure NAT Gateway with your container apps to set a static outbound IP address.

 

To learn more about UDR, smaller subnets, and NAT Gateway with Azure Container Apps, see:

Jobs 

 

Jobs allow you to run containerized, run-to-completion tasks in an Azure Container Apps environment. They support three trigger types: 

 

  • Manual – A job can be triggered on demand by a user or application. 
  • Schedule – A job can be scheduled to run on a recurring basis. 
  • Event – A job can be triggered in response to an event, such as a message being added to a queue. You can also use it to run build agents for your CI/CD pipelines. 

 

Jobs run in the same environment as your container apps. This allows jobs and apps to share the same resources such as networking and storage. They support both the Consumption and Dedicated plans. 

 

Since public preview in May, the jobs feature has added support for volume mounts, init containers, Key Vault secrets references, and more. As of this week, you can now create, manage, and monitor jobs in the Azure portal. 

 

To learn about jobs, see the Azure Container Apps jobs documentation and deploy your first job. 

 

Join us on the next live stream

 

We'll talk about and demo the new announcements on the next live stream on September 5 (11:00 PDT / 14:00 EDT / 18:00 UTC). Don't miss it!

 

Updated Aug 31, 2023
Version 3.0
  • Thanks for the update! I wonder if this feature will be available in Australia Central and Southeast anytime soon?

  • allmhuran's avatar
    allmhuran
    Copper Contributor

    Assuming the following statements are true...

    - There are two environment types: Workload profile environments, and consumption environments

    - A workload profile environment is required if you want to define UDRs (eg, to control outbound traffic)
    - There are two plan types: Consumption, and dedicated
    - It is possible to use a consumption plan for a workload profile environment

    ... is there any reason, from this point forward, to create a consumption environment? Or is this simply included for backwards compatibility?

  • JoeThompsonIT's avatar
    JoeThompsonIT
    Copper Contributor

    Seems like all the documentation and examples that show integration between Azure Front Door and Container App Environments will need to account for the fact the ilb for Workload profiles points to ip addresses instead of nics, like Consumption Only environments, which is not allowed from Azure Front Door Private Link Service. Would love to see how you workaround that...