Container Group


The Container Group builder is used to create Azure Container Group instances.

  • Container Group (Microsoft.ContainerInstance/containerGroups)

Builder Keywords

Applies ToKeywordPurpose
containerInstancenameSets the name of the Container Group instance.
containerInstanceimageSets the container image.
containerInstanceadd_portsSets the ports the container exposes.
containerInstancecpu_coresSets the maximum CPU cores the container may use.
containerInstancememorySets the maximum gigabytes of memory the container may use.
containerInstanceenv_varsSets a list of environment variables for the container.
containerInstanceadd_volume_mountAdds a volume mount on a container from a volume in the container group.
containerGroupadd_instancesAdds container instances to the group.
containerGroupoperating_systemSets the OS type (default Linux).
containerGrouprestart_policySets the restart policy (default Always)
containerGrouppublic_dnsSets the DNS host label when using a public IP.
containerGroupprivate_ipIndicates the container should use a system-assigned private IP address for use in a virtual network.
containerGroupnetwork_profileName of a network profile resource for the subnet in a virtual network where the container group will attach.
containerGroupadd_registry_credentialsAdds a container image registry credential with a secure parameter for the password.
containerGroupadd_tcp_portAdds a TCP port to be externally accessible.
containerGroupadd_udp_portAdds a UDP port to be externally accessible.
containerGroupadd_volumesAdds volumes to a container group so they are accessible to containers.


open Farmer
open Farmer.Builders
open Farmer.ContainerGroup

let nginx = containerInstance {
    name "nginx"
    image "nginx:1.17.6-alpine"
    add_ports PublicPort [ 80us; 443us ]
    add_ports InternalPort [ 9090us; ]
    memory 0.5<Gb>
    cpu_cores 1
    env_vars [
        env_var "CONTENT_PATH" "/www"
        secure_env_var "SECRET_PASSWORD" "shhhhhh!"
    add_volume_mount "secret-files" "/config/secrets"
    add_volume_mount "source-code" "/src/farmer"

let group = containerGroup {
    name "webApp"
    operating_system Linux
    restart_policy AlwaysRestart
    add_udp_port 123us
    add_instances [ nginx ]
    add_registry_credentials [
        registry "" "registryuser"
    add_volumes [
        volume_mount.secret_string "secret-files" "secret1" "abcdefg"
        volume_mount.git_repo "source-code" (Uri "")

Private Virtual Network Example

Attaching a container group to a virtual network requires adding a service delegation on a subnet indicating it is for container groups, adding a network profile to bind the container group interface to that subnet, and finally adding the container group itself with a private IP address.

open Farmer
open Farmer.Builders

let privateNetwork = vnet {
    name "private-vnet"
    add_address_spaces [
    add_subnets [
        subnet {
            name "ContainerSubnet"
            prefix ""
            add_delegations [

let aciProfile = networkProfile {
    name "vnet-aci-profile"
    vnet "private-vnet"
    subnet "ContainerSubnet"

let myContainer = container {
    name "helloworld"
    image "microsoft/aci-helloworld"
    add_ports PublicPort [ 80us ]

let group = containerGroup {
    name "webApp"
    operating_system Linux
    restart_policy AlwaysRestart
    add_instances [ myContainer ]
    network_profile "vnet-aci-profile"
    private_ip [TCP, 80us]