Using Azure Container Instances (ACI)
For hosting in Azure without a virtual machine, Seq can be deployed to Azure Container Instances.
Premium File Share Required
Azure Container Instances provides persistent storage only through Azure Files, which is a networked file system. Seq will encounter regular storage corruptions if run on a regular Azure Files share. Instead, an Azure Premium Files share must be used.
While Azure Container Instances is suitable for basic hosting, Datalust recommends using Azure Kubernetes Services (AKS) or virtual machines for mission-critical or heavily-loaded Seq deployments in Azure.
Finding the official Microsoft documentation
Azure frequently changes as it evolves. For the latest information on deploying containers on ACI, see the Azure Container Instances documentation.
Deploying with az
in Azure Cloud Shell
az
in Azure Cloud ShellThese instructions demonstrate deploying the container without HTTPS encryption or authentication enabled.
To enable authentication, see Getting Started with Docker.
For HTTPS in Azure, see HTTPS/TLS.
Seq can be deployed to ACI using the az
command in Azure Cloud Shell, accessed using the command prompt icon beside the Azure Portal's main search box.
Bash syntax is used in the examples below.
1. Create a resource group
Hosting the container requires several resources to be deployed. To easily deploy, manage, and tear down these resources, we'll create a resource group, which we'll call seq-aci
:
az group create --name seq-aci --location eastus
2. Create a storage account and premium file share
Seq needs a Premium Files volume to persist data on ACI.
First, the storage account, which we'll call seqacistorage
:
az storage account create \
--name seqacistorage \
--resource-group seq-aci \
--location eastus \
--kind FileStorage \
--sku Premium_LRS
Then the file share, which we'll call seq-aci-data
:
az storage share-rm create \
--name seq-data \
--resource-group seq-aci \
--storage-account seqacistorage \
--quota 100 \
--output none
To connect to the storage account, we'll need to retrieve its key. This will produce a large base-64 encoded string:
az storage account keys list \
--resource-group seq-aci \
--account-name seqacistorage \
--query "[0].value" \
--output tsv
3. Deploy the container
The argument to --azure-file-volume-account-key
is the large string produced in the previous step.
You'll need to choose a unique --dns-name-label
, and use this in the SEQ_API_CANONICALURI
environment variable.
az container create \
--resource-group seq-aci \
--name seq-aci-container \
--image datalust/seq:latest \
--dns-name-label seq-aci-dns \
--ports 80 443 \
--restart-policy OnFailure \
--environment-variables \
'ACCEPT_EULA'='Y' \
'SEQ_API_CANONICALURI'='http://seq-aci-dns.eastus.azurecontainer.io/' \
--azure-file-volume-share-name seq-data \
--azure-file-volume-account-name seqacistorage \
--azure-file-volume-account-key "QUnGu7Iz+4R...c728qLY7+AStEEElJg==" \
--azure-file-volume-mount-path /data \
--query ipAddress.fqdn
This will print the fully-qualified domain name and URL of your running Seq container.
Enabling HTTPS (TLS/SSL)
To enable HTTPS, if you have a .pfx
or .pem
certificate available, see HTTPS (TLS/SSL) for instructions.
Alternatively, if you prefer to use a service such as LetsEncrypt for obtaining TLS certificates automatically, check out Caddy, which can be deployed alongside Seq in a "sidecar" container . Note that Datalust does not provide support for Caddy, but we'll happily try to point you in the right direction if you get stuck!
Whichever method you choose, you'll need to update the
SEQ_API_CANONICALURI
environment variable that's passed to the container to include the HTTPS URL.
Updated 8 months ago