How to leverage Cloud Native Application Bundles for repeatable solutions

How to leverage Cloud Native Application Bundles for repeatable solutions

In a previous blog post, I wrote about how DevOps is not one size fits all. Today I will expand on some DevOps best practices by examining Cloud Native Application Bundles (CNAB). You might be asking, “What is a CNAB?” or “How does this fit into my DevOps practices?”

This blog post aims to answer both of these questions.

What is a Cloud Native Application Bundle?

The Cloud Native Application Bundle was designed as a specification focused on ensuring the portability and reproducibility of cloud solutions. The specification aims to extend Infrastructure as Code (IaC) tools by introducing configuration and management capabilities for the “one-stop” definition of your cloud solution.

Put simply, a CNAB is a set of instructions for deploying infrastructure, specifying configurations, and managing your solution deployments. If you need to deploy Azure ARM Template to deploy infrastructure to run your solution, a CNAB package can create the required resources and deploy it into them. It can also handle building your solution from source, deploying it to the infrastructure, and handling some aspects of lifecycle management.

CNAB benefits:

  • Easy, repeatable cloud solutions
  • Manage infrastructure, configuration, and solution all in one place
  • Portability – CNAB relies on the OCI framework, meaning the package can be shared through container registries like Docker Hub and Azure Container Registry
  • Cloud agnostic. Create CNAB solutions that work with any cloud or even multi-cloud solutions.

How do I develop a CNAB package?

Developing a CNAB is not terribly complex, especially if you are familiar with shell scripting. Generally speaking, if you can script it, it can be a CNAB.   To get started with CNAB, it is recommended to implement three basic capabilities: install, upgrade and uninstall.


Let’s assume you’ve developed a web app that you would like to host in Azure. As such, you might have an Azure Resource Manager (ARM) template to create the Azure resources, a shell script to build your application, and some manual steps for configuring the application settings in Azure. In building the CNAB package, you can use tools like the Azure CLI to call into Azure and automate the infrastructure creation, App Service configuration, and web app deployment. All these steps can be scripted and orchestrated through the installation component of the CNAB specification.


After you’ve installed your CNAB package, let’s say you decided that you need to change some of the application configurations and redeploy the app. You can do this by implementing the upgrade functionality of the specification. Here you would script the steps required to update the App Service mentioned above and optionally rebuild and redeploy the application if desired.


Additionally, you should provide a mechanism for end-users to uninstall your solution. This is accomplished by defining the steps to roll back the installation steps. With our App Service example above, this would most easily be accomplished by deleting any Azure resources that were created through the installation steps.

And there you have it! Hopefully, you now have a better understanding of Cloud Native Application Bundles how they can be used as a tool to enable repeatable solutions.

If you’d like to learn more about CNAB, I recommend the following resources:

Useful CNAB resources:

  • CNAB Specification Documentation provides additional information on the CNAB specification.
  • Porter is a great tool for authoring CNAB packages. Porter uses a YAML based definition which follows a structure quite similar to Azure Resource Manager templates.
  • Duffle is the reference implementation of the CNAB specification. It is a command-line tool for managing your CNAB packages.
  • Microsoft Documentation on CNAB