About apps with containers¶
The topic provides a general overview of Snowflake Native Apps with Snowpark Container Services.
About Snowflake Native Apps with Snowpark Container Services¶
A Snowflake Native App with Snowpark Container Services (app with containers) is a Snowflake Native App that runs container workloads in Snowflake. Container apps can run any containerized service supported by Snowpark Container Services.
Apps with containers leverage all of the features of the Snowflake Native App Framework, including provider IP protection, security and governance, data sharing, monetization, and integration with compute resources.
Like any Snowflake Native App, an app with containers is comprised of an application package and application object. However, there are some differences as shown in the following image:
- Application package:
To manage containers, the application package must have access to a services specification file on a stage. Within this file, there are references to the container images required by the app. These images must be stored in an image repository in the provider account.
- Application object:
When a consumer installs an app with containers, the application object that is created contains a compute pool that stores the containers required by the app.
- Compute pool
A compute pool is a collection of one or more virtual machine (VM) nodes on which Snowflake runs your Snowpark Container Services jobs and services. When a consumer installs an app with containers, they can grant the CREATE COMPUTE POOL privilege to the app or they can create the compute pools manually.
Protect provider intellectual property in an app with containers¶
When an app with containers is installed in the consumer account, the query history of the services is available in the consumer account. To protect a provider’s confidential information, the Snowflake Native App Framework redacts the following information:
The query text is hidden from the QUERY_HISTORY view.
All information in the ACCESS_HISTORY view is hidden.
The Query Profile graph for the service’s query is collapsed into a single empty node instead of displaying the full query profile tree.