Windows Server 2016 | Containers

Why Containers ?

  • For packaging and running applications across diverse environments on-prem or cloud
  • lightweight, isolated environment — easy to develop, deploy and manage.
  • quick start/stop
  • useful for utilizing your infrastructure

Windows containers running on Windows Server default to running with process isolation.

  • Process Isolation — This is the “traditional isolation” for containers. Containers instances run with isolation provided through namespace, resource control and process isolation technologies. Containers share same kernel with host as well as with each other (same as how linux containers run).
  • Hyper-V Isolation — This isolation mode offers enhanced security and broader compatibility between host and container versions. Each container runs inside of a highly optimized virtual machine and effectively gets its own kernel which provides hardware level isolation between each container as well as the container host.

Windows Base Images

For most users, Windows Server Core and Nanoserver will be the most appropriate image to use.

  • full .NET framework? target Windows Server Core.
  • .NET Core? target Nanoserver.

Explore Docker Hub for official images for Windows.

Windows Server Core and Nanoserver are the most common base images to target. The key difference between these images is that Nanoserver has a significantly smaller API surface. PowerShell, WMI, and the Windows servicing stack are absent from the Nanoserver image.

Matching container host version with container image versions

  • Because Windows Server containers and the underlying host share a single kernel, the container’s base image OS version must match that of the host.
  • The Windows operating system has four levels of versioning: major, minor, build and revision. for Eg: 10.0.14393.4225 would have a major version of 10, a minor version of 0, a build number of 14393, and a revision number of 4225

Windows Server containers are blocked from starting when the build number between the container host and the container image are different.

For example, when the container host is version 10.0.14393.* (Windows Server 2016) and container image is version 10.0.16299.* (Windows Server version 1709), the container won’t start.

Windows Server containers currently don’t support scenarios where Windows Server 2016-based containers run in a system where the revision numbers of the container host and the container image are different. For example, if the container host is version 10.0.14393.1914 (Windows Server 2016 with KB4051033 applied) and the container image is version 10.0.14393.1944 (Windows Server 2016 with KB4053579 applied), then the image might not start.

You must know which version you need to use for your container.

If you want Windows Server 2016 as your container OS and want to have the latest patches for it, you should use the tag ltsc2016 when specifying which version of the base OS container images you want :

If you want a specific patch of Windows Server 2016, you can specify the KB number in the tag.

You can also specify the exact patches you need with the schema we have used previously, by specifying the OS version in the tag

Microsoft recommends you keep your systems (host and container) up-to-date with the latest patches and updates to stay secure.

With Hyper-V isolation you can have different OS versions in the container host and image.

Containerization Decision Tree

Containerization Decision Tree
Containerization Decision Tree

Source: https://docs.microsoft.com/en-us/virtualization/windowscontainers/quick-start/lift-shift-to-containers

Build Your own Custom Windows Container Images using Dockerfile | Example : Install IIS

Containerize an aspnetcore application

Code can be found in following github repository -

https://github.com/mechdeveloper/aspnetcore-sample-windowscontainer-ltsc2016

Create aspnetcore web app

Run following command to create your app:

Build your own Custom Windows Container images | dotnet SDK

Build your own Custom Windows Container images | aspnetcore Runtime

Build your aspnetcore web application as a docker image using multi stage `Dockerfile`

  • use sdk image to build and publish your aspnetcore app
  • use runtime image to run your compiled aspnetcore app

For additional examples of Dockerfiles for Windows, see the Dockerfile for Windows repository.

Deploy using `docker-compose.yml`

docker stack deploy

Source/Reference:

Digital Enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store