This blog was originally written by Navya SM from OS Engineering team in Dell
Windows containers is a concept introduced with Windows server 2016 TP3 on both Core and GUI based OS image. A container looks a lot like a virtual machine (VM)-and is often considered a type of virtualization-but the two are distinctly different. Both host an operating system (OS), provide a local file system, and can be accessed over a network, just like a physical computer. However, a VM provides a full and independent OS, along with virtualized device drivers, memory management, and other components that add to the overhead. A container shares more of the host’s resources and consequently is more lightweight, quicker to deploy, and easier to scale across data centers. In this way, the container can offer a more efficient mechanism for encapsulating an application, while providing the necessary interface to the host system, all of which leads to more effective resource usage and greater portability. More details about the containers can be found at https://msdn.microsoft.com/en-us/virtualization/ windowscontainers/about/about_overview.
Windows Server 2016 actually offers two different types of container run times, each with different degrees of application isolation.
Windows Containers offer isolation through namespace and process isolation, whereas Hyper-V Containers isolate each container via VMs. Windows Containers share a kernel with the container host and all the containers running on the host. In contrast, with Hyper-V Containers the kernel of the container host is not shared with the Hyper-V Containers. The Container Host can be either full OS or Core OS or a Nano edition. Both the types of Containers can be managed using Docker.
Note: For the Container feature to work better all the Microsoft updates should be installed along with the OS.
Windows Containers on Full OS:
3. Configure the firewall on the container host for the docker and configure the docker to listen on both the tcp and pipe using the commands given below.
4. Windows Containers need a base image to be installed. Base OS images are available with both Windows Server Core and Nano Server as the underlying operating system and can be installed using docker pull.
a. docker pull microsoft/windowsservercore or
b. docker pull microsoft/nanoserver
5. The docker command set is used to manage and work with containers. To create a new container and run commands on it we will have to use “Docker run” command and “docker ps” lists the containers that are running.
6. To run commands on the existing container we can use “docker exec <container name> <cmd>”
7. To start or stop a container we can run using “docker start/stop <container ID>”.
8. Hyper-V containers on the other hand needs nested virtualization to be enabled (before installing Hyper-V role) as the Hyper-V host will be a VM and the containers will be the nested VMs on top of it. Below are the steps to create Hyper-V containers
The rest of the steps remain same on the Hyper-V container host
Windows Containers on Nano Server:
Install-Module -Name DockerMsftProvider -Repository PSGallery –Force
Install-Package -Name docker -ProviderName DockerMsftProvider
5. The container host needs base OS image to hold the containers. The Windows Server Core and Nano Server has got the base OS image as the underlying OS. We can pull the base OS images using the docker pull cmd which fetches the ready image for use.
If the hyper-V containers are needed the also get the server core image using
6. We need a remote system to manage docker on Nano server and so we need to configure the following for the same by installing docker on the remote server.
7. Now we can create and connect to the container by using docker commands as same as that of the full Windows server OS
The same can be seen using “docker ps –a” command as shown. We have to start the container using “docker start <container ID>” and can stop the container using “docker stop <container ID>”. To execute a command on a running container “docker exec <container ID> <cmd>”
If the Nano server is installed on a VM, then the Hyper-V role has to be installed to create the Hyper-V container with nested virtualization being enabled but the rest of the steps remain same.
This part is to cover the creation of containers, but to use the containers we have to get the network connections for the same.