Everybody know that Windows Server 2016 include the Docker engine but this wasn’t clear at beginning. In November 2015, Microsoft has released the TP3 where Docker and, also, Windows Server Container were presents; the second one was a similar clone of first with two interesting elements, like PowerShell and Hyper-V Container, powered by Nested-Virtualization. With TP5, this project was declined to use Docker at 100% without give up totally Windows Server Containers.
In this article, we will see how to install Docker in Windows Server 2016 and create our first container based on IIS.
Setup
To enable the feature into Server Manager is very easy, figure 1, but remember to reboot machine after wizard.
Figure 1 – Enable Feature
After restart, open PowerShell and run this script:
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force Install-Module -Name DockerMsftProvider -Force Install-Package -Name docker -ProviderName DockerMsftProvider -Force Restart-Computer -Force
In order to check if everything works fine, open PowerShell and run command docker version and watch if there is a good result.
Pull
After the first configuration, it time to download the image template, to build our containers. Different like Linux, it’s not possible download Linux images but only images based on Microsoft. This limitation could be outdated in the future. As usual the catalog list is available from Docker Hub or with the command docker search xxx.
NB: There are many images available provided by Microsoft, like SQL Server Express 2014/2016, IIS or DotNet.
After you have choice the right image, use the command docker pull nameimage to import the bits into your machine. Keep in mind that download time depends by your connectivity.
To see your repository, use the command docker images, as showed in figure 2.
Figure 2 – Docker Images
Now you can start with creation of personal template, with all items needed to run our application.
Create Custom Image
To create the first container, use the command comando docker run -it microsoft/windowservercore cmd (or the image name that you have downloaded). It will be open a new session with the container ID. Some images allow to add/remove Windows Features and one of these is microsoft/windowservercore.
To test another image faster you can use microsoft/iis with command : docker run -it -p 800:80 microsoft/iis cmd. This enable a new container with IIS on; check the result from your local browser with the URL http://ipcontainerhost:800.
Create Image Repository
Customize your container with all files and elements necessary and stop it with the command docker stop idcontainer. To create a new image, use the command docker commit idcontainer nameimage (es. docker commit xxx insidetech/mscoreweb-itlab).
At this point it will be possible create a new container starting from our custom image; to do this, use the command docker run -it –name web01 -p 800:80 insidetech/mscoreweb-itlab cmd. What is the syntax? I specified a name (web01), I set what image use (insidetech/mscoreweb-itlab) and I set the NAT to expose the internal port 80 to port 800 into Docker Host machine. The reason is very simple: I’ve only one port 80 so I must use NAT to expose many web servers.
Now it’s time to test the right execution from your local computer, through URL http://ipcontainerhost:800. If you have followed everything rights, the result should be similar like figure 3.
Figure 3 – Container
Finish! Congratulation, you have created the first container on Docker! You can close the session.
Isolation Mode
At beginning of the article, I wrote that not all the ideas created for Windows Server Containers was wasted, so similar like Linux also in Windows is possible create different security level. There are two ways:
- Windows Server Containers: enabled by default, the container share the kernel with Container Host and this means that processes and services are available into the host. Startup is very faster and there aren’t requirements. The solution is perfect for small environment or testing.
- Hyper-V Containers: the container run into a separated environment, respect Container Host, thanks to Nested-Virtualization. Startup is slower and is required Hyper-V role or a virtual machine with Hyper-V role enabled where the host has Intel CPU (VT-x and EPT). The solution is perfect for mid-large companies where security is a must.
To enable a container with Isolation Mode, run the command; docker run -it –isolation=hyperv microsoft/windowservercore cmd
Commands
These are some useful commands to manage your Docker machine:
- Start Container – docker start idcontainer
- Stop Container – docker stop idcontainer
- Open a Session – docker exec -it idcontainer bash
- List Images – docker images
- List Containers – docker ps -a
- Delete Image – docker rmi idimmagine
- Delete Container – docker rm idcontainer
- Copy items from Host to Container – docker cp source idcontainer:pathdestinazione