Updated at 6 December 2015
Containers are one of the new component present in Windows Server 2016 that makes more closer IT Pros and Developers for all companies where DevOps concept is present.
What is a Container?
Container is a sandbox where it’s possible run services and processes in a protected environment. Containers running on a Container Host, a Windows Server 2016 machine (Full, Core or Nano). The different between a classic virtual machine, compared with container, is that the deployment is much faster, the management is very low, patching is not necessary and the footprint is low.
Containers are perfect, as I said, for DevOps in a way where Devs need to create a new website without ask something to Web Admin; Visual Studio will support containers in the future. When it’s time to upgrade the website, is just necessary delete the old container and replace it with the new one.
To make faster Container’s deployment is fundamental create a template, called ContainerImage, that contain files, or services/applications, that we need to publish. Every time we must create a new container, it will be necessary only select the right template with a cmdlet like this: New-Container -Name “TmpIIS” -ContainerImageName WindowsServerCore -SwitchName “Virtual Switch”
Containers are not for all scenario and not only because we don’t have all the “services” but also because few companies need this kind of model. These are the available services:
- Web Sites
- Windows Role/Features (not all)
As web server there is the support for the most important engine, like IIS with .Net, Apache and Ngnix as well; as application, the idea is supports Database engines but not all the products, like SQL Server, and we can also deploy same Windows Role, for example File Server. Obviously is possible create processes and services designed for personal scopes.
Starting from Windows Server 2016 TP4 there are two different model, as showed in figure 2.
Windows Server Containers
This model is the classic one where Container’s processes are not isolate from Host Container.
This model isolate the Container’s processes from Container Host. To implement this, is necessary use Hyper-V as hypervisor with the build 10575 TP4 (the first build with support to Nested Virtualization) also for the Container Host.
By default the Containers running with a NAT; this means keep the sandbox isolated from the rest of environment and means also that is possible keep the Container Host into production network. There’s also a way to configure container to use DHCP but from my point of view this is not a good idea because means release many IPs and, in particular, reduce security because expose the Container to the public.
All the Containers that running on the same host, can communicate together and is good when there is a distributed application, like LOB, between many Containers. If you need to create a communication between two different containers, running on a separated hosts, is only required create the right NAT Rules.
Into the Technical Preview 4 we can also set Container’s resource usage to optimize host resources and prevents over consumption. In this moment is possible set: CPU, Memory, Network Bandwidth, Storage IO. More info are available here: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/manage_resources
Publishing is not easy but it’s not impossible because is necessary allow traffic from the host and is also required create NAT Rules to allows pass-through from host to container. A good solution is use Kemp LoadMaster to publish your Containers. Check my video on YouTube. All the tasks are available via PowerShell but for your lucky, I created a couple of PowerShell scripts to create and manage Containers.
You like Containers? Test it! Download Windows Server 2016 TP4
Publish Windows Server Containers with Kemp LoadMaster
Script – Advanced Management Windows Server 2016 Containers
Preparing Windows Server Technical Preview for Windows Server Containers
Windows Server Containers and PowerShell