the how and why of windows containers
Post on 06-Jan-2017
220 Views
Preview:
TRANSCRIPT
The Why and How of Windows Containers@Ben_Hall
Ben@BenHall.me.ukOcelotUproar.com / Katacoda.com
The Why and How of Windows Containers@Ben_Hall
Ben@BenHall.me.ukOcelotUproar.com / Katacoda.com
@Ben_Hall / Blog.BenHall.me.uk
Tech Support > Tester > Developer > Founder > Docker London Organiser
Software Development Studio
WH
O AM
I?
Learn via Interactive Browser-Based LabsKatacoda.com
Agenda• Windows Server 2016• Building and deploying Windows Containers• Differences to Linux• Hyper-V Containers• Docker API / Kubernetes / Swarm• Future
Batteries included but removable
http://windows-wallpapers.net/wp-content/uploads/images/1c/windows-98.png
2016
Currently TP5 – RTM in two weeks?
Windows Server Core
Windows Nano
Windows Containers
Windows Hyper-V
Containers
Windows Containers
Windows KernelWindows Server 2016
SQL Server MSMQ IIS /
ASP.NET Docker Engine
Windows Hyper-V Containers
Windows Kernel
Windows Server 2016
SQL Server MSMQ IIS /
ASP.NET
Windows Kernel
Windows Utility VM
Hyper-V
Docker Engine
Windows Server Core• Nearly Win32 Compatible• Same behaviour of Windows• Install all of the same tooling
Windows Nano• Stripped down• Smallest footprint• 1/20th the size of Windows Server Core• Only essential components– Hyper-V, Clustering, Networking, Storage, .Net,
Core CLR
Windows Server Core => Ubuntu Linux
Windows Nano => Alpine Linux
Windows Server Core => Legacy Apps?
Windows Nano => Modern Apps?
Installing Windows Containers
C:\> Install-WindowsFeature containers
C:\> wget -uri https://aka.ms/tp5/Install-ContainerHost -OutFile C:\Install-ContainerHost.ps1
C:\> powershell.exe -NoProfile C:\Install-ContainerHost.ps1
C:\> Install-WindowsFeature containers
C:\> Invoke-WebRequest "https://get.docker.com/builds/Windows/x86_64/docker-1.12.0.zip" -OutFile "$env:TEMP\docker-1.12.0.zip" -UseBasicParsing
C:\> dockerd --register-serviceC:\> Start-Service Docker
Microsoft
Windows Linux Subsystem• Completely unrelated• Maybe not in the future…
What is a Windows Docker Image?
PS C:\> docker imagesREPOSITORY TAG IMAGE ID CREATEDwindowsservercore 10.0.10586.0 6801d964fda5 2 weeks ago windowsservercore latest 6801d964fda5 2 weeks ago nanoserver 10.0.10586.0 8572198a60f1 2 weeks ago nanoserver latest 8572198a60f1 2 weeks ago
PS C:\> docker run -it \ windowsservercore cmd
Thank you to https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/manage_docker
Note: cmd launches a UI
Thank you to https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/manage_docker
SSMS
Building Windows based Docker Images
PS C:\> docker run -it \ --name iisbase \ windowsservercore cmd [iisbase] C:\>
Thank you to https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/manage_docker
PS C:\> docker run -it \ --name iisbase \ windowsservercore cmd C:\> powershell.exe Install-WindowsFeature web-server C:\> exit
PS C:\> docker commit iisbase windowsservercoreiis 4193c9f34e320c4e2c52ec52550df225b2243927ed21f014fbfff3f29474b090
Running Windows Container
PS C:\> docker run -it \ -p 80:80 \ windowsservercoreiis cmd
docker commit is an anti-pattern
Use a Dockerfile
PS C:\> docker search windowservercore
C:\SourceCode\App> type Dockerfile
FROM microsoft/iis:10
RUN echo "Hello World - Dockerfile" > c:\inetpub\wwwroot\index.html
C:\SourceCode> docker build –t app .
PS C:\> docker imagesREPOSITORY TAG IMAGE ID CREATEDapp latest k23jjin423d 1 minutes ago iis 10 as4w9c928829 9 minutes ago windowsservercore 10.0.10586.0 6801d964fda5 2 weeks ago windowsservercore latest 6801d964fda5 2 weeks ago nanoserver 10.0.10586.0 8572198a60f1 2 weeks ago nanoserver latest 8572198a60f1 2 weeks ago
PS C:\> docker run -it -p 80:80 \ app cmd
PS C:\> docker run -it -p 80:80 \ --isolation=hyperv app cmd
FROM microsoft/windowsservercore
LABEL Description="Nginx" Vendor=Nginx" Version="1.0.13”
RUN powershell -Command \$ErrorActionPreference = 'Stop'; \Invoke-WebRequest -Method Get -Uri
http://nginx.org/download/nginx-1.9.13.zip -OutFile c:\nginx-1.9.13.zip ; \
Expand-Archive -Path c:\nginx-1.9.13.zip -DestinationPath c:\ ; \
Remove-Item c:\nginx-1.9.13.zip –Force
WORKDIR /nginx-1.9.13CMD ["/nginx-1.9.13/nginx.exe"]
FROM microsoft/dotnet35
ENV sql_express_download_url "https://download.microsoft.com/download/1/5/6/156992E6-F7C7-4E55-833D-249BD2348138/ENU/x64/SQLEXPR_x64_ENU.exe"ENV sa_password _ENV attach_dbs "[]”COPY . /WORKDIR /
RUN powershell -Command (New-Object System.Net.WebClient).DownloadFile('%sql_express_download_url%', 'sqlexpress.exe') && /sqlexpress.exe /qs /x:setup && /setup/setup.exe /q /ACTION=Install /INSTANCENAME=SQLEXPRESS /FEATURES=SQLEngine /UPDATEENABLED=0 /SQLSVCACCOUNT="NT AUTHORITY\System" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /TCPENABLED=1 /NPENABLED=0 /IACCEPTSQLSERVERLICENSETERMS && del /F /Q sqlexpress.exe && rd /q /s setup
RUN powershell -Command \ set-strictmode -version latest ; \ stop-service MSSQL`$SQLEXPRESS ; \ set-itemproperty -path 'HKLM:\software\microsoft\microsoft sql server\mssql12.SQLEXPRESS\mssqlserver\supersocketnetlib\tcp\ipall' -name tcpdynamicports -value '' ; \ set-itemproperty -path 'HKLM:\software\microsoft\microsoft sql server\mssql12.SQLEXPRESS\mssqlserver\supersocketnetlib\tcp\ipall' -name tcpport -value 1433 ; \ set-itemproperty -path 'HKLM:\software\microsoft\microsoft sql server\mssql12.SQLEXPRESS\mssqlserver\' -name LoginMode -value 2 ;
CMD powershell ./start -sa_password %sa_password% -attach_dbs \"%attach_dbs%\" -Verbose
FROM microsoft/nanoserver
ENV GOLANG_VERSION 1.6ENV GOLANG_DOWNLOAD_URL "https://golang.org/dl/go$GOLANG_VERSION.windows-amd64.zip"
RUN powershell.exe -Command ; \$handler = New-Object System.Net.Http.HttpClientHandler ; \$client = New-Object System.Net.Http.HttpClient($handler) ; \$client.Timeout = New-Object System.TimeSpan(0, 30, 0) ; \$cancelTokenSource = [System.Threading.CancellationTokenSource]::new() ; \$responseMsg = $client.GetAsync([System.Uri]::new('%GOLANG_DOWNLOAD_URL%'),
$cancelTokenSource.Token) ; \$responseMsg.Wait() ; \$downloadedFileStream = [System.IO.FileStream]::new('c:\go.zip',
[System.IO.FileMode]::Create, [System.IO.FileAccess]::Write) ; \$response = $responseMsg.Result ; \$copyStreamOp = $response.Content.CopyToAsync($downloadedFileStream) ; \$copyStreamOp.Wait() ; \$downloadedFileStream.Close() ; \[System.IO.Compression.ZipFile]::ExtractToDirectory('c:\go.zip','c:\') ; \Remove-Item c:\go.zip -Force
RUN powershell.exe -Command $path = $env:path + ';c:\go\bin'; Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name Path -Value $path
ImmutableDisposable Container Pattern
Windows Updates?
Networking> docker run -it --mac="92:d0:c6:0a:29:33" \ windowsservercore cmd
> docker run –it -p 8082:80 \ windowsservercore cmd
> Multi-host out the box
Persisting Data – Data Volumes
> docker run –v <host-dir>:<container-dir> image
-v C:\source:C:\dest
-v C:\container-share\config.ini
-v d:
Limit CPU Shares> docker run -it --cpu-shares 2 \ --name dockerdemo \ windowsservercore cmd
Powershell APIPS C:\> Get-ContainerImageName Publisher Version IsOSImage---- --------- ------- ---------NanoServer CN=Microsoft 10.0.10584.1000 TrueWindowsServerCore CN=Microsoft 10.0.10584.1000 True
PS C:\> New-Container -ContainerImageName WindowsServerCore -Name demo -ContainerComputerName demo
Name State Uptime ParentImageName---- ----- ------ ---------------demo Off 00:00:00 WindowsServerCore
What’s happening under the covers?
{ "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.image.manifest.v2+json", "size": 7143, "digest": "sha256:e692418e4cbaf90ca69d05a66403747baa33ee08806650b51fab815ad7fc331f", "platform": { "architecture": ”amd64", "os": "linux", } }, { "mediaType": "application/vnd.docker.image.manifest.v2+json", "size": 7682, "digest": "sha256:5b0bcabd1ed22e9fb1310cf6c2dec7cdef19f0ad69efa1f392e94a4333501270", "platform": { "architecture": "amd64", "os": ”windows", "features": [ "sse4" ] } } ]}
No Containerd / RunC
Introducing the Compute Service
http://www.slideshare.net/Docker/windows-server-and-docker-the-internals-behind-bringing-docker-and-containers-to-windows-by-taylor-brown-and-john-starks
http://www.slideshare.net/Docker/windows-server-and-docker-the-internals-behind-bringing-docker-and-containers-to-windows-by-taylor-brown-and-john-starks
var cs = new ContainerSettings{ SandboxPath = path, Layers = layers, KillOnClose = true, NetworkId = HostComputeService.FindNatNetwork(),};using (var container = HostComputeService.CreateContainer(id.ToString(), cs)){ Console.Out.WriteLine("starting container"); Console.Out.Flush(); container.Start(); var si = new ProcessStartInfo { CommandLine = command }; using (var process = container.CreateProcess(si)) { Console.Out.Write(process.StandardOutput.ReadToEnd()); process.WaitForExit(5000); Console.Out.WriteLine("process exited with {0}", process.ExitCode); } container.Shutdown(Timeout.Infinite);}
[DllImport("vmcompute.dll", PreserveSig = false, ExactSpelling = true)]
IntPtr computeSystem;h.CreateComputeSystem(id, JsonHelper.ToJson(hcsSettings), IntPtr.Zero, out computeSystem);return Container.Initialize(id, computeSystem, settings.KillOnClose, h);
Windows Hyper-V Isolation
Windows Hyper-V Isolation• Problem: Shared Kernel• Solution: Super lightweight virtual machines
• Intel Clear Containers• Ubuntu LXD• IBM are working on something
PS C:\> docker run -it -p 80:80 \ --isolation=hyperv app cmd
1) Windows starts 'Utility VM‘ and freezes state2) Forks VM state, brings up a fresh second VM3) Launches container on VM
Properties of Windows Utility VM• Invisible to Docker and containers• All writes are degraded• Separate Kernel to host• SMB file share to access host data
• In the future used for Linux containers?
Now Available• Windows 10 Insider Release
• https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/quick_start_windows_10
Running Containers in Production
Swarm
https://stefanscherer.github.io/build-your-local-windows-docker-swarm/
Constraint Scheduler$ docker run \ -e constraint:ostypelabel==windowscompat \ windowservercore cmd
$ docker run \ -e constraint:ostypelabel==linuxcompat \ ubuntu bash
Microsoft, Apprenda, Red Hathttps://github.com/kubernetes/kubernetes/issues/22623
Mesosphere DC/OS
Powering Azure Container Service
Host Fingerprinting• Constraints based deployment
• Container is based on Nano Server, within cluster, deploy to server capable of running Nano Server (ie. Windows Server 2016)Host Fingerprinting
The Future?
SQL Server as a Container
Visual Studio as a Container?
Everything as a Container
Deploy Anywhere
www.katacoda.com
Next Steps• Katacoda
• Microsoft Ignite Conference in two/three weeks
• Windows Server 2016 on Azure
• Windows 10 Insider Release
Thank you!
@Ben_HallBen@BenHall.me.ukBlog.BenHall.me.uk
www.Katacoda.com
top related