dockerizing windows server applications by ender barillas and taylor brown
TRANSCRIPT
![Page 1: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/1.jpg)
Dockerizing Windows Server Applications
Ender BarillasTaylor BrownProgram ManagerPrincipal Program Manager Lead
![Page 2: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/2.jpg)
Setting Up
Agenda
Architecture
More
![Page 3: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/3.jpg)
Setting up
![Page 4: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/4.jpg)
Setting up
Containers Feature:• Install-WindowsFeature containers• Restart-Computer –Force
![Page 5: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/5.jpg)
Setting up
Docker:• New-Item -Type Directory -Path 'C:\Program Files\docker\'• Invoke-WebRequest https://aka.ms/tp5/b/dockerd -OutFile
$env:ProgramFiles\docker\dockerd.exe• Invoke-WebRequest https://aka.ms/tp5/b/docker -OutFile
$env:ProgramFiles\docker\docker.exe• [Environment]::SetEnvironmentVariable("Path", $env:Path + ";C:\Program
Files\Docker", [EnvironmentVariableTarget]::Machine)• Close and reopen powershell
• dockerd --register-service• Start-Service docker
![Page 6: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/6.jpg)
Setting up
Base OS image:• Install-ContainerOSImage <wim path>• Restart-Service docker• docker images• docker tag windowsservercore:10.0.14300.1000 windowsservercore:latest
![Page 7: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/7.jpg)
Architecture
![Page 8: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/8.jpg)
Architecture
Operating System
Docker Engine
Docker Client
Docker Registry
Docker Compose Docker Swarm
Docker Universal Control Plane } Container
Development and Management Toolset
Container Runtime
![Page 9: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/9.jpg)
Architecture In Linux
containerd + runc
Docker Engine
REST Interface
libcontainerd graphlibnetwork plugins
Operating System
Control Groupscgroups
NamespacesPid, net, ipc, mnt, uts
Layer CapabilitiesUnion Filesystems AUFS,
btrfs, vfs, zfs*, DeviceMapper
Other OS Functionality
Docker Client DockerRegistryDocker Compose Docker Swarm
![Page 10: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/10.jpg)
Architecture In Windows
Docker Engine
REST Interface
libcontainerd graphlibnetwork plugins
Operating System
Control GroupsJob objects
NamespacesObject Namespace,
Process Table, Networking
Layer CapabilitiesRegistry, Union like
filesystem extensions
Other OS Functionality
Compute Service
Docker Client DockerRegistryDocker Compose Docker Swarm
![Page 11: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/11.jpg)
Docker
PlatformSpecific
PlatformIndependent
Comparing OS Architectures
Linux Control Groupscgroups
NamespacesPid, net, ipc, mnt, uts
Layer CapabilitiesUnion Filesystems: AUFS,
btrfs, vfs, zfs*,DeviceMapper
Other OS Functionality
runC
Docker EngineREST Interface
libcontainerd graphlibnetwork plugins
Windows Control GroupsJob objects
NamespacesObject Namespace, Process
Table, Networking
Layer CapabilitiesRegistry, Union like filesystem
extensions
Other OS Functionality
Compute Services
Docker Client Docker SwarmDocker Compose Docker Registry
![Page 12: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/12.jpg)
Windows Kernel
Host User Mode
Container Management
Windows Server Containers
Compute Services
Docker Engine
Windows Server Container
System Processes
Application Processes
System Processes
Session Manager
Local Security Authority
Event Manager…
Etc…
Job Object Net Interface
StorageRegistry
Windows Server Container
System Processes
Application Processes
Job Object Net Interface
StorageRegistry
![Page 13: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/13.jpg)
Hyper-V ContainersHost User Mode Virtual Machine
Specifically Optimized To Run a Container
Container Management
Windows Kernel
Compute Services
Docker Engine
System Processes
Session Manager
Local Security Authority
Event Manager…
Etc…
Hyper-V Hypervisor
Hyper-V Container
Windows Kernel
Guest Compute Service
Windows Server Container
System Processes
Application Processes
Job Object Net Interface
StorageRegistry
Basic System
Processes
![Page 14: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/14.jpg)
Same Container Images, Same API
Container Management
Docker
Windows Container Images
Application
Framework
Container Run-TimesHyper-V Container
Windows Server Container
Write once, deploy anywhere
![Page 15: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/15.jpg)
Networking
![Page 16: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/16.jpg)
Container Networking ChoicesNAT
• Simple
• Private IP Addresses
• No cross-node container traffic
• Port Forwarding
• Host-based Firewall & QoS
• Ideal for Developers
L2 Tunneling
• Full network virtualization
• Isolated network & services
• Multi-node traffic
• MAC Virtualization
• Cloud-scale Deployments
Transparent
• Simple
• Existing L2 network (DHCP)
• Cross-node traffic
• No isolation (MAC spoofing)
• Developers or Small Deployments
![Page 17: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/17.jpg)
Physical HostNetwork StackVirtual Machine
Specifically Optimized To Run a Container
Windows Server
Container
System Processes
Application Processes
TCP/IPSoftware
Windows Server
Container
System Processes
Application Processes
Guest Compute Service
Basic System
Processes
Compartment Compartment Default Compartment
Host TCP/IPSoftware
Hyper-V Container
Windows Server
Container
System Processes
Application Processes
TCP/IPSoftware
vNIC vNIC vNICvmNIC
vSwitchHost vNICWinNAT
Physical NIC
• Containers connect to the Virtual Switch over a Host vNIC (Windows Server Container) or Synthetic VM NIC (Hyper-V Containers)
• The Host vNIC sits within its own Network Compartment (isolation) for Windows Server Containers
• Network connectivity to Hyper-V Containers through synthetic VM NIC is transparent to the Utility VM
• (Optional) Host vNIC assigned default gateway IP from WinNAT which binds to TCPIP
Physical Network
![Page 18: Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown](https://reader035.vdocuments.us/reader035/viewer/2022062820/58a169701a28abc1708b68c5/html5/thumbnails/18.jpg)
Thank you!