Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Deploying Windows Containers on Windows Server 2016

1,979 views

Published on

Introduction into the new Windows Containers and Windows Hyper-V Containers coming in Windows Server 2016.

Presented at WinOps Meetup #5 on Wednesday 20th April 2016. http://www.meetup.com/WinOps/events/229065341/

Published in: Technology
  • Be the first to comment

Deploying Windows Containers on Windows Server 2016

  1. 1. Deploying Docker Containers on Windows Server 2016 @Ben_Hall Ben@BenHall.me.uk OcelotUproar.com / Katacoda.com
  2. 2. @Ben_Hall / Blog.BenHall.me.uk Tech Support > Tester > Developer > Founder Software Development Studio WHOAMI?
  3. 3. https://www.katacoda.com/
  4. 4. Agenda • Introduction to Docker • Windows Containers • Deploying IIS / ASP.NET with Containers • Running containers in Production • Future
  5. 5. doger.io
  6. 6. https://www.docker.com/whatisdocker/ Container
  7. 7. Own Process Space Own Network Interface Own Root Directories Sandboxed Like a lightweight VM. But it’s not a VM.
  8. 8. Native CPU Native Memory Native IO No Pre-Allocation No Performance Overheard
  9. 9. Milliseconds to launch Still fully isolated
  10. 10. Docker - An open platform for distributed applications for developers and sysadmins.
  11. 11. Got us to agree on something!
  12. 12. Batteries included but removable
  13. 13. Linux cgroups & namespaces
  14. 14. > docker run –p 6379:6379 redis _.-``__ ''-._ _.-`` `. `_. ''-._ Redis 3.0.3 (00000000/0) 64 bit .-`` .-```. ```/ _.,_ ''-._ ( ' , .-` | `, ) Running in standalone mode |`-._`-...-` __...-.``-._|'` _.-'| Port: 6379 | `-._ `._ / _.-' | PID: 1 `-._ `-._ `-./ _.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | http://redis.io `-._ `-._`-.__.-'_.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | `-._ `-._`-.__.-'_.-' _.-' `-._ `-.__.-' _.-' `-._ _.-' `-.__.-' 1:M 05 Nov 10:42:24.402 # Server started, Redis version 3.0.3 1:M 05 Nov 10:42:24.402 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect. 1:M 05 Nov 10:42:24.402 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled. 1:M 05 Nov 10:42:24.403 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128. 1:M 05 Nov 10:42:24.403 * The server is now ready to accept connections on port 6379
  15. 15. RStudio > docker run -d -p 8787:8787 rocker/rstudio
  16. 16. Windows?
  17. 17. Windows Server 2016 • Currently TP4 • TP5 is coming “very soon” • RTM in Q3ish
  18. 18. Windows Server Core Windows Nano Windows Containers Windows Hyper-V Containers
  19. 19. Windows Containers Windows Kernel Windows Server 2016 SQL Server MSMQ IIS / ASP.NET Docker Engine
  20. 20. Windows Hyper-V Containers Windows Kernel Windows Server 2016 SQL Server MSMQ IIS / ASP.NET Windows Kernel Windows Server 2016 Hyper-V Docker Engine
  21. 21. Windows Server Core • Nearly Win32 Compatiable • Same behaviour of Windows • Install all of the same tooling
  22. 22. Windows Nano • Stripped down • Smallest footprint • 1/20th the size of Windows Server Core • Only essential components – Hyper-V, Clustering, Networking, Storage, .Net, Core CLR
  23. 23. Windows Server Core => Ubuntu Linux Windows Nano => Alpine Linux Windows Server Core => Legacy Apps? Windows Nano => Modern Apps?
  24. 24. Work In Progress • https://msdn.microsoft.com/en- us/virtualization/windowscontainers/about/w ork_in_progress • eg: Windows Containers cannot be managed/interacted with through a RDP session in TP4.
  25. 25. Installing Windows Containers
  26. 26. C:> Install-WindowsFeature containers C:> wget https://aka.ms/tp4/docker -OutFile $env:SystemRootsystem32docker.exe C:> start-process nssm install
  27. 27. Microsoft
  28. 28. Windows Linux Subsystem • Completely unrelated • Maybe not in the future…
  29. 29. What is a Windows Docker Image?
  30. 30. PS C:> docker images REPOSITORY TAG IMAGE ID CREATED windowsservercore 10.0.10586.0 6801d964fda5 2 weeks ago windowsservercore latest 6801d964fda5 2 weeks ago nanoserver 10.0.10586.0 8572198a60f1 2 weeks ago nanoserver latest 8572198a60f1 2 weeks ago
  31. 31. PS C:> docker run -it windowsservercore cmd C:> dir Users Program Files Windows etc Thank you to https://msdn.microsoft.com/en- us/virtualization/windowscontainers/quick_start/manage_docker
  32. 32. Building Windows based Docker Images
  33. 33. PS C:> docker run -it --name iisbase windowsservercore cmd [iisbase] C:> Thank you to https://msdn.microsoft.com/en- us/virtualization/windowscontainers/quick_start/manage_docker
  34. 34. PS C:> docker run -it --name iisbase windowsservercore cmd C:> powershell.exe Install-WindowsFeature web-server C:> exit PS C:> docker commit iisbase windowsservercoreiis 4193c9f34e320c4e2c52ec52550df225b2243927ed21f014fbfff3f 29474b090
  35. 35. Running Windows Container
  36. 36. PS C:> docker run -it --name iisdemo -p 80:80 windowsservercoreiis cmd
  37. 37. docker commit is an anti-pattern Use a Dockerfile
  38. 38. C:docker-iis> type Dockerfile FROM windowsservercore:10.0.10586 RUN dism /online /enable-feature /all /featurename:iis-webserver /NoRestart
  39. 39. C:>docker build –t iis:10 c:docker-iis C:> docker images REPOSITORY TAG IMAGE ID CREATED iis 10 as4w9c928829 9 seconds ago windowsservercore 10.0.10586.0 6801d964fda5 2 weeks ago windowsservercore latest 6801d964fda5 2 weeks ago nanoserver 10.0.10586.0 8572198a60f1 2 weeks ago nanoserver latest 8572198a60f1 2 weeks ago
  40. 40. C:SourceCodeApp> type Dockerfile RUN echo "Hello World - Dockerfile" > c:inetpubwwwrootindex.html
  41. 41. C:SourceCode> docker build –t app . PS C:> docker images REPOSITORY TAG IMAGE ID CREATED app latest k23jjin423d 1 minutes ago iis 10 as4w9c928829 9 minutes ago windowsservercore 10.0.10586.0 6801d964fda5 2 weeks ago windowsservercore latest 6801d964fda5 2 weeks ago nanoserver 10.0.10586.0 8572198a60f1 2 weeks ago nanoserver latest 8572198a60f1 2 weeks ago
  42. 42. PS C:> docker run –name -it -p 80:80 app cmd
  43. 43. PS C:> docker run –name -it -p 80:80 -- isolation=hyperv app cmd
  44. 44. Building Windows Nano image? • Wait until TP5 > docker run --name iisnanobase -it -v c:share:c:iisinstall - -isolation=hyperv nanoserver cmd > docker commit iisnanobase nanoserveriis
  45. 45. Immutable Disposable Container Pattern
  46. 46. Simplification of deployments via automation
  47. 47. Jenkins •Builds Docker Image Testing QA Production Build Lifecycle
  48. 48. Powershell API PS C:> Get-ContainerImage Name Publisher Version IsOSImage ---- --------- ------- --------- NanoServer CN=Microsoft 10.0.10584.1000 True WindowsServerCore CN=Microsoft 10.0.10584.1000 True
  49. 49. PS C:> New-Container -ContainerImageName WindowsServerCore -Name demo - ContainerComputerName demo Name State Uptime ParentImageName ---- ----- ------ --------------- demo Off 00:00:00 WindowsServerCore
  50. 50. Persisting Data > docker run –v <host-dir>:<container-dir> image -v /opt/docker/elasticsearch:/data -v /opt/docker/mysql:/var/lib/mysql -v /docker/scrapbook/uploads:/app/public/uploads -v $(PWD):/host -v /var/log/syslog:/var/log/syslog
  51. 51. Users and Domains • Local user accounts may be created and used for running Windows services and applications in containers • Containers cannot join Active Directory domains, and cannot run services or applications as domain users, service accounts, or machine accounts. • "Microsoft are actively looking at solutions to support these types of scenarios."
  52. 52. Difference to Docker on Linux
  53. 53. Docker Images will behave as expected • Linux Manifest • Windows Manifest • ARM Manifest • Future IoT thing Manifest • docker pull redis – Image pulled depends on Docker Engine
  54. 54. What’s happening under the covers?
  55. 55. Linux / Windows • Linux has cgroups and namespaces – cgroups – How much access/resources do I have? – namespaces – What can I see? • Windows wanted this in the Kernel • Prototype was called Drawbridge • Server 2016 Kernel brings in the new cgroups/namespaces • Microsoft reached out to Docker to partner
  56. 56. Security?
  57. 57. What about developers?
  58. 58. Running Containers in Production
  59. 59. Bin Packing Pattern
  60. 60. Mesosphere DC/OS Powering Azure Container Service
  61. 61. Host Fingerprinting • Constraints based deployment • Container is based on Nano Server, within cluster, deploy to server capable of running Nano Server (ie. Windows Server 2016)
  62. 62. The Future?
  63. 63. SQL Server as a Container
  64. 64. Visual Studio as a Container?
  65. 65. Everything as a Container
  66. 66. Deploy Anywhere
  67. 67. Resources • https://channel9.msdn.com/Blogs/containers • https://aka.ms/containers
  68. 68. www.katacoda.com
  69. 69. Summary • Docker and Containers have changed how Linux processes are managed • Real container support coming to Windows Kernel • Automation will be easier • Better ROI and cluster management
  70. 70. Thank you! @Ben_Hall Ben@BenHall.me.uk Blog.BenHall.me.uk www.Katacoda.com Questions / Beer?

×