Ive taken an app and built a docker image for windows server 2016 using microsoft/aspnetcore:2.0 base image.
My question is...what machines/OS's will I be able to run the container on?
I know it cant run on Linux.....but could it run on (e.g.) ANY version of windows server 2016? How about windows server 2019?
The architecture is AMD64....does that mean the container will only run on machines with that exact architecture?
Im trying to figure out why containers are considered beneficial
I don't have any experience with Docker Windows containers, but I have a ton of experience with Docker containers in general, and the concepts between Windows and Linux containers should be mostly the same.
When you run your built app, no matter if you run it on Windows Server 2016, Windows Server 2019, or even Windows 10 Pro, the app should function exactly the same. Under the covers, Docker provides an isolated application environment. From your applications perspective, it only knows/experiences/sees itself and the Windows Kernel that it's running on. If you had, say, an IIS instance also running on that server, your app would have no idea. The point here is that Docker provides a means to:
Run multiple versions of an app on the same machine, in complete isolation.
Have a more clean running environment for every app.
Be much more resource efficient than running discrete VMs
Another huge benefit of Docker is that it provides a means to ephemeral environments. Which means you should expect to have the exact same behavior from an app running on machine #1 as you do on machine #2. It eliminates the "works on my machine" mentality, especially when some other 3rd party dependency is not installed/forgotten, because these will be bundled into the container as part of the build.
Lastly, about architecture. The app you built is designed to run against the architecture of the Windows Kernel it was built with. In your case AMD64, from my understanding, this implies the x86_64 architecture. This should mean that your container will run on any 64-bit x86 machine (AMD or Intel). Your container will not run on any other architecture: x86 (32 bit), 386, 486, ARM, ARM 64, etc. I think in the case of Windows this isn't as important of an issue, because 90% of the time you're running on x86_64. But with Linux you end up with everything from SPARC to ARM, and so that architecture distinction is important.
I too had a lot of the same questions when I started using docker. While the product "Docker" has been hit-or-miss on occasion, the concept "containers" and the benefits they provide when used correctly are very powerful and I use the for almost every project I work on.
Related
Are containers specific to a particular host OS? For instance, if a container is created on Windows with particular dependencies (e.g., DLL files), can it run in a setup in which the host OS is Linux? I initially assumed that a container must be specific to a particular host OS.
But the following two excerpts seem to suggest that I may not have understood the mechanics correctly. So my question is: are containers built over the docker engine so when the dependencies are included, they are relative to the docker engine and the underlying host OS does not matter?
(1) From IBM:
Containerization allows developers to create and deploy applications faster and more securely. With traditional methods, code is developed in a specific computing environment which, when transferred to a new location, often results in bugs and errors. For example, when a developer transfers code from a desktop computer to a virtual machine (VM) or from a Linux to a Windows operating system. Containerization eliminates this problem by bundling the application code together with the related configuration files, libraries, and dependencies required for it to run. This single package of software or “container” is abstracted away from the host operating system, and hence, it stands alone and becomes portable—able to run across any platform or cloud, free of issues. [https://www.ibm.com/cloud/learn/containerization]
(2) From Docker:
Does Docker run on Linux, macOS, and Windows?
You can run both Linux and Windows programs and executables in Docker containers. The Docker platform runs natively on Linux (on x86-64, ARM and many other CPU architectures) and on Windows (x86-64).
Docker Inc. builds products that let you build and run containers on Linux, Windows and macOS.
What does Docker technology add to just plain LXC?🔗
Docker technology is not a replacement for LXC. “LXC” refers to capabilities of the Linux kernel (specifically namespaces and control groups) which allow sandboxing processes from one another, and controlling their resource allocations. On top of this low-level foundation of kernel features, Docker offers a high-level tool with several powerful functionalities:
Portable deployment across machines. Docker defines a format for bundling an application and all its dependencies into a single object called a container. This container can be transferred to any Docker-enabled machine. The container can be executed there with the guarantee that the execution environment exposed to the application is the same in development, testing, and production. LXC implements process sandboxing, which is an important pre-requisite for portable deployment, but is not sufficient for portable deployment. If you sent me a copy of your application installed in a custom LXC configuration, it would almost certainly not run on my machine the way it does on yours. The app you sent me is tied to your machine’s specific configuration: networking, storage, logging, etc. Docker defines an abstraction for these machine-specific settings. The exact same Docker container can run - unchanged - on many different machines, with many different configurations.
The host OS, or precisely, the kernel provided still matters. That's why you can't run Windows containers on Linux. You can run Linux container on Windows due to Hyper-V and WSL2, and on macOS with Hypervisor, but that's it. If the provided kernel is compatible (doesn't have to be identical), usually similar version and the same architecture (remember, there are x64, ARM64, etc) or at least supported virtualization (x64 containers can run on M1, which is ARM64) then you can just run the container, no need to worry about DLLs because they're supposed to be included either in one of the base image you start with or the image you generate.
I have trouble understanding this concept. I know a little bit about how Docker works and what the benefits are, and while I understand running web servers, databases and development environments in containers, I don't understand the point of running an OS like Ubuntu in Docker.
Can someone explain why you would want to do that and also the benefits of an entire OS in a container?
The OS is essentially the runtime environment required to run your app. If you app is compiled to run on Linux, it relies on Linux libraries (libc, glib, and so on) that must be present in executing environment, regardless of its type. Docker makes no exception to this.
So a Ubuntu application requires a Ubuntu image in order to run correctly.
Note that Docker container does not include nor run an entire OS, but only the minimum set of libraries that allow your app to run. In particular it does never contain or execute a kernel, as it runs under the host kernel.
Docker doesn't have its own OS, it is installed on a machine and this allows it to share host operating system resources. There will be only one OS and all the containers will be using that OS.
Most of the application are meaningless without OS since it is required for IO, hardware calls etc.
Each docker container may have different packages (java, python, jboss etc), applications installed.
I've been asked to research Docker. The question that I cannot get a definitive response to is "can you run Docker on Windows in production?".
I keep seeing "Docker image containers can run natively on Linux and Windows. However, Windows images can run
only on Windows hosts and Linux images can run only on Linux hosts, meaning a host server or a VM."
I'm not interested in running containerized windows applications (.net). We have Spring Boot (java) applications & are creating a microservices architecture. These containerized apps. don't need an OS running in the same container.
We also need an orchestration engine like Kubernetes and its unclear if this is something that can run in production on windows either.
I've been fighting the good fight trying to get deployment environments switched to Linux but that's a loosing battle at this point.
Citing the docs:
Welcome to Docker for Windows!
Docker is a full development platform for creating containerized apps,
and Docker for Windows is the best way to get started with Docker on
Windows systems.
Take this literally. It's meant by the vendor as a dev tool to develop your Docker environment on Windows, not a production environment. To run it in production, they expect a Linux host.
It's not clear if the OP is asking "Can I run Docker on Windows in production" (like from a licensing perspective), or "should I run it" (like from an experience perspective.) I have an answer that should address both points.
It's indeed interesting to note first that as I write this, all the answers and comments so far are from 2018 or (like the question) 2017.
Here's at least one 2019 post on the topic from Docker (including listing clients running in production, so it addresses both points):
https://www.docker.com/blog/5-reasons-to-containerize-production-windows-apps-on-docker-enterprise/
And while the title refers to Docker Enterprise, the article does say "Hundreds of enterprises now run Windows container nodes in production", without that Enterprise caveat.
Even so, folks who may "not want to pay to run Docker Enterprise" should note that Windows 2016 and 2019 include a license of Docker Enterprise, free. (As for the recent upheaval of Docker where the Enterprise product was sold to Mirantis, there's no indication yet that will change the included Windows licensing of it.)
Still, I realize that the OP and other readers may seek still more (documented) evidence of production Docker deployment on Windows. I'll leave that for others to elaborate. Just didn't think this should stand here without anything more recent than July 2018.
Check out this blog, it quotes "Windows Server 2016 is the where Docker Windows containers should be deployed for production".
First of all, I suspect this question is rather stale after 3 years. I don't know if you are still struggling with the problem, I would love to hear your experience and the route you had taken.
This is probably a biased answer but I will try to answer with my experience. Like you, we have also lost the good fight to persuade our client to use a Linux server. We have 2 metals and a small bunch of virtual machines running Windows Server 2019 - Server version 1809 (Which is not the cutting edge, but the most recent stable version) It was indeed an improvement on top of WS2016. However it still had some problems. The major problem was with the docker swarm. The overlay networking with routing mesh was not working properly. So we had to fall back to containers with docker-compose and manual service discovery, which kinda beats the purpose of docker.
That being said, the problem with the Swarm network could be because of the fact that we are using virtual machines and Hyper-v switches. On top of that, we had no direct access to host network and we had to jump through some bureaucratic hoops whenever we require changes in the network, which got super old super fast when we want to test stuff. Additionally, we did not have Active Directory because of our lack of confidence to network. I am still not sure if DCs would play with docker in a virtual environment. Still not having AD was manageable since we did not have many machines.
Another problem was that we did not have nested virtualization (i.e. cannot run moby) due to CPU issues, and WSL2 with support for Docker is not available on WS19 LTSC editions. So I had to write our own images for many stuff that we use. Like Jenkins, Redis, etc. You can find the dockerfiles here if interested But obviously keeping them up to date and tidy was a huge work and I did not have much time to invest.
Performance-wise, we seemed to have no issues but we did not really make a comparative analysis.
All in all, I love Docker, it is a great product. But after this project I am thinking not to touch Docker on windows in a production environment with a 10 foot pole. In fact, I don't know if I will ever use a Windows machine as production environment in the future. It is cool to have it in development though.
My understanding is that Containers on Windows Server should be fine for production while Containers on Windows Desktop should be only for dev and test, not production. I saw one post "MICROSOFT SOFTWARE SUPPLEMENTAL LICENSE FOR WINDOWS CONTAINER BASE IMAGE" https://learn.microsoft.com/en-us/virtualization/windowscontainers/images-eula, not sure how this one is related to this question?
I can highly recommend not to use Docker Desktop for Windows in Production.
The host machines (Windows 10 Pro) where configured to restart everyday at a certain time and the Docker Container where Linux containers which as recommended where using the WSL2 based engine.
I was testing it on 20 devices for a over one year now and from 20 Pc's had at least 5 now the problem that Docker Desktop cannot be initialized. Which means that Docker Desktop is not starting anymore until you remove some folder(s) in %APPDATA% but when you do so it worked only 3 out of 5 times for me that Docker Desktop was able to start after that. One time needed to reinstall Docker Desktop the remaining One I needed to reload all the docker images and configure them again. Most of the issues seemed to have been a result of a power cut.
Most annoying are the updates from my perspective, because from one to the other version all images and running containers where gone and I needed to reconfigure them, happend with 2 Version in the past but not on all computer.
The Linux machines on the other hand no issues.
My work laptop is running LinuxMint as the base OS, plus Virtualbox to run Windows 7 which is the actual work environment, usually plus an additional Virtualbox VM to run a different Windows installation in which I do my client project work (I have one VM per client, to avoid messing up my main OS).
But I'm wondering if it's feasible and beneficent to switch to using Docker for the client project stuff? That is, I'd like to keep LinuxMint (to preserve my sanity), and keep Windows ('cause I have to use some MS products), but then instead of that series of "client VM's" use Docker containers?
I'm not entirely clear on how containers are useful. Can I, for instance, have a container in which I've installed dotNET and MS SQL; and then another container where I've installed an Azure Powershell; and a third container where I've installed Java and Eclipse -- and then decide which of these "sets" of software is available on the same common base OS (Windows, with VPN and Outlook and Notepad++)?
This post makes me think I'm asking for a solution from the wrong tool?
Or should I perhaps attack the root problem from a different angle, and ask the following over at Workplace.SE: How to work as a consultant without "cluttering up" one's (Windows) OS with more or less temporary installations of all sorts of software necessary for client projects?
AFAIK there is no WindowsOS ready to be run INSIDE a docker container localy, but they are anounced. See www.docker.com/microsoft and msdn windowscontainers
What you can do is run Linux OSs in docker containers within Windows. But in your case you should run the docker engine in your Mint Linux
Not really an answer, more like several comments -- though it's too long to fit within a comment
First of all I would not run Mint, but that's off the question.
Then, it may probably worth to take a look at How is Docker different from a normal virtual machine?.
Also, as you linked, Docker does not aim (at all) to run several programs. Indeed, their policy is Caas: Container as a Service. So basically one program per container. Saying all that, you can probably run wine within container and run one application on each container (over wine).
Have fun!
There was a project thrown my way recently that involves the orchestration of several (Linux capable) embedded devices, deploying software to them, and allowing for the applications to be updated when the code base updates in a git repo.
The initial thought was to make a standard image for each device, and I set out, attempting to install docker on an UDOO Quad and an Intel Edison to start, but without any success up to this point.
My thinking is that it seems to be a good idea to install Docker on embedded devices--but if that's the case, surely it would have been ported by now. The only group out there that seems to be making these efforts is Resin.io.
Is there something I'm missing, or is there a clear reason why Docker doesn't make sense on embedded devices? If there isn't a reason, and it does make sense to run Docker on embedded systems, is there something I've overlooked out there: are there any sources of discussion on porting, or how-to's that cover this?
I have considered running docker on embedded devices (a mips system), but didn't go that way. There are some problems with it, in my humble view:
Docker is implemented in Golang. There is currently no available tool chain for mips to compile go. You will need to create the tool chain yourself using gcc-go.
The size of docker is larger than lxc. In a desktop computer this is not a problem, but the embedded device has limited flash storage.
Docker uses some quite up-to-date feature of linux kernel. Sometimes the kernel version on embedded devices are not so new and back-port is needed to make it work.
The docker image has to be built on the same architecture as the run time environment. It means that if you want to run a docker container on Raspberry Pi, the docker image has to be built on an ARM-architecture system. QEMU can be used to build docker image in the cloud, but it doesn't support all CPU architectures used in embedded system. (for example, it currently doesn't support MIPS)
In the end, lxc was chosen for the specific task of running a container on embedded device. It has limited features compared to docker, but currently it suits the requirement of the project.
As of year 2019, I would like to update this answer since I did port docker to embedded system with ARM cpu. With the price of flash usage, memory usage, by using docker you will have container management, image management, and many ready to run images from docker hub. So the decision is a balance between cost and features.
Here is an update for 2018:
You can work with Docker on embedded devices such as Raspberry Pi and Orange Pi quite easily now because of advancements in the development of Raspbian and Armbian operating system images. Specifically, both types of devices and their respective OS images now support kernels that are of sufficiently high enough versions to install Docker without any problems (at least version 3.10, though both now offer 4.x+ versions).
Your desire for faster rates of change can definitely be realized by using embedded Docker. I can say from experience that I have tested and regularly run the approach you describe. Basically, you start with a base operating system image such as Raspbian or Armbian, tweak that operating system enough that it's secure and has Docker installed, and then you use Docker for handling development iteration and application updates.
As an aside, if you are interested in running Docker on embedded Linux devices, then I recommend you check out a free, open-source, MIT-licensed command line tool I wrote to help developers work with embedded Docker on multiple devices at once: https://github.com/ForwardLoopLLC/floopcli .
Even if you are not interested in the tool itself, the documentation for the tool describes several patterns for working with Dockerized applications across multiple devices in multiple languages: https://docs.forward-loop.com/floopcli/master/index.html . The materials there should serve as a starting point for porting applications to Docker and then deploying them on embedded devices. The documentation also addresses some embedded device subtleties, such as differences between ARMv6 and ARMv7. Hopefully this helps you get started!
There is a great article on LinkedIn describing his experience with that
https://www.linkedin.com/pulse/whale-jar-when-running-docker-embedded-linux-good-thing-fletcher#pulse-comments-urn:li:article:7736487387895237975
Often embedded systems have a very slow rate of change. Docker works well on a minimum build then layering on top. If you want to sacrifice the overhead of running docker on a minimum embedded system for docker's ability to have a build system and steady rate of change then you could explorer it.