Having doing alot of work into containers lately, I can happy to say that I finally understand the concept of it all! When I first started reading about Containers I was like, WTF?? is this like a new concept of virtual machines or just some phase? Well it took some time to get used to the concepts around it but opens up alot of possibilities, so therefore I decided to write this post to perhaps enlighten those that still are wondering what is a container? What does Docker do? What about this Container Ecosystem? And what is Microsoft doing in the mix?
What is a container?
So the easiest way to describe a container is how to differs from a virtual machine.
When we setup a virtual machine we need a hypervisor which supports virtualization using
certain CPU intructions. Then we define a set of virtual hardware (CPU, Memory, Harddisk) etc
Then we need to install a Guest Operating system on the virtual machine or have some form of
guest OS running, so the guest OS is not sharing any of the underlaying operating system running on the hypervisor in fact it is unaware of it.
So even if we have a hypervisor running Microsoft Hyper-V, we can still setup virtual machines running Linux or other 32/64-bits virtual machines on the top. So in fact virtualization is hardware virtualization
A container on the other hand is a running instance which wraps a piece of software in a complete filesystem
which is running directly on the underlying (known as a container host)operating system, using layered filesystems and share common files but it has its own library/ and networking stack with its own IP address.So it has its own identity but it shares the underlaying OS image, but it stil lfeels like a virtual machine.
So in terms like a virtual machine a container has
* Has its own process space
* Own network interface
* Own services running
* Can install packages and dependencies
But… You remember unlike a virtual machine a Container
* Uses the host kernel
* Cannot boot a different operating system
* It is just a bunch of processes running on the host machine
* Not a full virtual machine, so it has some limitations in terms of services/features
So in an easier term it is Operating system virtualization, so the cool thing is that since it does not require a guest-OS, It can startup almost instantly, and removes the overhead from a guest-OS
Now a container is built from an image. The image must be built on the same OS version/model as the underlying container host is running. So for instance on a Windows Server based container it can share the C:\system folder as a read-only from the underlying Container host. A Container image is a template built upon that container host which can for instance be a preconfigured container with IIS installed. Another example on a Container image can be WordPress, where we have a Windows Container image preinstalled with IIS and WordPress. For instance if we were to use Containers on Linux, as an example Ubuntu, we have the same types of image but since IIS is a Windows only component it is not availble as an image on Linux. For that case we have a precreated image using Apache or Nginx instead.
So as an example let’s take a closer look at a Windows based Container host. Microsoft is coming with Container support on Windows Server 2016, so we can run a Windows Server as a container host (Either physical or virtual, it is not dependant on the same CPU requirements as a virtualization host)
The simplets way to setup Windows 2016 as a Container host is by using the finished script from Microsoft.
Invoke-WebRequest “https://get.docker.com/builds/Windows/x86_64/docker-1.12.0.zip” -OutFile “$env:TEMP\docker-1.12.0.zip” –UseBasicParsing
Expand-Archive -Path “$env:TEMP\docker-1.12.0.zip” -DestinationPath $env:ProgramFiles
[Environment]::SetEnvironmentVariable(“Path”, $env:Path + “;C:\Program Files\Docker”, [EnvironmentVariableTarget]::Machine)
& $env:ProgramFiles\docker\dockerd.exe –register-service
Install-PackageProvider ContainerImage -Force
Install-ContainerImage -Name WindowsServerCore
It is important to note that Microsoft is partering with Docker to deliver containers, and that bring the next question what is Docker?
Docker is a container management tool which is used to automate, create, deploy and run Containers. The reason why Microsoft partnered with them is because they are leading edge in Container management and they have a lot functionality which makes deployment alot easier., and since alot of enterprises are using Docker it makes alot of sense for Microsoft to align their container functionality with Docker.
Docker can be used to manage both Linux container hosts and Windows Container hosts.
Which makes it easy for administrators who are familiar with Docker to easy implement and manage containers on Windows as well. Still it is important to remember not that all features which are available on Linux are not available on Windows. Also that since the underlying container host are different it means that we cannot use the same docker images since they are different.
Docker also has a cool feature which is docker pull which allows us to easily fetch precreated images availble from the Docker Hub (Repository) For instance WordPress / Minecraft / Joomla etc. Note however that this is OS dependant.
So what can run on a Container?
Great! Now I can run a Container, what can I run on it? The easiest way to think about things that can run in a container are services / applications which are headless, meaning that they do not provide a UI using a thick client or that they run as a web-services. So web-services, simple services, simple DB instances, backend services and such. Running services which requires a terminal server connection will not work, and not all services which are directly available in the host are available in the client as well.
So if you are using Citrix or Microsoft RDP don’t expect to jump on the container wagon anytime soon.
Take a look at where is in the repository and you get a good idea about what is going to be available to use in a Container https://hub.docker.com/explore/ Also Microsoft has its own GitHub repository for Docker examples https://github.com/Microsoft/Virtualization-Documentation/tree/master/windows-container-samples/windowsservercore
Now as mentioned we have Containers, we have Docker so now let us take a closer look at the Container ecosystem. Since there are alot of different products emerging in the space, so I decided to create a little cheat sheet to describe most of those products:
Nano Server: Microsoft’s headless deployment option for Windows Server 2016, built for running Containers
NetScaler CPX: Citrix NetScaler Load balancing running as a Container on top of a Ubuntu Docker host
VMware VIC (vSphere Integrated Ccontainers) Deploy Linux based containers on vSphere virtual machines
Project Photon: Lightweight OS (From VMware) made for Containers, tightly integrated with vSphere
CoreOS: A Linux distribution made for running Containers,
Rkt (Rocket): An alternative to Docker, built from the guys that created CoreOS
LXD: Linux based container hypervisor for Ubuntu, which allows for hardware based isolation of containers, with the same benefits that a Container gives.
Docker Datacenter: Enterprise management of Docker hosts (Container hosts) including monitoring.
Azure Container Service: Service for running precreated containeres in Azure, using Linux and finished integrated with a system Orchestrator (DC/OS or Docker Swarm)
Docker Swarm: Native clustering management for Docker using the same CLI commands as Docker.
Kubernetes: an open-source platform for automating deployment, scaling, and operations of application containers