Blog

Docker’s Integration with Windows Server

Docker containers are now supported by Windows Server 2016 TP4 and TP5. Learn what this means for the future of IT system and application architectures and how to set up and manage a host using Microsoft PowerShell.

This is a synopsis of an article published in Redmond magazine in June 2016; read the full article via the link below.

One of the key breakthroughs that will transform Microsoft’s server OS into a next-generation cloud platform is the ability to run proprietary and open source containers in the next version of Windows Server. Support for containers opens the door for organizations to build modern, cloud-scale applications, those that are Windows-based and open source, portable across servers, virtual machines (VMs) and clouds.

Even though container technology has been part of Linux or some time, its addition to Windows Server is entirely new with Windows Server 2016 TP4 and updated in TP5. Containers essentially virtualize at the OS level, which makes them far more lightweight than VMs that virtualize at the hardware level. In addition, containers are more easily updated than a VM, enabling businesses to have a more rapid release cycle. Windows Server Containers can be used to rapidly deploy applications to Windows Server systems. Windows Server 2016 supports two types of containers: Windows Server Containers and Hyper-V Containers. Windows Server Containers run directly on the Windows Server OS and they’re more lightweight than Hyper-V Containers. Like their name implies, Hyper-V Containers run inside a Hyper-V VM, which means they have somewhat higher resource requirements, but they also offer increased security and application isolation over Windows Server Containers. Both Windows Server Containers and Hyper-V Containers can be managed using Docker or Windows PowerShell.

Microsoft opened the path for infrastructure and application designed purely for the Microsoft platform to offer new levels of portability across apps, systems, and cloud services when the company announced in 2014 that it would support Docker containers in Microsoft Azure and Windows Server. To get a better understanding of how Windows Server Containers work, let’s take a closer look at how containers compare to VMs.

CONTAINERS

  • like the next generation of virtualization beyond server virtualization, except instead of virtualizing at the hardware level like a VM, it essentially virtualizes at the OS level
  • run at a layer on top of the Windows Server OS and they share the OS kernel
  • run with lower overhead than VMs which also give them a much smaller footprint
  • can enable organizations to improve application performance, increase the density of apps running on their servers, and speed up application deployment
  • are isolated, but share OS and, where appropriate, bins/libraries
  • more resource-efficient than VMs, which means a single system can potentially host far more containers than VMs

VIRTUAL MACHINES (VMs)

  • rely on a hypervisor, which is normally installed directly on bare metal system hardware
  • each has its own OS and applications
  • can be moved between virtualization hosts without changing the VM characteristics and without any end user downtime by using technologies such as live migration or VMware vMotion
  • have more storage and network flexibility than containers

Docker is a platform that allows software developers and IT professionals to develop and deploy applications in container images. These images are portable and isolated from each other. Docker provides an abstraction between the application layer and the OS layer. Developers can create applications in Docker containers and copy and run those applications without changes on the physical servers, VMs or cloud Infrastructure-as-a-Service (IaaS) VMs that run the containers.

Using a client-server architecture, the Docker client talks to a daemon (aka service). The client and daemon can run on the same or different systems and it’s the daemon that executes the container image. To create images, Docker uses a union file system that allows several file systems to be mounted simultaneously, but to appear as one. You install applications on top of a base OS image and Docker creates a snapshot using Another Union File System (AuFS). The resulting image is lightweight and read-only. Changes made to the container are sandboxed and they’re not propagated to the underlying OS. Updating images is easy because only the differential changes since the last snapshot need to be distributed each time a modification is made to an application. Container images are stored in the Docker registry. This is part of the Docker implementation and is different from the Windows system registry. You can manage Windows Server Containers with either Docker or PowerShell, but at the time of this writing, images created with Docker can’t be managed using Windows PowerShell and images created with PowerShell can’t be managed with Docker.

REQUIREMENTS OF USING WINDOWS SERVER CONTAINERS OR HYPER-V CONTAINERS WITH DOCKER.

  • Windows Server 2016 TP4 or an Azure Windows Server 2016 VM
  • Administrator permissions on the host
  • 20GB of available storage
  • Hyper-V Containers require the Hyper-V role
  • Hyper-V Containers require Windows Server 2016 with Nested Virtualization enabled
  • Currently, the build and patch level of Windows Server Container images must match the host OS, but this might change by the final release

Windows Server Containers can only run Windows applications — even with Docker. Any Linux-based Docker containers won’t run under Windows. They will only run under Linux. This is because containers share the same common OS as the container host.

STEPS REQUIRED TO PREPARE A WINDOWS SERVER TO HOST FOR RUNNING CONTAINERS

  • Container feature: Enables use of Windows Server and Hyper-V containers
  • Optionally create a container network: Containers use a virtual switch on the host for network connectivity
  • Install Container OS Images: OS images provide the base for container deployments
  • Install Docker: Docker provides container management, but you can also use PowerShell

ENABLING WINDOWS CONTAINER SUPPORT AND INSTALLING DOCKER WITH POWERSHELL

There are a few different methods you can use to install Windows Server Containers support on your system. The most straightforward way is to launch Server Manager and the run the Add Roles and Features Wizard. On the Select features dialog, select the Containers option. When you add the Containers feature you essentially install a setup of Windows Server Container PowerShell commands. You can also install the Containers feature using PowerShell with the following command:

PS C:\> Install-WindowsFeature containers

The system needs to be rebooted following the installation of the Containers feature. You can run the Get-ContainerHost command to verify the Containers feature has been installed. After the Containers feature has been installed, you can run the following PowerShell command to see the different PowerShell Container cmdlets:

PS C:\> Get-Command -Module Containers

Unlike adding most of the other Windows Server 2016 features, adding just the Containers feature isn’t the only step you need to perform to use Windows Server Containers and Docker. You also need to perform several other configuration steps. Microsoft provides a PowerShell script that can help you quickly complete the initial Windows Server Container host configuration.

Performing the configuration steps either manually or by running the script is required even if you enable the Containers feature in Windows Server 2016 TP5. This might change somewhat in the final release, but for Windows Server 2016 TP4, if you don’t run the setup commands and you try to run Docker you’ll get a “Docker isn’t recognized” error.

Unfortunately, the script did not always deliver reliable results as I ran it on different hosts. When it did work the script significantly streamlined the setup process. I’ll provide steps for both the manual setup and PowerShell script. To download the script, run the following command:

This will download the Install-ContainerHost.ps1 script to your C:\ drive. You can also download it to other directories if you prefer to not run it from the root directory. After the PowerShell setup script has downloaded you can execute it using the following command (remember, if you’re running this command on a bare-metal host it you won’t be able to easily rollback the changes, so you should backup before executing the command):

This script takes quite a while to run as it needs to download container images. If the script completes successfully, your system will be container-ready. A virtual switch for the containers will be created. The NanoServer and WindowsServerCore images will be downloaded. Docker will be downloaded and the Docker Daemon service will be created and started. If the script doesn’t complete successfully you can perform a manual setup using the commands in the following sections. If the script completes successfully you can jump down to the “Managing Containers with Docker” section.

INSTALLING OS IMAGES

The previous steps configured the Windows Server host to support containers. However, in order to start creating containers you need a base OS image. OS images have been created for both Windows Server Core and Nano Server. The following PowerShell commands illustrate how to install the ContainerProvider module, which is needed to install OS images, and then use the Find-Container Image command to return a list of available images. The following images are included with Windows Server 2016 TP5:

If you find that either of the container images are missing you can install them using the following Install-ContainerImage commands:

MANUALLY INSTALLING DOCKER

Once the OS images have been installed, you can install the Docker container management runtime. The Docker runtime is optional, as you can opt to use PowerShell instead. However, if you also plan to use containers on Linux it provides the same functionality and management interface that you get on Windows Server 2016 TP4. First, download docker.exe and place it in the System32 directory on the container host. Next, create a directory named c:\programdata\docker.

You can see how to install Docker in the following listings:

The first line downloads the Docker executable while the second creates a new path named c:\programdata\docker and a new file within that path named runDockerDaemon.cmd.

Next, you need to download and run the nssm.exe program to install the Docker service. The following listing shows how you can download nssm.zip, extract nssm.exe and copy it into the c:\windows\system32 directory:

The runDockerDaemon.cmd file starts the Windows service named Docker Daemon. You need to be sure the value used in the -b parameter matches the name of the virtual switch you’re using. The default value used by the setup PowerShell script uses “Virtual Switch.”

Next, you need to download and run the nssm.exe program to install the Docker service. The following listing shows how you can download nssm.zip, extract nssm.exe and copy it into the c:\windows\system32 directory:

After extracting the nssm.exe file you can run nssm install to configure the Docker service:

PS C:\> start-process nssm install

Nssm.exe provides a simple GUI that enables you to configure a Windows Service. On the Application tab enter the following values:

 

On the Details tab you can enter the display name (Docker) and an optional description (such as: The Docker Daemon provides management capabilities of containers for docker clients). Finally, on the IO tab you can enter the path for the Docker output and error logs:

 

After filling out the values presented by the nssm.exe program, click the Install Service button to install the Docker service. This will execute the runDocker Daemon.cmd file and then Docker is ready to be used. To start the service run Net Start Docker. To stop the service, you can run Net stop Docker followed by net start Docker. To enable remote management open port TCP 2376. If you later want to delete the Docker service, you can use the following command:

C:\sc.exe delete Docker

Microsoft’s documentation outlines further details on setting up Windows Server Containers.

MANAGING CONTAINERS WITH DOCKER

Docker provides a command-line interface for managing containers. To see all of the commands that Docker supports you can run docker help. To list the existing Docker images on the server, type docker images in the PowerShell console and press ENTER. You should see images called windowsservercore and nanoserver. To run an image using Docker, use the following command:

This will create a new container called dockerdemo. The images will be based on the windowsservercore OS image and it will launch a PowerShell prompt. This really doesn’t look much different from a standard PowerShell prompt. However, the container is running in an isolated state on top of the host OS. If you run ipconfig from within the container, you’ll see the container’s networking configuration, which includes the container’s ipconfig output at the top of the screen and the host’s ipconfig output at the bottom of the screen. You’ll notice the container has its own IP address and that it’s pointing to the host as its default gateway.

Typing exit will leave the interactive shell of the container. In this example the container will continue to exist, but it will be in a stopped state. If you want to re-enter the container you can restart the container and then attach to it:

C:\docker start dockerdemo C:\docker attach dockerdemo

To see the running containers you can use the ps command:

C:\docker ps -a

If you want to delete the container, then you can use the remove command:

C:\docker rm dockerdemo

If you want the container to be automatically removed after you exit it you can add the –rm switch to the docker run command:

For more detailed information about running Docker containers you can check out the Docker run reference page. For more detailed information about running Docker containers you can check out the Docker run reference page.

CREATING CONTAINERS WITH DOCKER

You can use the Docker search command to see a list of images available from Docker Hub. The following command shows how you can search for all of the Microsoft container images:

C:\docker search Microsoft

You can retrieve images by using the docker pull command. It’s important to note that the windowsservecore OS image must be installed before pulling images dependent on Windows Server Core from Docker Hub. Likewise, the nanoserver OS image is required for any image that’s based on Nano Server. For example, here’s how you would use the docker pull command to retrieve the microsoft/aspnet image:

C:\docker pull microsoft/aspnet

If you want to create a new container image from a running container, you must first launch the container and then use the docker commit command:

C:\ docker commit dockerdemo dockerdemoimage

Here, dockerdemo is the name of the container that was created in the previous step and dockerdemoimage is the name for the new image. You should note that the image name has to be in lowercase. To later run the image you simply use the docker run command like earlier:

C:\docker run -it –name dockerdemo windows??servercore

If you want to later remove an image you can use the docker rmi command:

C:\docker rmi docker??demoimage

The new support for containers in Windows Server 2016 TP4 provides a lightweight mechanism for deploying applications and increasing server density. The option to manage containers with Docker enables you to have a common container management platform for Windows Server Containers and Hyper-V Containers, as well as Linux Containers. Containers won’t replace VMs in the near future, but they definitely provide an important new tool in your IT management tool chest.

Source: Redmond Magazine, Docker’s Close Integration with Windows Server

Start Date
End Date
Day/Eve
Break Weeks
Track
Jan 23, 2023
Jul 27, 2023
Eve
4/3/23-4/7/23
5/22/23-5/26/23
7/3/23-7/7/23
CSSP-V
Jan 30, 2023
May 5, 2023
Day
3/6/23-3/10/23
4/10/23-4/14/23
CSSP-V
Feb 6, 2023
May 19, 2023
Day
3/27/23-3/31/23
FSCP-V
Mar 20, 2023
Jun 23, 2023
Day
4/24/23-4/28/23
5/22/23-5/26/23
CSSP-V
Apr 10, 2023
Jul 28, 2023
Day
5/29/23-6/2/23
7/3/23-7/7/23
FSCP-V
Apr 24, 2023
Oct 19, 2023
Eve
7/3/23-7/7/23
8/21/23-8/25/23
CSSP-V
May 15, 2023
Dec 14, 2023
Eve
7/3/23-7/7/23
9/4/23-9/8/23
11/20/23-11/24/23
FSCP-V
Jun 5, 2023
Sep 8, 2023
Day
7/3/23-7/7/23
8/7/23-8/11/23
CSSP-V
Jun 19, 2023
Oct 6, 2023
Day
7/3/23-7/7/23
9/4/23-9/8/23
FSCP-V
Jul 24, 2023
Jan 25, 2024
Eve
10/2/23-10/6/23
11/20/23-11/24/23
12/25/23-12/29/23
CSSP-V
Aug 14, 2023
Nov 17, 2023
Day
9/5/23-9/8/23
10/16/23-10/2/23
CSSP-V
Aug 28, 2023
Dec 15, 2023
Day
9/4/23-9/8/23
11/20/23-11/24/23
FSCP-V
Oct 30, 2023
Feb 2, 2024
Day
11/20/23-11/24/23
12/25/23-12/29/23
CSSP-V
Oct 30, 2023
May 2, 2024
Eve
11/20/23-11/23/23
3/4/23-3/7/23
CSSP-V
Nov 6, 2023
Mar 1, 2024
Day
11/20/23-11/24/23
12/25/23-12/29/23
1/29/24-2/2/24
FSCP-V
If you don't see the Cohort Start date you are looking for don't forget to check out our campus calendars.
CSSP-I: Cloud & Security Specialist Program (In-Person Modality)
CSSP-V: Cloud & Security Specialist Program (Live Virtual Modality)
FSCP-I: Full Stack Coding Program (In-Person Modality)
FSCP-V: Full Stack Coding Program (Live Virtual Modality)
Please note that Centriq will be closed on the following observed holidays: New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, the day following Thanksgiving Day, and Christmas Day.
Start Date
End Date
Day/Eve
Break Weeks
Track
Feb 29, 2024
Mar 24, 2024
Day
3/25/24-3/29/24
4/22/24-4/26/24
CSSP-I
May 13, 2024
Aug 16, 2024
Day
5/27/24-5/31/24
7/1/24-7/5/24
CSSP-I
Aug 19, 2024
Nov 22, 2024
Day
9/2/24-9/6/24
10/21/24-10/25/24
CSSP-I
Dec 2, 2024
Mar 14, 2025
Day
12/23/24-12/27/24
12/30/24-1/3/25
2/10/25-2/14/25
CSSP-I
If you don't see the Cohort Start date you are looking for don't forget to check out our online instructor-led calendar.
CSSP-I: Cloud & Security Specialist Program (In-Person Modality)
CSSP-V: Cloud & Security Specialist Program (Live Virtual Modality)
FSCP-I: Full Stack Coding Program (In-Person Modality)
FSCP-V: Full Stack Coding Program (Live Virtual Modality)
Please note that Centriq will be closed on the following observed holidays: New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, the day following Thanksgiving Day, and Christmas Day.
Start Date
End Date
Day/Eve
Break Weeks
Track
Jan 15, 2024
Apr 19, 2024
Day
2/19/24-2/23/24
3/18/24-3/22/24
CSSP-I
Feb 26, 2024
May 24, 2024
Day
4/1/24-4/5/24
CSSP-I
Apr 08, 2024
Jul 12, 2024
Day
5/27/24-5/31/24
7/1/24-7/5/24
CSSP-I
May 20, 2024
Aug 23, 2024
Day
5/27/24-5/31/24
7/1/24-7/5/24
CSSP-I
Jun 24, 2024
Sep 27, 2024
Day
7/1/24-7/5/24
9/2/24-9/6/24
CSSP-I
Jul 29, 2024
Feb 6, 2025
Eve
9/2/24-9/5/24
11/25/24-11/28/24
12/23/24-12/27/24
12/30/24-1/3/25
CSSP-I
Aug 5, 2024
Nov 8, 2024
Day
9/2/24-9/6/24
10/7/24-10/11/24
CSSP-I
Sep 9, 2024
Dec 13, 2024
Day
10/14/24-10/18/24
11/25/24-11/29/24
CSSP-I
Oct 21, 2024
Jan 31, 2025
Day
11/25/24-11/29/24
12/23/24-12/27/24
12/30/24-1/3/25
CSSP-I
Dec 2, 2024
Mar 14, 2025
Day
12/23/24-12/27/24
12/30/24-1/3/25
2/10/25-2/14/25
CSSP-I
If you don't see the Cohort Start date you are looking for don't forget to check out our online instructor-led calendar.
CSSP-I: Cloud & Security Specialist Program (In-Person Modality)
CSSP-V: Cloud & Security Specialist Program (Live Virtual Modality)
FSCP-I: Full Stack Coding Program (In-Person Modality)
FSCP-V: Full Stack Coding Program (Live Virtual Modality)
Please note that Centriq will be closed on the following observed holidays: New Year’s Day, Memorial Day, Independence Day, Labor Day, Thanksgiving Day, the day following Thanksgiving Day, and Christmas Day.