Bevy of Microsoft containers range from cloud to captive workloads
Windows wasn't always an ideal environment for containers, but recent changes offer a wealth of options, including those for Windows Server and the Azure public cloud.
We've had waves of container technology: FreeBSD jails, Linux-VServer, OpenVZ, cgroups/process containers, LXC and Docker. The common theme is these process isolation options grow among the Linux crowd -- but where's Windows?
The open source community typically steams full-force into new technology, while Microsoft traditionally moves slowly. After all, in 2001, then-CEO Steve Ballmer called Linux a cancer. From that statement alone, it's clear what mindset Microsoft had toward open source technology. Never before have administrators had the ability to containerize their Microsoft stack. With Satya Nadella as CEO, Microsoft is finally beginning to embrace open source -- notably, containers.
Microsoft containers cover a gamut of deployment types: Hyper-V containers and Windows Server containers, as well as the company's native support of Docker containers, and container services in Azure through Azure Kubernetes Service (AKS) and Azure Container Registry. The company natively supports Docker containers in multiple ways.
Microsoft container features for Windows
Linux containers cannot run on Windows and vice versa, a limitation that can be lost on Microsoft container adoptees in the cross-platform hype. Containers are an isolation technology, not a virtualization one. As such, they share some components with the host. Due to the architectural differences between the two OSes, multi-OS containerization isn't possible.
Docker sidesteps the Windows/Linux container conundrum via a lightweight Hyper-V VM to make it seem as though a Linux container is running natively on Windows.
Docker sidesteps the Windows/Linux container conundrum via a lightweight Hyper-V VM to make it seem as though a Linux container is running natively on Windows.
Hyper-V containers offer more isolation than standard application containers, so evaluate them for security on Windows hosts. Hyper-V containers use Microsoft's Hyper-V virtualization technology in the back end to set up lightweight VMs in their own namespace. Due to their virtualization requirement, Hyper-V containers are slower than Windows Server containers, but security is better.
For an experience more comparable to Linux containers, consider Windows Server containers. Microsoft implemented this container technology with Windows Server 2016. Windows containers are faster than Hyper-V containers because they shed hardware virtualization and run Windows Server images. Windows and Linux containers are technically the same, in the sense that they both use the host's kernel and deploy as a wrapper around a container image. Organizations with diverse container and OS deployments should benefit from Microsoft containers' roadmap with Docker, including native Docker support. Microsoft worked closely with Docker while building container features for Windows Server 2016, which made Windows and Hyper-V containers first-class Docker citizens alongside Linux. The Docker command-line interface (CLI) works across Windows and Linux containers as well.
Azure containers and Kubernetes
Microsoft initially built a competitor to Kubernetes, the widely used container orchestration technology, with Azure Service Fabric. However, AKS marks Microsoft's all-in support for Kubernetes. The service, which is essentially an Azure-hosted Kubernetes deployment, evolved from customer feedback on Microsoft's Kubernetes support on Azure Container Service.
IT organizations that use Docker and Azure can host private Docker registries within the cloud on Azure Container Registry. Cloud-hosted container images benefit from low latency via region selection and replicated registries across regions for high availability.
Azure Container Registry also natively supports the Docker CLI. Linux administrators accustomed to managing containers via Docker will have the same experience when they use Azure Container Registry.
Microsoft containers in the cloud do not have to run with AKS. The company also offers native Azure Container Instances, which Azure subscribers can manage via any appropriate tooling, such as Docker or Kubernetes.
Microsoft shops shouldn't see containers as a barrier to advanced IT. Instead, evaluate the Microsoft container roadmap, and select products that fit your app architecture and deployment strategy.
