Linux Containers Coming to a Windows Server Near You

Microsoft unveiled a new type of container this week at DockerCon 2017 -- a Linux container that runs on Windows Server 2016.

The move would break down a fundamental wall in deployment scenarios for containers to date. For now, Linux containers can only run on Linux host operating systems and Windows containers can only run on Windows host operating systems. While that's more of a problem for Windows, which is the newcomer to the container phenomenon, a key benefit of containers is portability. The easier it is to deploy a container regardless of the underlying infrastructure, the closer the ideal comes to being realized.

Microsoft is partially solving the issue for its user base with the funky Hyper-V containers that it released to some industry head-scratching with Windows Server 2016. (Why add the management and processing overhead of virtualization to containers?) The rest of the solution is coming from Docker and from Linux distributors, who are committing to building lightweight Linux kernels that will run inside the Hyper-V containers.

John Gossman, Microsoft Azure lead architect and Linux Foundation board member, took the stage at DockerCon in Austin, Texas, on Tuesday to demonstrate a Linux container running inside a Hyper-V container inside a Windows Server.

Mike Schutz, general manager of product marketing in the Cloud + Enterprise division at Microsoft, described the significance of the moment in a blog post Wednesday. "Yesterday we showed for the first time, a Linux container running natively on Windows Server using the Hyper-V isolation technology currently available only to Windows Server Containers," Schutz wrote Wednesday. (See here for a primer on how containers of different types work across the Microsoft stack.)

Now that the Linux-in-Hyper-V approach is formally unveiled, Gossman presented the Linux support as a logical next step in Hyper-V containers. "When we announced and launched Hyper-V Containers it was because some customers desired additional, hardware-based isolation for multi-tenant workloads, and to support cases where customers may want a different kernel than what the container host is using -- for example different versions. We are now extending this same Hyper-V isolation technology to deliver Linux containers on Windows Server. This will give the same isolation and management experience for Windows Server Containers and Linux containers on the same host, side by side," he said in a post.

The premier of the Linux container on Windows coincided with Docker's big reveal this week around the Moby Project and LinuxKit -- with an emphasis on creating lightweight and secure Linux kernels from Docker and others to run inside containers. One of the problems that approach solves is providing a Linux kernel inside containers on non-Linux platforms, such as Windows Servers, Windows clients or Apple Macs. Those Linux kernels, which themselves are built from swappable container parts, can take up as little as 35MB.

In an official blog post this week, Justin Cormack, a software engineer at Docker, mentioned the LinuxKit work in the context of the Docker-Microsoft relationship that dates to 2014: "The next step in that collaboration...is that all Windows Server and Windows 10 customers will get access to Linux containers and we will be working together on how to integrate LinuxKit with Hyper-V isolation."

Gossman's Microsoft post provides a hint at how excited the open source community is about the opportunity to spread Linux-based containers across the global installed base of Windows Servers. Senior executives at Canonical, Intel, Red Hat and SUSE all provided statements about how they will be working over the next few months with Microsoft's open source integration code to create Linux container OS images for Hyper-V containers.

Posted by Scott Bekker on April 20, 2017