unlimited windows containers on a single host?



  • searching for java on docker I've hit this blog post, where the author states:

    For production, licensing is at the host level, i.e. each machine or VM which is running Docker. Your Windows licence on the host allows you to run any number of Windows Docker containers on that host. With Windows Server 2016 you get the commercially supported version of Docker included in the licence costs, with support from Microsoft and Docker, Inc.

    His source being this blog from docker Inc. Now this is a 2 years old thing I was not aware of.

    My main concern is: how well could some old applications run in a container? Also: is there only a cmd line? This post also presented here on mangolassi by starwind seems interesting: it talks about guis to manage docker on windows.

    Being able to run a number of different containers on Docker+Hyper-V at the price of a single licence seems interesting from the budget perspective and adds more sense to containers vs VMs... Was this rotten stuff? Anyone aware of this?



  • Containers have always been "free" once you own the underlying OS. Containers aren't as clearly defined as you would think and licensing them separately from the OS would result in impossibly complex an unenforceable licensing. So Microsoft is all but forced to make them free. Because containers are "just a process" and don't involve another kernel or OS, trying to license them would create an issue where all kinds of normal non-container apps would get caught in the licensing sweep making the OS impossible to use.



  • Age of the app should have little impact on the ability for it to be containerized. It will only affect if they have already done that work for you or not.



  • @scottalanmiller said in unlimited windows containers on a single host?:

    Containers aren't as clearly defined as you would think and licensing them separately from the OS would result in impossibly complex an unenforceable licensing.

    Good point!



  • If you use process isolation, then there are no licence restrictions. This is what has fueled our push for Docker. We cannot run some of our services on the same system because they share components but use different versions. Will save us a ton on licencing.

    Hyper-V isolation gives containers their own kernel, so they are subject to regular Windows licencing.

    Containers do not expose any local gui, you can communicate with a container via terminal or network communication

    I believe the 1809 nanoserver base image doesn't even have powershell



  • @flaxking said in unlimited windows containers on a single host?:

    Hyper-V isolation gives containers their own kernel, so they are subject to regular Windows licencing.

    By definition, that makes it not a container. A container is defined by the shared kernel aspect.



  • @scottalanmiller this is MS version of shielded containers aka 1 container in 1 VM. Something maybe good if you can start a super fast os with a lightweight emulation layer a-la AWS firecraker. Don't know if windows can attain such a perf level...



  • @matteo-nunziati said in unlimited windows containers on a single host?:

    @scottalanmiller this is MS version of shielded containers aka 1 container in 1 VM. Something maybe good if you can start a super fast os with a lightweight emulation layer a-la AWS firecraker. Don't know if windows can attain such a perf level...

    Right, it's a container, but the problem is that it is also it's own VM. It is the VM, not the container, causing the need for a license. And the need for its own kernel. It's still a shared kernel, just shared with "no other containers" as no other are running.



  • @scottalanmiller sorry I wanted to answer @flaxking but ended up replying to yours reply xD