April 8, 2015
Timothy Prickett Morgan
Linux might have a 25 percent share of the server installed base, depending on who you ask, but it is the platform of choice for new kinds of middleware and applications and has a much higher penetration on cloudy infrastructure. To keep Windows relevant and competitive with Linux, Microsoft has to adapt, and to that end the company has revealed a new set of software container technologies and a minimalist variant of Windows Server that are expected to be commercialized with Windows Server 10.
The funny bit is that if Microsoft had not decided to build a cloud of its own several years ago as it pivoted from selling software licenses for servers and desktops to peddling services like Office365, Bing, Xbox Live, and Azure, it would not have been developing the technologies that would allow it to defend against the onslaught of Linux.
At this point in its history, there are very few companies who know more about running applications on cloudy infrastructure at scale than does Microsoft. And no one on earth operates a bigger set of Windows-based infrastructure – period. Microsoft had to alter Windows to build its Azure cloud and other services that it runs on it to make it more efficient and manageable. Some of the modifications are kept inside Azure – like the Autopilot job scheduler and provisioning system that largely controls the Microsoft cloud – and some are eventually released into the wild as enhancements to commercial products, like the Azure Pack and now the bits of Windows Server 10 that the company is previewing ahead of the Build conference at the end of April and the Ignite conference at the beginning of May.
It is not an accident of timing that Microsoft is previewing its Docker-compatible containers as well as the forthcoming Nano Server chopped-down variant of Windows Server the day before the AWS Summit in San Francisco, either.
Microsoft didn’t divulge all the details of its Nano Server and Docker container strategy in its blog posts, and it is holding its cards close to its vest until Build and Ignite.
This is not the first time Microsoft has done a minimalist version of Windows. Server Core has been around since Windows Server 2008, so a trimmed down operating system is not a new idea, and indeed Server Core was announced just about the time that minimalist JEOS, or Just Enough Operating System, variants of Linux were coming out from Canonical, SUSE Linux, and Red Hat. Server Core strips out all the bits that are unnecessary to run basic Web infrastructure services like Web, file, DHCP, DNS, and Active Directory services. Server Core cut the Windows Server 2012 footprint by 4 GB and the patch maintenance requirements by somewhere between 35 percent and 45 percent, significantly reducing the attack surface for Windows Server, as they say in the security racket.
With Nano Server, Microsoft is trying to get Windows Server down to a much smaller footprint in terms of CPU and memory capacity while at the same time making it more suitable for being controlled from within clouds.
In a blog post
, the software engineers working on Nano Server explained that Nano Server takes the already trimmed down Server Core variant of Windows Server 2012 R2 and chops out 32-bit application support as well as the Minimal Server Interface and the entire graphical user interface stack, local logon and Remote Desktop Protocol logon, and a bunch of other features that are basically unnecessary for modern, distributed applications.
Microsoft has not said how much skinnier Nano Server is compared to Server Core, but it took 3 minutes to boot Nano Server in one Microsoft test compared to 19 minutes for Server Core on the same iron, if that is any indication. (It probably is not much of one, but it is an interesting stunt.) What Microsoft did say is that Nano Server had a 93 percent smaller footprint than Windows Server stored in a VHD virtual disk image, and had 92 percent fewer critical security bulletins and 80 percent fewer reboots. It is unclear what the change relative to Server Core is, but clearly it will not be as much.
To help with manageability, Microsoft will be making Nano Server hook well into its PowerShell command line and scripting tool for system management, and support for remote file transfers, script authoring, and debugging will be added – essentially because Nano Server is a headless variant of Windows. Microsoft adds that it is working on a set of Web-based management tools, and if we had to guess, this includes bits of its Autopilot tool for managing Azure and, if not, then these will be tools that are inspired by Autopilot much as the Mesos and Kubernetes tools are inspired by Google’s Borg and Omega cluster management and job scheduling tools. Microsoft is working with Chef Software to make sure that Chef can manage container-optimized Nano Server instances, and Microsoft’s own Visual Studio application development and System Center management tools will have hooks into it as well.
The Microsoft engineers said Nano Server it was being created for two different scenarios, which we don’t see as two but rather one. This includes what it called “born in the cloud applications,” with support for C#, Java, Node.js, Python and other modern programming languages popular among the hyperscalers and third platform application developers, and “Microsoft Cloud Platform infrastructure” with support for “compute clusters running Hyper-V and Scale-Out File Server.” Presumably that does not mean Nano Server will only be available on Azure. The other interesting bit is that Microsoft is promising that you need only load the bits of Nano Server that you need and that it will be optimized for containers.
Unloading Containers With Docker
Last Fall, Microsoft announced rather vaguely that the next generation of Windows Server would have support for Docker containers and that Docker, the company, and Microsoft were working together on an open source Docker engine that would run on Windows Server as well as allowing images created for the Docker Hub repository manager to run in the Azure Gallery and for Azure to make use of the orchestration APIs from Docker. Microsoft also promised that Windows Server container images would be compatible with Docker Hub.
The idea, as Microsoft explained last fall, was to mimic the Linux stack, which has Linux containers (LXC) providing the resource isolation for the Docker Engine, and running Linux instances or portions of them plus applications in containers on top of that. This is conceptually how CoreOS does containers for its eponymous and hyperscale Linux variant.
But, as Mike Neil, general manager of the Windows Server division at Microsoft, said in his blog post
, the Windows Server-Docker situation is a bit more complex.
As you can see, there is a new kind of virtualization, called Hyper-V Containers, that is distinct from but related to Docker containers on the Windows platform.
“Leveraging our deep virtualization experience, Microsoft will now offer containers with a new level of isolation previously reserved only for fully dedicated physical or virtual machines, while maintaining an agile and efficient experience with full Docker cross-platform integration,” Neil explained. “Through this new first-of-its-kind offering, Hyper-V Containers will ensure code running in one container remains isolated and cannot impact the host operating system or other containers running on the same host.”
In essence, Microsoft has created a software isolation layer that is not as rigid or heavy as a Hyper-V virtual machine but that can wrap around a bunch of Windows processes and behave like a Docker container, at least conceptually. This Hyper-V Container is not the same thing as a Windows Server Container, which is Microsoft’s implementation of Docker, but rather a different kind of virtualization animal. The main point Microsoft wants to stress without giving away too much is that the Docker Engine it is creating in conjunction with Docker for Windows Server will be able to control both Windows Server Containers and Hyper-V Containers.
Microsoft designed Nano Server to run inside of these two different types of Windows Server containers, and the question now is whether Microsoft has been using the tools for a long time on its various cloudy infrastructure. We suspect that this is the case, and if not, then Azure will certainly be using them before they go commercial with Windows Server 10 sometime in 2016.