Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Partners With Docker

Posted by ryuzaki0 on from the team-up dept.

rjmarvin writes Docker is teaming up with Microsoft to bring its open container technology to the next release of Windows Server. Docker Engine will work with the next release of Windows Server and images will be available in Docker Hub, which will also integrate directly into Microsoft Azure. The partnership moves Docker beyond Linux for the first time with new multi-container application capabilities for cloud and enterprise developers.

18 of 104 comments (clear)

  1. What? by stephanruby · · Score: 3, Funny

    Why is Microsoft partnering with a Jeans brand? And how much did Docker pay to post a link to their content-free press release on the front page of Slashdot?

    1. Re:What? by Verdatum · · Score: 2, Insightful

      Don't you just love it when Slashdot summaries talk about some niche product without introducing the topic, just assuming everyone knows WTF it is?

    2. Re:What? by jbolden · · Score: 3, Informative

      Docker isn't niche. It is one of the core technologies for DevOps which is designing application infrastructures where IT provides a platform for in-house and integrate micro-services rather than providing monolithic applications to departments. Many PaaS systems are based on Docker particularly Helion (HP), CenturyLink, Rackspace its a big player for AWS...

    3. Re:What? by Anonymous Coward · · Score: 2, Informative

      Of the terms you threw out, I know what IT is, and I've "heard" of Rackspace -- but only because of adverspam; I have no idea what they do.

      DevOps = never heard of it
      PaaS = no freaking clue
      Helion = no earthly idea (and why area you referencing Hewlett-Packard?)
      CenturyLink = I got nothing
      AWS = nada

    4. Re:What? by jellomizer · · Score: 4, Insightful

      [Buzzword] isn't niche. It is one of the core technologies for [Buzzword] which is designing application infrastructures where IT provides a platform for in-house and integrate [Buzzword] rather than providing [Buzzword] to departments. Many [Buzzword] systems are based on [Buzzward] particularly [Buzzward], [Buzzward], [Buzzward] its a big player for [Buzzward]...

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    5. Re:What? by Verdatum · · Score: 2

      But it is nice be told what realm the product deals with beyond "Microsoft", "Linux", "Server", "Cloud" and "Enterprise developers" (terms like "Container" and "application" are far too generic, and have far too many meanings within the realm of software engineering, so that means nothing to me without more context). By providing such a background, I can know without reading the article if it is something that is likely to be of interest to me. At the very least, the first linked article should broadly describe what the product is before leaping into the announcement. Instead, I find myself scanning the article, getting confused, glancing around the website for useful links, finding a "what is Docker" link, scanning that, and still being a bit confused as to how this is different from virtual machines, despite having a section titled "How is this different from Virtual Machines?"

    6. Re:What? by Anonymous Coward · · Score: 5, Informative

      Ok here is the bloated form for people like you who can't seem to operate a search engine and need every term explained to them or directly linked.

      Docker (which is an open platform for developers and sysadmins to build, ship, and run distributed applications. Consisting of Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows, Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud) isn't niche. It is one of the core technologies for DevOps (a concept dealing with, among other things: software development, operations, and services. It emphasizes communication, collaboration, and integration between software developers and information technology (IT) operations personnel) which is designing application infrastructures where IT provides a platform for in-house and integrate micro-services (that are small, independent processes communicating with each other using language-agnostic APIs to form complex applications) rather than providing monolithic applications (single-tiered software applications in which the user interface and data access code are combined into a single program from a single platform) to departments. Many PaaS (Platform as a Service, a category of cloud computing services that provides a computing platform and a solution stack as a service) systems are based on Docker particularly Helion, CenturyLink, Rackspace its a big player for AWS...

      So much easier to understand right?

    7. Re:What? by jbolden · · Score: 2

      Docker has lower cost per service and worse security. So the same hardware can run many many more times as many docker containers as VMs. This encourages designs that cut services into more parts. So while a typical large applications might run on 1 or 2 VMs a typical large Docker application might make use of a dozen or more containers. Docker thus plays the same role of a Linux distribution in that it designs hundreds or thousands of pieces of software to work together, but in a way that allows for specialization so small companies can work on their containers in isolation.

      If you are a developer I'd try it. It is pretty cool running essentially the same setup I'd be running in a large server cluster production environment on a small VM on my laptop. It is also excellent for productivity that you have your own mini copy of "prod".

  2. For once, they hit the mark by Krishnoid · · Score: 3, Funny

    Our favorite company can finally put out a marketing campaign truly worthy of their name:

    "Microsoft is pants."

  3. Translation by thechemic · · Score: 4, Funny

    Docker = Mens apparel company
    Open Container = Open and ready-to-drink beer usually found in a moving vehicle
    Docker Engine = Something that goes "vrooom" in your pants
    Images = pictures
    Docker Hub = a place to connect your pants with people
    Azure = bright blue color, often associated with a sky

    A men’s apparel company is teaming up with Microsoft to bring its ready-to-drink beer technology to the next server in the window. Penises will work with the server and pictures of everything will be available while people share experiences with each other’s pants. The penises and pants will also integrate directly into uh-hem “Blue stuff”. The partnership moves pants n shit away from Linux for the first time. With new multi-ready-to-drink beers technology clouds will consume enterprise developers.

    --
    Let's make like a bird... and get the flock outta here.
  4. Embrace. Extend. Extinguish. by broknstrngz · · Score: 4, Insightful

    Say it isn't so.

  5. Interesting, but... by trawg · · Score: 3, Interesting

    ... I'd actually rather see Docker in the user space for Windows. There are zillions of Windows applications that would benefit from Docker-isation - being able to download things off the Internet and more safely run them is something I've wanted for ages.

    There are various application sandbox things for Windows (e.g., Sandboxie) but I haven't seen anything open source that is as reliable and commonly used as Docker seems to be.

    I think it'd be OK on the server side as well, but I'd love to be able to download nice jailed Docker versions of most Windows apps so I can run them without having to worry too much about what they're doing in my userspace.

    1. Re:Interesting, but... by jbolden · · Score: 2

      Remember Docker isn't secure. Process that want to escape can escape. So you still want Docker containers running in a VM not against bare metal. There is no reason that couldn't be the case say 2020 when people are tightly tied to Azure. Docker is usually deployed in PaaS environments so it would your server user space.

      What you might want is a Windows VM (or more than one) inside your Windows that you use for Internet downloads.

    2. Re:Interesting, but... by jbolden · · Score: 2

      I'm not a security expert, I'm parroting so with that disclaimer YMMV.

      There are many parts of the Linux kernel that don't understand the UID/GID on containers. So essentially you pass a UID to LXC and run some kernel code you shouldn't have have access to. This is being cleaned up but there are still hundreds of holes. Some of these holes are well known and document though not yet fixed. The way it is being fixed is by trying to limit some of the system calls but that of course breaks compatibility.

      LXC doesn't protect against buffer overflows and lots of stuff in the root of the system is readable (see for example vmsplice exploit). It is easy for a container to write to ram and then get the main kernel to execute instructions. Containers can be set to only run code that was loaded (i.e. execution space is read only) but that breaks many applications.

      Physical devices are another problem. If a container can access a physical device then it can pass code back to the kernel. Device are not virtualized. (BTW this won't be a problem for your use case of Windows since all device drivers are virtualized unlike Linux).

      The second issue is the containers while chrooted can have access to the filesystem the way any chroot program can. There are lots of exploits if one can write to arbitrary files to get privilege escalation.

  6. What is Docker and why should you care? by steveha · · Score: 4, Informative

    Docker is sort of an extremely lightweight virtual machines system.

    Docker organizes software into "containers". Each container has a complete set of libraries and files, and each container is isolated from the rest of the system. Thus if you need a specific and touchy set of libraries to run Software X, and you need a different specific and touchy set of libraries to run Software Y, you can simply make two containers and run them side by side.

    As I understand it, Docker container images use a "snapshots" system to store changes; so the two containers for Software X and Software Y will together be much smaller than two VM images would be.

    Using Docker, if developers make a server-side application, they can then hand a container over to production for deployment, and everyone can be confident that the application will run the same in production as it ran in development. (Of course it would still be possible to break things, for example by having different data in the production database compared to the dev test database.) Or, developers could run containers on their laptops and expect them to run the same as on the servers in the office.

    Unlike VMs, the Docker containers don't run their own kernels. So you can't run a Linux server with Docker that in turn runs OpenBSD in a container.

    As I understand it, many people use Docker to run a single process per container. The web server in one container, the email server in another, the SSH server in another, etc. One use case: if you have a web site hosted in the cloud, and the Slashdot effect starts slamming on the web site, the cloud hosting service could spin up another 500 instances of the web site (500 fresh instances of the Docker container, each container running a single process, the web server).

    I talked to an expert sysadmin, and he told me "This is the future." I'm going to set up a Docker server at home and learn my way around it.

    https://www.docker.com/whatisdocker/

    My reading of the press release is that Microsoft is going to (a) implement the Docker APIs for Windows, so that Windows server applications can be container-ized; and (b) add the ability to run Linux containers. The latter is not implausible; Windows NT has always had so-called "personalities" and Posix has been available as a personality for decades.

    http://en.wikipedia.org/wiki/Hybrid_kernel#NT_kernel

    --
    lf(1): it's like ls(1) but sorts filenames by extension, tersely
    1. Re:What is Docker and why should you care? by jbolden · · Score: 2

      You sound like you are interested.

      If I can make a suggestion: http://www.activestate.com/sta... is a terrific way for you to start playing with containers. It is a mini PaaS that runs in a VM based on Docker containers and it is free for small usages.

    2. Re:What is Docker and why should you care? by jrbrtsn · · Score: 3, Interesting

      "Windows NT has always had so-called "personalities" and Posix has been available as a personality for decades"

      Which is why everyone who actually uses Posix on Windows downloads Cygwin. Oh, wait a minute....

  7. Re:the registry by afidel · · Score: 2

    The registry has always been multi-tenant, even on a standard box with one user it's 5-6 files depending on OS version, and on a terminal server there can be hundreds of registry files open at the same time, plus registry redirection and virtualization is already part of App-V.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.