This post has been republished via RSS; it originally appeared at: Containers articles.
My new year resolution of Year 2021 is to write more. Before I know, it’s already February and I even celebrated Chinese Lunar Near of 2021 two weeks ago. OK, I guess I can count the clock that way. This year is the Year of the Ox. In Chinese Ox is “牛“. That same Chinse character also means super cool, super awesome. I hope this speaks to the year of Windows containers too .
There have been a lot to share and celebrate in the first 2 months.
AKS on Azure Stack HCI February Update
The biggest news is AKS on Azure Stack HCI February Update released last Friday! Ben Armstrong led the team and delivered lots of new changes and fixes in this release. Nice job! The crown jewel for me is the guide for evaluating AKS-HCI inside an Azure VM authored by Matt McSpirit. Anyone with an Azure subscription can try out AKS on Azure Stack HCI in an Azure VM and of course spin up your Windows containers on it. You won’t be constrained on hardware availability. Matt’s team runs the customer engagement program. They are actively looking at customers who are interested in enrolling in the Early Access Program (EAP) of AKS-HCI. You can fill out this survey if you are interested.
AKS-HCI now supports strong authentication using Active Directory Credentials is another great improvement that enables Active Directory authentication, fully integrated into Kubernetes authentication and configuration workflows. Sumit Lahiri did an excellent job explaining the architecture and what’s under the hood. The new scenario was delivered from the same team that we’ve been partnering closely to bring more gMSA related innovations to Windows containers to make the Lift and Shift experience easier for workloads that need Active Directory. If you are new to gMSA – Group Managed Service Account, it’s a service account that enables Windows containers to have an identity on the wire to allow Active Directory authentications. Our documentation gMSA for Windows containers have more details. We’ll share gMSA related improvements for Windows containers in coming months.
Docs. Docs. Docs.
The team took the quiet time during the Christmas holiday and made improvements on Windows container documentation. I want to list them so everyone can see and benefit.
- We added a new page Lift and Shift to containers under “Get Started”. It shares high level benefits of using containers, applications supported in Windows containers, and a decision tree. This page will help those of you who just started looking at moving your Windows applications to containers.
- We added a new section under “Tutorials” - Manage containers with Windows Admin Center starting with this page “Configure the Container extension on Windows Admin Center”. If you are looking for some tooling to help containerize your apps and deploy them, this will be a great starting point.
- We updated the Base image servicing cycle page under “Reference” to reflect that we have extended Nano Server container SAC1809 release to be supported to 1/9/2024, and the Window container SAC1809 to be supported to 5/11/2021. There is a bit more update on this that I’ll cover later in the blog.
- We added the Events page under “Reference” where all related content from last 2-3 years in major Microsoft and industry conferences are now compiled. We spent lot of effort and time on building quality slides and demos for events. So even though some content could be slightly outdated, they can still be valuable if you are just starting on Windows containers.
- We added the GitHub page of Windows Server container roadmap under “Resources”.
Overall, we aim to make this documentation page as a one-stop shop for you to find all the relevant resources no matter which stage you are in leveraging Windows containers to lift and shift and modernize your Windows applications. We welcome your feedback and love to see you help contributing directly on documentation.
Lifecyle Management Update
We streamlined Server Core container and Nano Server container support and lifecycle management. Some of you may recall Nano Server container SAC1809 release was about to reach its end of life (EOL) in Nov 2020. We listened to your feedback especially those of you in the Kubernetes community that moved to use Nano Server containers for comformance testing in addition to regular workload use. Nano Server container SAC1809 now has the same EOL as Server Core container LTSC2019/1809 on 1/9/2024.
The Windows container, sometimes also referred as “the 3rd Windows container”, has been gaining popularity thanks to its broader Windows API support. Recently we were brought to the attention that its SAC1809 release is going to reach its EOL on 5/11/2021. We understand customers who need to stay on Windows Server 2019 as the container host are concerned. That is because those customers can only use containers released in the same wave with the same Build number (also referred as "Major release number") due to Windows container host and guest version compatibility We are actively looking at options and will update when we are ready.
New Development from the .NET Team
We work very closely with the .NET Team, and I know that many of you run .NET apps on Windows containers. There are two recently blogs from Richard Lander of the .NET team that I want to share.
You will notice this blog is mainly about Linux and only a small portion on Windows. I take it as a positive thing for Windows because it mostly just works with our current company-wide security practices. But we stay vigilant and keep innovating. There will be updates to our docs and blogs coming related to Windows Server container security.
In the Container section, you will notice this is mentioned: “Improve scaling in containers, and better support for Windows process-isolated containers.” This issue in process-isolated containers was reported from a few of our AKS customers. In a nutshell, the issue is that CPUs and memory are not being honored for process-isolated containers by .NET runtime. We are happy to see the .NET Team making improvements that will better take advantage of the capabilities of Windows containers.
I also wanted to call out this update .NET 5.0 Support for Windows Server Core Containers that was made available last November. Both .NET team and our team are very curious of your feedback on this.
Two exciting events are coming up on the horizon.
- Microsoft Spring Ignite 2021 is next week March 2-4. I am excited to see quite a few new things our team have been working on will be showcased.
- Microsoft Global MVP Summit 2021 is also coming on March 29-31. MVPs are our best customers and friends. I am excited to see some old and new friends again.
That reminds me recently I had a few email exchanges and GitHub discussions with one of our MVPs Tobias Fenster, CTO of COSMO CONSULT Group based in Germany. To my pleasant surprise, Tobias has been writing blogs on Windows containers, like this one ”Building Docker images for multiple Windows Server versions using self hosted containerized Github runners” . Hidden gems! Go check out Tobias’s presentation list.
To close, I really liked what Satya said in Microsoft Fiscal Year 2021 2nd Quarter Earnings Conference Call in January
“What we are witnessing is the dawn of a second wave of digital transformation sweeping every company and every industry.
Digital capability is key to both resilience and growth.
It’s no longer enough to just adopt technology. Businesses need to build their own technology to compete and grow. “
Borrowing that perspective, it’s no longer just about adopting Windows containers to lift and shift and modernize with AKS and AKS on Azure Stack HCI. It’s about leveraging Windows containers, differentiate your company and grow to new heights.
As always, we’d love to hear from you, how you use Windows containers, on AKS, AKS on Azure Stack HCI, or other environments, and what we can do better to help you make your digital transformation journey easier.