Windows Containers and DNS

WinDocks is a port of the Docker's popular open source project to Windows, with support for Windows 8, Windows 10, Windows Server 2012, and Windows Server 2016. Since the release earlier this year, hundreds of developers have begun to explore the use of containers with the free WinDocks Community Edition, and a range of uses have emerged. At the top of the list is support of .NET and SQL Server development and test, automated Git-pull and testing, and use of SQL Server containers for support of legacy environments.

WinDocks containers are fast and lightweight, and it’s simple to use scores of containers to build complex environments using a mix of .NET and SQL Server containers on a laptop, and the containers will run unmodified on a shared Test server, or on a Public Cloud VM. While supporting an individual environment is easy enough, complexity grows with the size of the team, scale of containers, and varied network infrastructure. This article focuses on how we’ve enabled WinDocks containers to be dynamically mapped to known IP addresses at build time.

Name to IP Address to Port

The solution uses NETSH to map IP addresses to containers during the container build process. An inbound request resolves a name to a known IP address, which is mapped to the container port when the container is created. The naming convention on DNS is not affected as containers are deleted and recreated (as frequently as seconds apart), and this approach supports the assignment of container resources to individuals or teams.

The first step is to create a pool of IP addresses for the WinDocks host. The pool of IP addresses is created using NETSH, with a batch file that looks like the command below. Named services are defined and registered on the DNS host.

netsh in ip add address "Local Area Connection" 192.168.1.111 255.0.0.0

With IP addresses and names registered with DNS, WinDocks automates the mapping of IP addresses to container ports during the container build process. This is accomplished by incorporating the NETSH command into the WinDocks Dockerfile. This integration of a Windows CMD into the WinDocks Dockerfile is supported in the WinDocks Administrative configuration.

WinDocks administrative privileged commands are defined and configured in the \Windocks\config\node.config. This file allows the administrator to define support for Git and in this case, NETSH. In the example below we’ve enabled a full range of Windows commands with the command:

RUN_AS_ADMIN_CMD= “cmd.exe”

Now that the WinDocks host supports NETSH, we can incorporate the commands into our container build process. DockerFiles begin with a base image, such as “MSSQL-2012” (used below), which is followed by a series of commands that are executed sequentially. In this case two commands employ NETSH, with the first serving the purpose of deleting previously existing IP mapping. The second command performs the mapping of the IP address to the newly created container port. Note that this process uses an environment variable $ContainerPort.

Conclusions:

This approach fits into existing infrastructure, supports the dynamic nature of containers in dev and test environments, and scales nicely from a laptop to shared dev and test environments, or production usage.

We’re also pleased by the nature of the design, as it provides us an alternative to fussing with the web.config files, parsing and performing string replaces in PowerShell scripts!

To learn more about Windows containers, get your own copy of the WinDocks Community Edition at: WinDocks Community Edition Download