I am trying to run my java application in windows container.I have been succesful in making docker image and running it.
My concern is size, I am new to docker so I may be wrong in understanding this.
The base Image of microsoft\windowscoreserver has size of 8 gb when I see through docker images.
Once I build my image using windowsservercore, the size reaches 9.2 GB.
Is it valid, why would someone deply an image that is 9GB in size and rather not choose VM over it.
Is there something that I am doing wrong.
Whatever you have been experiencing is CORRECT. The two variants of Windows Base images are as follows:
microsoft/windowsservercore – basically windows server, .Net 4.5,
9.3 Gigs, large, fully compatible, support Windows existing app
microsoft/nanoserver – very smaller, ~600MB, no graphic stack, fast,
smaller API surface, existing application mighn’t be compatible, less
memory
Talking about your next question “why would someone deploy an image that is 9GB in size and rather not choose VM over it.” - Though Windows Docker Engine is quite young and ofcourse bulky, but I believe Microsoft & Docker Inc. are looking at this problem statement, there is still an option of “Nano Server” which looks quite lightweight and the community can target that as their base image. Comparing it with VM, Docker containers saves lot of your time in packaging your application. Have a look at dockerized ASP.Net/ IIS/ image2docker etc. and you will realize that its far more better than moving your HUGE time-consuming VMDK across the cluster of nodes. I believe that Windows Docker Engine will get matured over time and we will definitely see it growing lightweight in the near future.
I recommend checking out the blog post: Blog | Docker
Thanks to Docker’s highly efficient image layering, this is not a big problem in practice. Any given Docker host only needs to pull the base layer once, and any images pulled or built on that system simply reuse the base layer.
The other base layer option is Nano Server, a new and very minimal Windows version with a pared-down Windows API. Lots of software already runs on Nano Server, including IIS, the new .NET Core framework, Node.js and Go. And the Nano Server base image is an order of magnitude smaller than Windows Server Core, meaning it has less dependencies and surface area to keep updated. Nano Server is an exciting development, not only as a base for minimal containers that build and boot quickly, but also as a Minimalist Operating System that makes for a great container host OS running just the Docker daemon and containers, and nothing else.
Thanks
"Official Microsoft Windows images or any image you create based on them aren’t distributable by default. When you push a Windows image to DTR, Docker only pushes the image manifest but not the image layers. This means that:
DTR won’t be able to scan those images for vulnerabilities since DTR doesn’t have access to the layers
When a user pulls a Windows image from DTR, they are redirected to a Microsoft registry to fetch the layers"
So this means, I don’t necessarily have to push the entire 9 gigs of my base image to DTR right? My push only involves the writable layer. My apologizes if I’m not making any sense… I’m still new to this
I’m guessing it will only push the layer that has changed…