Right-click Docker: Microsoft’s Ambitious Enterprise Vision for Containers
Microsoft wants to help enterprise containerization adoption with its own secret weapon: The right-click of the mouse.
“Adopting container-based development approaches, using things like Docker, is something most development teams are at least thinking and talking about right now,” said Scott Guthrie, who runs the cloud and enterprise division for Microsoft, during the company’s Connect() conference this month in New York. “Being able to deploy apps using Docker enables a more consistent deployment approach.”
So Microsoft has finally gotten the container fever, and it is bringing to party what the company knows how to do best: package new technologies so they can be easily consumed by the enterprise. In other words, enabling a full container lifecycle management service — from dev to production and back again — using only the proverbial Microsoft Windows mouse right-click button.
To date, organizations interested in containerizing apps and running them in a production environment must integrate a hodgepodge of software and services from multiple vendors. Microsoft is hoping organizations will want a more streamlined approach, one that will cover all the aspects of container management.
“One of the benefits of using Microsoft from beginning to the end, from source control and the IDE to [continuous integration] and [continuous deployment] and all the way into Azure is that there is a thread that connects all of this,” explained Donovan Brown, senior DevOps program manager for Microsoft, also at Connect(). “We are here to make this effortless for you.”
“Microsoft is giving you the ability develop, debug, and deploy all your Docker workloads”–Donovan Brown.
Windows Server 2016 has native Docker integration, using the standard Docker API as the interface. Visual Studio 2017 offers a Docker integration, allowing developers to build and test docker-ized apps directly on their own machines. It can hand off containers to Visual Studio Team Services build manager to deploy on the Azure Container Service (or a container runtime of your choice) or the Azure App Service, store the container on the Azure Container Registry (or a registry of your choice) and monitored with Azure Applications Insights.
* * *
Say you, as a developer, are managing an ASP.net core application in Video Studio for IIS. Everything is rolling fine, but now your boss wants to containerize the app.
This is when the moment of panic sets in, when the developer “right-clicks on everything,” explained Brown in a Connect() keynote demonstration. Many developers still don’t know the difference between an image and a container. When do you use Docker Compose and when do you use Dockerfile?
As it happens, right-clicking would be the correct approach in this Microsoft universe, Brown explained. Within the newly releases Visual Studio 2017, the user can just go Add–>Docker Project Support, which VS adds all the necessary files to turn the application being created into a Docker application.
Specifically, this option automatically creates a Dockerfile, which defines all the elements that go into an image. The developer can edit the Dockerfile, or not even worry about it. The process for debugging and compiling apps works exactly the same for containerized apps as the stand-alone applications it is typically used for. If the code is changed inside a container, the changes are reflected immediately in the testing process.
“I can use Visual Studio the way I always have, but now I’m empowered by Docker,” Brown said,
When completed, a Docker image created in Visual Studio can run in any environment that supports Docker, being in on-prem or in the cloud. Gone will be the days when bugs that popped up in production can’t be reproduced on the developer’s machine, Donovan promised.
Publishing a containerized app from within Visual Studio should also be a familiar point-and-click process, Donovan promised. The dev would follow the same process as he or she would for publishing the applications to a cloud service or within a virtual machine:
Visual Studio will know, for instance, to place the container within the Azure Container Registry (Still in preview mode) before it can be deployed to Azure. Visual Studio creates a publishing profile for the containerized application, which provides the instructions for building the image locally and then transfer it into a registry. Azure, if configured to do so, will recognize that a new image has been added to the repository and will download and run it automatically.
To automate the path between Visual Studio and Azure, Microsoft recently launched its Azure App Service, the company’s application hosting platform, with the ability to easily deploy Docker containers, of both the Windows and Linux varieties. Container support will also be provided the Microsoft on-prem version of the App Service, Azure Stack.
Guthrie suggested the Azure App service could support, through containers, a microservices-based application. A web app, for instance, could talk with a number of containerized back-end services, all developed separately from one another and all written in different languages:
Using Docker Compose, Visual Studio can even build a set of containers and run them to work together as a single application, for testing. Visual Studio can now be used to debug an application across different containers.
“I can debug across the container boundary, just like I’m debugging any other application,” Brown told the audience.
Management of these containerized components can be managed through a full continuous integration and deployment “DevOps”-style pipeline, using Visual Studio Team Services, Microsoft’s application lifecycle management service. Here, developers can define where the registry and the deployment platform is located, so Visual Studio Team Services can set up the appropriate workflow. Visual Studio Team Services can work with any container registry, public or private.
Team Services can now recognize multi-container deployments.and has been updated to work with docker build tests. Build steps can be chosen from a task catalog, which can include third-party services, such as a container security scanning services from Twistlock or Aqua Security.
“I can add this task to my build and analyze the images that we create. Should there be any vulnerabilities or security violations in our containers, it will stop our build for us, making sure we do not pollute our registry with bad images,” Brown said.
Visual Team Services offers release management, providing an automated way to deploy finished containers into dev, test or production environments.
The hosted Azure Container Service provides API compatibility with Docker, along with support for the Mesos, Kubernetes and Docker orchestration engines. “Azure Container Service is, in fact, the only cloud service provided by any of the major cloud providers that supports all three of the most popular container orchestration frameworks,” Guthrie boasted.
One of the major advantages of going with the Microsoft stack is that the company provides you with easy ways to connect across its different services and software:
The Azure portal will show the operational status not only of running containers but also of the apps they are running. In addition, it provides right-click options for going back to the builds, releases and even source code, by way of Visual Studio:
One area that was not highlighted, but crucially important for microservice architectures is monitoring. Even earlier this year, Microsoft only offered the most minimal of Docker monitoring capabilities with its Microsoft Operations Management Suite. But the company is making strides here as well. It has updated Azure Application Insights, a set of capabilities for Visual Studio Team Services, to monitor the performance of applications running inside of containers.
* * *
To support containers, of both the Linux and Windows variety, Microsoft has integrated a number of its infrastructure and development support products — including Visual Studio, Visual Studio Team Services, Azure Container Service and Windows Server 2016 — to work together to provide, at least in demo form, a seamless container workflow for enterprises. What would be the benefits of being an all-Microsoft shop for container usage?
“It’s the ability to scale globally, regardless of platform,” said Mitra Azizirad, Microsoft corporate vice president of cloud application development and data marketing, in an interview with TNS. Azure has the ability to host the containers so that they can be deployed globally, from anywhere, she said.
Microsoft has seen a strong interest among its enterprise user base for containers, Azizirad said. Thus far, the response has been stronger outside of the company’s ‘Net user-base; one of the goals of Connect() was to introduce the idea of how containers could be used with the .Net core runtime to offer cross-platform application deployment.
Microsoft sees containers as a particular as a good fit for .Net core. The new cross-platform .Net runtime core provides a consistent runtime interface to be deployed within a container. Both .Net core application and.Net framework applications can be deployed inside a container and will enjoy full debugging capabilities from Visual Studio.
Now that Microsoft has introduced these container management tool chain, a fair amount of work must still be done to make them enterprise-ready, both with the Microsoft and non-Microsoft products, cautioned Al Hilwa, Program Director for IDC’s application development software research
“With respect to what Microsoft is doing with Docker, it is pretty extensive, but I would apply the same cautions around production deployments if not even more so on Windows at this point,” Hilwa wrote by email. “This situation is expected to change in the next year or two.”
Certainly, containers are already being widely deployed for development and testing applications, and with new applications where a certain amount of risk is assumed, Hilwa elaborated. But within production environments, containers are most often encapsulated with virtual machines, largely for security issues.
“The technology is evolving fast and in most IT shops it has not yet made it to production environments in a high-scale way,” Hilwa wrote.
Here is the entire set of Connect() day one keynotes of Connect. The container presentation starts at about the 68-minute mark:
Docker is a sponsor of The New Stack.