This blog shows how to install and create Windows containers on AWS or Google using Ravello, with an example. Ravello's nested virtualization technology allows you to deploy existing data center workloads on leading public clouds. Our earlier blogs show you how to install Windows XP, Windows 7 or Windows 8 on AWS or Google using an ISO. This blog post guides you step-by-step explaining how to install Windows 2016 on AWS/Google, how to optimize performance using the correct device drivers, how to install Windows Container role, configure networking and configure Windows containers.
A container is an isolated place where an application can run without affecting the rest of the system and without the system affecting the application. Because the container has everything it needs to run your application, they are very portable and can run on any machine that is running Windows Server 2016.
Install Windows 2016 on a Virtual Machine in Ravello
Log into your Ravello account, create a new application, find the provided empty VM in our Ravello library and drag and drop it onto the canvas.
.
Upload Windows 2016 installation ISO file into Ravello. Currently the latest Windows 2016 Technical Preview 4 (TP4) ISO can be downloaded here
This blog is based on Windows Server 2016 Essentials Technical Preview 4 (TP4)
Click on “Import VM” and follow the prompts to upload your ISO into Ravello Library. Here’s a quick guide to upload your ISO.
Assuming you have uploaded ISO into Ravello Library, you can go ahead and configure the VM to boot from CDROM attached to the ISO file. Click on the Disk properties of the VM, go to CDROM, browse through the library and choose the relevant Windows 2016 ISO. Make sure that ‘skip CD boot’ checkbox is unchecked when you are booting the VM for the 1-st time. After installation of the OS you can check ‘skip CD boot’ to insure that it always boots from the disk.
Note: For better I/O performance we recommend changing Disk Controller type to LSI Logic SAS. Windows 2016 automatically detects the disk and installs the driver for LSI Logic SAS.
Open System properties of the VM and edit the number of virtual CPUs and memory size. We recommend at least 4 CPU and 8 GB RAM for Windows 2016 Servers running Windows containers. If you are planning to run many containers on this VM increase the memory size appropriately. In the General tab set the name of the VM and the hostname.
If you want to be able to RDP into the VM go to Services tab and add a supplied service for RDP opening port 3389. Check ‘External’ checkbox if you want be able to RDP the VM from outside of the Ravello application.
Note: in order to be able to RDP the VM besides adding a supplied service for RDP/3389 connection you’ll also need enable RDP inside the VM after the OS is installed.
In this blog I am going to create an IIS container and redirect all HTTP traffic to it. Therefore, I need to add a supplied service for http traffic and open port 80.
Now let’s publish the application.
Once the VM is published we can open up the console and go through the Windows 2016 installation. When you get to the screen asking you to select Operating System select the option with the Desktop Experience.
Selecting this option will install GUI version of Windows 2016 Server. If you select the 1-st option, this will install a non-GUI Windows Core version and you’ll need to configure everything from a command line or PowerShell.
On the next screen select ‘Custom: Install Windows only (advanced)’
After Windows OS is installed and you use the console to connect to the VM, In order to improve mouse behavior install VMware tools.
Install VMWare Tools on a Windows VM
You can download the latest version of VMWare tools for Windows.
Upload the ISO file using Ravello Import Tool to Ravello Library and when it is completed go back to your application and in the Disk tab attach CDROM to the uploaded VMWare tools ISO file. Make sure that ‘Skip CD boot’ option is unchecked.
Save the changes and click on ‘Update’ button to apply the changes. Once the console button is activated open VM console, login as Administrator, browse CDROM and run setup64 to install VMWare Tools on the server. Use Typical installation option. Once installation of VMWare Tools is completed you are prompted to restart the server. After the server is rebooted and you connect again, you see that the mouse behavior is significantly improved.
Now to finalize and optimize the VM’s performance, it is recommended to use para-virtualized devices for the network card. Highlight the VM in Ravello canvas and in the Network properties change the device type from e1000 to VMXNet3.
Save the changes and click on ‘Update’ button to apply the changes. The VM will restart again. From this point you can connect to console and continue working using console or enable RDP inside the VM and RDP to the VM using an external DNS name. You can get the external DNS name of the VM from the Summary tab
The nest step is enabling Container role on the server and start installing Windows containers.
Setup/Installation of Windows Containers
Launch the Add Roles and Features from Windows Server Manager
Continue through the wizard until you get to the Features section
Find Containers and select it
Continue to click Next, and complete the installation of this feature
Restart the server after the feature is installed
Check to ensure the feature has been installed by running the following PowerShell command: Get-Command -Module Containers to see all of the commands available
Installing Base OS Images
Container OS images can be found and installed using the ContainerProvider PowerShell module. Before using this module, it will need to be installed. Open PowerShell as Administrator and run the following commands to install the module.
PS C:\> Install-PackageProvider ContainerProvider –Force
Return a list of images from PowerShell OneGet package manager:
PS C:\> Find-ContainerImage
| Name | Version | Description |
|---|---|---|
| NanoServer | 10.0.10586.0 | Container OS Image of Windows Server 2016 Techn... |
| WindowsServerCore | 10.0.10586.0 | Container OS Image of Windows Server 2016 Techn... |
Return a list of images from PowerShell OneGet package manager:
PS C:\> Find-ContainerImage
| Name | Version | Description |
|---|---|---|
| NanoServer | 10.0.10586.0 | Container OS Image of Windows Server 2016 Techn... |
| WindowsServerCore | 10.0.10586.0 | Container OS Image of Windows Server 2016 Techn... |
To download and install the Windows Server Core OS image, run the following. The –version parameter is optional. Without a base OS image version specified, the latest version will be installed.
PS C:\> Install-ContainerImage -Name WindowsServerCore -Version 10.0.10586.0
Downloaded in 0 hours, 2 minutes, 28 seconds.
Verify that the images have been installed using the Get-ContainerImage command.
PS C:\> Get-ContainerImage
| Name | Publisher | Version | IsOSImage |
|---|---|---|---|
| WindowsServerCore | CN=Microsoft | 10.0.10586.0 | True |
Prior to creating a new container we need to configure networking. Windows containers function similarly to virtual machines in regards to networking. Each container has a virtual network adapter, which is connected to a virtual switch, over which inbound and outbound traffic is forwarded. Two types of network configuration are available.
- Network Address Translation Mode – each container is connected to an internal virtual switch and will receive an internal IP address. A NAT configuration will translate this internal address to the external address of the container host.
- Transparent Mode – each container is connected to an external virtual switch and will receive an IP Address from a DHCP server.
In this article I configure containers to use NAT mode. The container host has an 'external' IP address which is reachable on a network. All containers are assigned 'internal' address that cannot be accessed on a network. To make a container accessible in this configuration, an external port of the host is mapped to an internal port of port of the container. For more information how to configure container networking NAT and transport modes, please, read this link.
To create a new NAT enabled virtual switch with internal subnet 172.16.1.0/24 run the following command.
PS C:\> New-VMSwitch -Name "Virtual Switch" -SwitchType NAT -NATSubnetAddress "172.16.1.0/24"
Now we can create a Windows Server Container using the New-Container command. The below example creates a container named WindowsServerCoreDemo from the WindowsServerCore OS Image, and connects the container to a VM Switch named Virtual Switch.
PS C:\> New-Container -Name WindowsServerCoreDemo -ContainerImageName WindowsServerCore -SwitchName "Virtual Switch"
| Name | State | Uptime | ParentImageName |
|---|---|---|---|
| WindowsServerCoreDemo | Off | 00:00:00 | WindowsServerCore |
To visualize existing containers, use the Get-Container command.
PS C:\> Get-Container
| Name | State | Uptime | ParentImageName |
|---|---|---|---|
| WindowsServerCoreDemo | Off | 00:00:00 | WindowsServerCore |
Start the container using the Start-Container command.
PS C:\> Start-Container -Name WindowsServerCoreDemo
Connect to the container using the Enter-PSSession command. Notice that when the PowerShell session has been created with the container, the PowerShell prompt changes to reflect the container name.
PS C:\> Enter-PSSession -ContainerName WindowsServerCoreDemo -RunAsAdministrator [WinCoreDemo]: PS C:\Windows\system32>
Create IIS Image
Now the container can be modified, and these modifications captured to create a new container image. For this example, IIS is installed.
To install the IIS role in the container, use the Install-WindowsFeature command.
[TP4Demo]: PS C:\> Install-WindowsFeature web-server
| Success | Restart Needed | Exit Code | Feature Result |
|---|---|---|---|
| True | No | Success | {Common HTTP Features, Default Document, D... |
When the IIS installation has completed, exit the container by typing exit. This returns the PowerShell session to that of the container host.
[WinCoreDemo]: PS C:\> exit PS C:\>
Finally, stop the container using the Stop-Container command.
PS C:\> Stop-Container -Name WindowsServerCoreDemo
The state of this container can now be captured into a new container image. This example creates a new container image named WindowsServerCoreIIS, with a publisher of Demo, and a version 1.0.
PS C:\> New-ContainerImage -ContainerName WindowsServerCoreDemo -Name WindowsServerCoreIIS -Publisher Demo -Version 1.0
| Name | Publisher | Version | IsOSImage |
|---|---|---|---|
| WindowsServerCoreIIS | CN=Demo | 1.0.0.0 | False |
Now that the container has been captured into the new image, it is no longer needed. You may remove it using the Remove-Container command.
PS C:\> Remove-Container -Name WindowsServerCoreDemo -Force
Create IIS Container
Create a new container, this time from the WindowsServerCoreIIS container image.
PS C:\> New-Container -Name IIS -ContainerImageName WindowsServerCoreIIS -SwitchName "Virtual Switch"
| Name | State | Uptime | ParentImageName |
|---|---|---|---|
| IIS | Off | 00:00:00 | WindowsServerCoreIIS |
Start the container.
PS C:\> Start-Container -Name IIS
Configure Networking
The default network configuration for the Windows Container Quick Starts, is to have containers connected to a virtual switch configured with Network Address Translation (NAT). Because of this, in order to connect to an application running inside of a container, a port on the container host, needs to be mapped to a port on the container. For detailed information on container networking see Container Networking.
For this exercise, a website is hosted in IIS, running inside of a container. To access the website on port 80, map port 80 of the container hosts IP address, to port 80 of the containers IP address.
Run the following to return the IP address of the container.
PS C:\> Invoke-Command -ContainerName IIS {ipconfig}
Windows IP Configuration
Ethernet adapter vEthernet (Virtual Switch-2F7EC342-CC9A-4369-BB3E-507256F363A2-0):
Connection-specific DNS Suffix . : localdomain
Link-local IPv6 Address . . . . . : fe80::a5f0:9aca:a728:a332%19
IPv4 Address. . . . . . . . . . . : 172.16.1.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.1.1
To create the NAT port mapping, use the Add-NetNatStaticMapping command. The following example checks for an existing port mapping rule, and if one does not exist, creates it. Note, the -InternalIPAddress needs to match the IP address of the container.
if (!(Get-NetNatStaticMapping | where {$_.ExternalPort -eq 80})) {
Add-NetNatStaticMapping -NatName "ContainerNat" -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 172.16.1.2 -InternalPort 80 -ExternalPort 80
}
When the port mapping has been created, you also need to configure an inbound firewall rule for the configured port. To do so for port 80, run the following script. Note, if you’ve created a NAT rule for an external port other then 80, the firewall rule needs to be created to match.
if (!(Get-NetFirewallRule | where {$_.Name -eq "TCP80"})) {
New-NetFirewallRule -Name "TCP80" -DisplayName "HTTP on TCP/80" -Protocol tcp -LocalPort 80 -Action Allow -Enabled True
}
Now that a container has been created from the IIS image, and networking configured, open up a browser and browse to the IP address of the container host, you should see the IIS home page. For example, I connect to external DNS name of the host running in my Ravello application and the host automatically translates it to internal IP address of IIS container. The response page that you see in the browser is sent by IIS server running in IIS container.
This link explains how to create shared folders allowing data to be shared between a container host and container.
Windows Containers include the ability to manage how much CPU, disk IO, network and memory resources containers can consume. For details read this link.
Here is another useful link explaining container networking in details.
This is a technology blog. If you want to use Ravello to run Windows, you must comply with Microsoft's licensing policies and requirements. Please consult with your Microsoft representative.
The post How to Configure Windows 2016 Containers on AWS or Google Cloud using Ravello appeared first on The Ravello Blog.