Related
I have Windows 10 Enterprise Version and I have installed Docker Desktop, enabled WSL2 backend, and downloaded and installed the Linux kernel update package.
I am learning Docker and I have some doubts about how Docker works behind the scenes.
I have drawn a basic architecture diagram of Docker on windows with
WSL2, is this correct?
Whenever we create a new Linux container it gets created in the same lightweight utility VM provided
by WSL2?
And if we create a windows container it gets created on windows os?
Can these containers access windows and Linux kernels both when
required? Like when running a java app in a Linux container it requires windows kernel, right?
So, by default docker runs Linux containers, when do we need windows containers? I can containerize a java application by using
openjdk:8, but I am not able to pull windows nanoserver image when I
run Linux containers, it works only when I switch to Windows
Containers. What is going on here? Does this mean the openjdk:8 image is a Linux image(i do not know how to say it), and windows nanoserver a windows image?
How Linux Containers can run my java application? It must need the
windows kernel, right?
If the docker containers reside within the lightweight utility VM
created by WSL2, can it access both the Linux kernel that it ships
with and the Windows Kernel?
I have the default Linux container mode and I tried these two
commands.
docker run --platform=linux -d ubuntu /bin/sh -c "while true; do echo
hello world; sleep 1; done"
docker pull mcr.microsoft.com/windows/nanoserver:1903
The first one worked for the second one I got the following error.
1903: Pulling from windows/nanoserver no matching manifest for Linux/amd64 in the manifest list entries
But when I switch to windows containers it works.
So what is the difference between my java app on openjdk:8 image and windows nanoserver?
Do these not require windows kernel to run?
How is the java thing running on Linux containers then?
Edits :- Need more clarification on this-
Copying the question from comment section.
And one more thing, the containers do not access windows and Linux kernels simultaneously in WSL2 right? After all they are just isolated spaces in an OS, so either they can be in windows or Linux? Please correct me if I am wrong. The Linux images are built in such a way that it has everything to run my java and as java is a cross platform language so it can run on Linux kernel, is this the concept?
About the architecture diagram that I have made here- the containers(isolated processes in an operating system with app files) , in case of Linux containers all of them(multiple containers) runs on the same WSL2 VM, right?
Firstly, good question.
I hope I can answer it as best as possible.
So, by default docker runs Linux containers, when do we need windows containers?
you don't need windows containers. You should always consider what your application needs. For instance, if you are working on a java app, you would pull a java image and not an entire host OS. The only time I ever pulled a windows image was when I dockerized an ASP.NET application that can only be run on windows.
How Linux Containers can run my java application? It must need the windows kernel, right?
In the context of docker:
Docker for Windows allows you to simulate running Linux containers on Windows, but under the hood a Linux VM is created, so still Linux containers are running on Linux, and Windows containers are running on Windows.
if the docker containers reside within the lightweight utility VM created by WSL2, can it access both the Linux kernel that it ships with and the Windows Kernel?
Containers are using the underlying Operating System resources and drivers, so Windows containers can run on Windows only, and Linux containers can run on Linux only. Docker for Windows allows you to simulate running Linux containers on Windows, but under the hood a Linux VM is created, so still Linux containers are running on Linux, and Windows containers are running on Windows.
So what is the difference between my java app on openjdk:8 image and windows nanoserver?
The openJdk image and windows nano server core difference is the very base image that they use. openJdk is probably using some very bare unix os as the base where as the nanoserver is an entire os which is windows.
Do these not require windows kernel to run?
The openjdk image does not require windows to run as it is built from linux. Docker for windows will use the WsL to run. The nanoserver will only run on windows (as windows images can only run on windows).
How is the java thing running on Linux containers then?
I understand this question to be "How does the openjdk image run on linux and windows?"
if so, because it uses a linux os as its base image, it can run by default on linux. But because the WsL2 exists, a VM is created and simulates a linux OS in windows. That is why we can run windows images and linux images on Docker for windows.
I hope this helped, here are some extra tips from the questions for you to consider.
The images will always perform best when the image is the same type as the OS. This is because docker will utilise resources of the host and performance is better when the host and container are of the same os.
Use images that are best fit for purpose. Don't use an entire os image just to run a java app. Rather use the java image. This applies to a wide range of frameworks and languages.
Read this This is the crediting article if you want to read more.
The diagram is not quite correct. Both the Windows Kernel and a lightweight VM that hosts WSL2 KVM sit on top of the Hyper-V hypervisor. In other words, WSL2 leverages Hyper-V. (An alternative would be to use only Hyper-V, but with WSL2 it is more seamless.) WSL2 uses docker-desktop as the main bootstrap VM and docker-desktop-data for storing images and containers data. 9p network protocol is used for seamless host-to-guest and guest-to-host file access:
https://wiki.qemu.org/File:9pfs_topology.png
This way, docker commands can be run from both Windows and from within a distro installed under WSL2 such as Ubuntu etc. In both cases, containers run under Linux. A rationale for this architecture is that Linux Docker cannot be installed on Hyper-V VM nor inside a WSL2 Linux.
Hi,
In practice exist two great use-cases/types of hypervisors:
a)Hyper-V is hypervisor(software which controls the containers=VMs) which is type-1 so it worked directly(bare-metal) on machine=PC=hardware:
Hyper-V(hypervisor type-1) <---->PC-machine
In this first type The Hypervisor take control over hardware directly(it avoid using of the Host-OS because the control taken from machine's BIOS)
That means that not use Host-OS but not means that Host-OS not exist!!!!
b)Virtual Box(VB) is hypervisor type 2(heavy software). So VB worked with machine via Host-OperationSystem(Host-OS):
VB(hypervisor type2) <---> Host-OS <----> PC-machine
So in this last case the control of hardware(PC-machine) is heavy because the control over machine=PC=hardware is exercised via supplemental or tertial-part=component which is Host-OS
Also need to know that the containers=VMs(regardless of type 1 or 2) have each the OS one but it is named OS-guest(fr. invite).
So in both case(type 1 and type 2) the Hypervisor work as backend for containers/VMs(which are frontends).
For more details read about in this tutorial/article:
https://www.nakivo.com/blog/hyper-v-virtualbox-one-choose-infrastructure/
PS: One Virtual-Machine (VM) can controls many Containers like in the image
Thanks
or use this google images search(firstly 3 images)
Another explanation about communication from VM and its isolated-Containers can be fount in this article.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I’m new to docker, started to learn about it but I’m a little confused.
I need to run app on windows environment.
I have Windows 7 – native Docker is only for Windows 10, so I need to download the Docker toolbox for Windows 7.
The toolbox is actually using a Linux VM to run it.
So, in this state I will actually create a container with windows environment or Linux environment?
Is the Docker for windows 10 also uses Linux?
Thanks
To kinda answer your question: Windows 7 uses a linux to run docker because it needs certain kernelfeatures, which W7 doesn't have.
Windows 10 or Windows Server 2016 adapted to the whole containerization movement and included those features, so Windows Containers can be run from it directly.
Also the problem tgogos referenced, with windows containers not being able to run on linux hosts and vice versa is a problem which (afaik) can be solved by using an additional linux VM on the windows host, so you have both environments. I wouldn't personally recommend it, but I think it's possible.
Anyways, you won't really need this, as windows applications still will be running on Windows hosts and linux applications on linux.
Containers are mainly a more efficient, more manageable way to deploy applications.
Containers are not VMs, they rely on the host OS and this means you can't run directly:
a windows container on linux
a linux container on windows
without using some kind of virtualization that will provide the layer needed for each case. For example, Docker toolbox for Windows makes use of Oracle VM VirtualBox, in order to run linux containers.
more about Windows containers:
Windows Container Types
Windows Containers include two different container types, or runtimes.
Windows Server Containers – provide application isolation through process and namespace isolation technology. A Windows Server Container shares a kernel with the container host and all containers running on the host. These containers do not provide a hostile security boundary and should not be used to isolate untrusted code. Because of the shared kernel space, these containers require the same kernel version and configuration.
Hyper-V Isolation – expands on the isolation provided by Windows Server Containers by running each container in a highly optimized virtual machine. In this configuration, the kernel of the container host is not shared with other containers on the same host. These containers are designed for hostile multitenant hosting with the same security assurances of a virtual machine. Since these containers do not share the kernel with the host or other containers on the host, they can run kernels with different versions and configurations (with in supported versions) - for example all Windows containers on Windows 10 use Hyper-V isolation to utilize the Windows Server kernel version and configuration.
Running a container on Windows with or without Hyper-V Isolation is a runtime decision. You may elect to create the container with Hyper-V isolation initially and later at runtime choose to run it instead as a Windows Server container.
Further reading:
Linux machine with docker deploy windows container
Can Windows Containers be hosted on linux?
Can I run windows containers using docker-toolbox on windows 7?
I have VirtualBox on my Windows 7 machine, and recently installed a Redhat linux VM. I'm planning to learn linux programming with some low-level stuff, such as kernel function calls and assembly.
My question is: is my Redhat VM a "real" linux environment for my purpose? I guess that whatever I do in the VM is done in a "linux simulator" in VirtualBox, and under the hood the "linux simulator" still does its job using functionalities provided by the Windows host (e.g. Windows function calls). Is this true?
VirtualBox is not a "Linux simulator", it is a "computer simulator". OS selections within such an simulator are for the purpose of deciding which virtual devices to make visible, and not for running a different simulator "core".
I think you should dual boot linux instead of VM because not only it saves resources ("Prevent Computer from going slow") But also give you better functionality and hardware support
Edit:
and you can also use Live Cd(also usb)
I want to install CloudStack 4.2.0 on my 32 bit ubuntu in virtual box. It is possible?
And advantages/disadvantages of this from real machine?
Thanks.
I presume that you're talking about running the Apache CloudStack management server in a 32-bit virtual machine that runs in Virtual Box.
To do anything meaningful with CloudStack, you need at least one hypervisor to control. To avoid the need for hardware, many CloudStack developers use DevCloud. DevCloud comes with configuration scripts that make it easier for a beginner to setup the Apache CloudStack management server.
One issue is memory. If the O/S running VirtualBox is 32-bit, you'll only have 3 gigs of RAM for user processes. Of this, DevCloud will use about 2 gigs, so memory can be quite tight.
Another issue is networking. Make sure that there is a network path from the management server to the hypervisors it is meant to control and the storage that it will use for templates (aka secondary storage).
Yes you can deploy apache cloudstack on a virtual machine; you can deploy even a whole cloudstack infrastructure on virtual machines provided that you have enough RAM.
You can deploy primary storage, secondary storage, mySQL server and cloudstack management server on Virtual Machines; however the host VMs which will provide the execution environment of your cloudstack instances need to provide nested virtualization which is not available in virtualbox, do use VMWare workstation instead as your type2 hypervisor .
good luck
We have a physical machine that runs VMware and hosts a VM we use for SharePoint deployment testing. That machine is old and dying, and my employer's network czars are heavily pushing hosted VMs as a replacement for outdated physical servers. I was curious about whether it's possible to run VMware inside VMware, and if so, whether there are severe performance implications. We don't require extreme performance from this setup, since it's just used for SharePoint testing and the associated SQL Server is on a different box. My guess is that we can't just use the primary hosted VM for our testing because we'll want to roll back occasionally and otherwise have more control over it, and getting buy-in for that from the network folks is unlikely. Does anyone have any experience with this?
edit: I know this nesting certainly isn't the preferred option, but (1) we want the flexibility of being able to use VMware snapshots at will and (2) the network folks will not allow us to arbitrarily roll back to a previous point in time because of the potential for removing mandated security updates. My guess is that a local desktop machine running VMware Workstation might just be the way to go. The hosted option seems attractive if it will work though since it's less machine maintenance for me to deal with.
The technical limitation with running VMware inside VMware is that VMware, Virtual PC, etc takes advantage of the Virtualization features present in modern CPUs.
If you have two or more hypervisors are both trying to control Ring 0 then there will be problems, this is something that I've encountered while trying to run both VMware and Virtual PC simultaneously on my desktop - one will error out/crash.
If your hypervisor can interact with the 'parent' hypervisor, then you'll be OK. Alternatively if the child hypervisor doesn't try to use the CPU virtualization features, or entirely emulates the CPU (such as QEMU) then you should also be OK.
Basically old-style hypervisors on old CPUs use Full virtualization (slow) which would be capable of nesting with a heavy, heavy performance hit. modern Hypervisors/CPUs use hardware assisted virtualization (near native performance) and you'd be hard pressed to find a hypervisor that is designed or capable of nested virtual machines.
Finally, I'd really advise against running dev/test VMs on the same physical server that is running production VMs. There's just too much to go wrong and security implications - you need to manage the dev/test environment and it sounds like you shouldn't have access to production environment. Likewise you probably don't want the operations team messing about with your test environment.
UPDATE: ESXi 4 now supports virtualizing itself. See this article for more information
I've never run VMware in VMware, but I've run VirtualPC inside VirtualBox without problems, so there's no fundamental reason it shouldn't work I suppose...
It sounds to me more like you have a problem with the inflexibility of your "network czars" than any technical one. If you're a developer or QA you need a testing environment where you can fool around with outdated (and potentially insecure) versions of the OS and applications, without putting the rest of the company network at risk.
Ex-VMware employee here.
Firstly, when you say Nested VMware I will assume you mean Nested ESXi. (You could also mean Workstation, Fusion, or Player).
Nested ESXi environments are unsupported and should not be used for production. These scenarios are not tested in QA and not guaranteed to work. In short, if you experience any kind of problem, VMware will not help you with this Nested ESXi setup.
With that said, yes you can do it and yes it does work. A lot of people use nested ESXi in their labs but not in production. Previously there were special configuration file edits that were necessary for nested ESXi to work. I have seen environments with even 3 layer nested ESXi servers (ESXi vm on and ESXi vm on a physical ESXi host). More recently there is the ESXi appliance which makes this much easier.
Have a look here:
http://www.virtuallyghetto.com/2015/12/deploying-nested-esxi-is-even-easier-now-with-the-esxi-virtual-appliance.html
I ran into this same problem. I work at a large company where our entire infrastructure is virtual, so if you need a server you get a VMware VM. So I had a couple of Windows 2003 Server Standard Edition based Guest VM's that had 6GB of memory and 200 GB of disk space, but I wanted to run linux and a LAMP stack on them. So I tried to install VMware Workstation on one and I got an error message saying it couldn't be installed within a VM. I also tried Microsoft Virtual PC and got a similar error message. I installed Sun's VirtualBox and that installed fine, but I couldn't get the networking to work w/in the guest Ubuntu OS. My next step is to try QEMU although performance might become an issue.
You ought to have a look at Mainframes - they are Virtualised from the word go:
Hardware - runs Hypervisor Type 1 - Level 1
on this you have zVM - Type 2 Hypervisor - Level 2
on this you have zOS - your main big operating system - Level 3
and/or
on this you have zLinux - Level 3
and/or
on this you have zVM for testing next version - Level 3
and/
on this you have zOS for testing zVM plus zOS both at next version - Level 4
So going down to level 4 is pretty common
Mind you on a Mainframe you can have 1000's of VMs running at the same time - and most sites who start using zVM/CMS and zVM/Linux usually do.
I can see two solutions for this (three if you count a VM inside a VM which is just crazy).
New hardware, which should be robust enough to handle several VM's used specifically for testing (sharpoint, etc.). In this situation your team could be given more rights without affecting non-testing VM's.
Sharepoint test VM's are moved to the main VM pool and those who need access are given the ability to checkout/deploy/rollback testing resources. This could be direct through VMWare tools or through an internal project that works through a VMWare API.
This should be a joint decision between Network/Dev/Testing.
JFYI:
I tried installing and running VMware ESXi server host(child ESXi server) as a virtual machine(on parent ESXi server) and it runs however you can not run any VMs under child ESXi server.
I am doing practice of VMware vSphere Data center virtualization on single Physical machine. There is VMware Workstation installed on Windows 8 OS. In VM Workstation, I have installed Windows Server 2008 OS, VMware ESXi OS and created the VMware Data center LAB. There is VMs running in LAB, and its confirm that We can user VMware in VMware. But it depends on your need, and Products which is chosen.
You can install ESXi on VMware Workstation, it's usefull to learn ESXi, so there in no reason run VMware in VMware.
Yes. You can run VMWare inside VMWare. Though its not officially supported, You can deploy VMs in the child ESX. I have checked for an advanced feature like PassThrough the HBA card but which was not available in child ESX, hence I could not provide a LUN from array.
So in production its better to not use this.
But for training and practices this can be used.
You can do that.
You can install vmware esxi inside virtual machine of another vmware esxi.
But the performance will be very bad.
Totally works.. totally can't do it other then for some kinda testing or some kind of educational purpose, because you won't get support. and from my limited experience it doesn't perform that well.
Yes, you can, VMware can even detect if it's running inside of another vmware machine and warn you that VMception will cause worse performance. which it will, trust me, just try to get the version the virtual machines work best in a physical machine, as to get as much performance possible.
"whether it's possible to run VMware inside VMware" What?
I can run Windows with Sharepoint in a VMWare machine that's hosted somewhere.
Or, I can run Windows with Sharepoint in a WMWare machine that's actually a VMWare machine that's hosted somewhere.
Why on earth would I add a level of nesting? Why not just go with Windows with Sharepoint hosted somewhere?
You can have any number of VMWares running on a single host. Lots of different versions doing lots of different things.
Nesting them doesn't make sense.