This article is more than 1 year old
AWS goes live with Windows containers... but contain yourselves: It's going to be niche
Too many caveats to make this a slick option in most cases
AWS has confirmed the arrival of Windows Containers on its Elastic Container Service (ECS) – but with caveats that show limitations versus the more commonly used Linux-based containers.
Windows Server containers were introduced in Windows Server 2016 and enhanced in Windows Server 2019. Amazon's new service provides AMIs (Amazon Machine Instances) of both types in order to run your Windows containers. These AMIs include Docker 18.09 as well as the ECS Agent.
Amazon's documentation seems less than enthusiastic about this container type, noting a number of caveats. A major issue is that there is no Windows version of AWS Fargate, a serverless container launch type. In order to run a Windows container, you must manage your own cluster of EC2 (Elastic Compute Cloud) instances. This makes it unsuitable for small-scale or test deployments and increases the maintenance effort.
Another limitation is that most of the AWS task definitions by which you can configure a container are not available for Windows containers.
If you want to use Amazon Identity and Access Management (IAM) roles for tasks, you must run some PowerShell code in the container and use a credential proxy that must listen on port 80, normally used for HTTP. If you want to publish port 80, you have to use a load balancer and port mapping.
Finally, AWS noted that Windows Server Containers are large, typically starting at 9GB, so more storage is needed, though a reduced container size is available if you use Server 2019.
Windows Server supports two types of container. Windows Server Containers share the same kernel as the host, while Hyper-V Containers are isolated. Since Amazon EC2 instances do not support Hyper-V, you can only run Windows Server Containers on ECS.
Container technology was born on Linux and while Microsoft has made a great effort, in partnership with Docker, to support Windows containers, developers may wonder why they should bother, particularly when you can write .NET Core applications that run on Linux.
At the recent Build conference for developers, Microsoft's Gabe Monroy, Head of Product for Azure Cloud Native Compute, told me that Windows containers are primarily for legacy applications. "In the backroom, in the data centre somewhere, there's a bunch of Windows servers that are running mission-critical IIS applications, .NET Framework applications," he said. Windows containers are a possible cloud migration solution for this type of application.
Now you can run them on AWS, but expect this to remain a niche option. ®