Recently I got the experience of using Docker on Windows Server to actually deploy a production running service. It was a fun experience for sure. I ran into three things that made it worthwhile to write down for posterity.

Integrated Windows Auth MSSQL Server

There is always a database involved somewhere and this time the customer is already running MSSQL Server. That is not a big deal, we can all connect to database servers using login credentials, right? Wrong. Well in this case wrong, because the IT department is refusing a separate login. Everything has to be done with named accounts and integrated Windows authorization and authentication. That means I cannot connect to it from Docker as you need a special .dll file that only executes under Windows.

This was a slight setback. Luckily, I say luckily in this case, I was coding it in Java as Python3 does not even support integrated windows auth with their SQL drivers. I might be able to salvage something from a project used to get a sql shell when doing IT security but that is stretching it a bit far.

Java just requires a .dll file to be present. Microsoft has a good page on it. So when that was all setup, I could connect and use it. It did mean running it outside of Docker but it is what it is. I had initially wanted it to be part of the main backend API but thankfully I chose to write a quick CLI app instead.

Docker-compose and volumes

In the Docker-Compose file you have the option to specify volumes. These can use the so called short syntax. If you specify a file, a path or even a named volume it all works the same under Linux. One can map a file to another file, a named volume to a file or path and a path to a path.

In Windows the short syntax only supports path -> path mapping. Whether that is a named volume or path as the source, the target always has to be a path. The long syntax has an option to specify the type and it should be set to bind and then a file can be mapped into a file under Windows.

General issues

Stability

The general issue I have is that the Docker for Windows application does not feel very stable. Once it notified for updates, and I updated it. Then it could not start anymore until a full reboot. I was scared quite considerably.

Disk space usage

The other issue I ran into is the fact the file system does not shrink. Now someone said:

Oh just clear the cache and it will all work

Don't do this unless you are okay with deleting all your data^*. If you want to keep the data from for example your named volumes. Tough luck, it is nigh impossible to get it out as Docker runs on a VM and has weird bindings. So it is not transparent at all how to get the data out. Do I have a solution. Of course.

You stop running all current active containers. Start a new one with mapping the named volume to a path in a new throwaway docker container. Add a mapping to a C:\ path as well.

docker run --rm -it "C:\Users\Public\Data\":/data/c named_volume:/data/named alpine:3.13.2 ash

Then copy all the data from named volume into the C:\ mapped one.

Et voila. You have it.

Linux containers or Windows containers

Just be aware of the fact one can run either only Linux or Windows containers. One cannot run a mix of both. That is something to keep in mind when deciding to run Docker on Windows.

_{* So I did this and it was a not a happy time. I only lost test data and that did not have an impact. I was distraught for a slight moment though.}

#devops