Docker is a powerful container platform originally designed for Linux, but quickly became popular enough to receive native support on Windows. I first read Docker training material that took more of a Linux-first approach and loved what I saw. However my day-to-day work is still typically Microsoft/Azure stack so I was looking for a good book that takes on the nuances of working with Docker in a Windows or Azure environment.
I found Docker on Windows: From 101 to Production with Docker on Windows by Elton Stoneman to be really helpful for that purpose. This post is my quick review of the 1st edition.
Note: The second edition of this book is now available (link) — it was published around the time I was reading the 1st edition and I just missed it. The thoughts in this post reflect the 1st edition.
About the book
Stoneman covers quite a few Docker concepts in the book, but I found the most helpful information to be focused in these areas:
- How to package and run docker containers on Windows platforms.
- How to convert an existing .NET Framework-stack web application into a containerized solution.
- The differences in working with .NET Framework and .NET Core based application containers.
- What makes an application a good Docker citizen? Or how to design with a container-first approach.
- How to create distributed applications using Docker Swarm.
- Continuous Integration and Continuous Deployment with Docker (using containers as your pipeline).
- Docker platform/container security.
The following is some additional context around my favorite sections.
Good Docker Citizens
The book helps to explain what makes a good Docker citizen. The key takeaway is that the application makes very few assumptions about the system its running on, and only uses the basic functionality that all operating systems support (file system, networking, environment variables, and the console).
Your containers should only do one thing (ex: microservice model). One process running in the container, performing one application specific task. Application settings should be stored in environment variables. Application logs and errors are expected on the console output and error streams.
In .NET you can meet these requires by running a console application. This is why .NET Core applications run as console applications, so they can be easily be containerized.
Distributed Docker Applications
The chapters on Docker Compose and Docker Swarm were really helpful because they walk through building a distributed application. For example how to organize your Docker compose file and working with multiple environments (Dev, PPE, Prod, etc). How to work with Docker stacks. How to manage application code updates and deployments. The material on networking and service discovery was key to understanding how to design an application with Docker in mind.
He also briefly covers other offerings available beyond Docker Swarm. For example describing the cloud offerings from AWS, Azure, and GCP and their container orchestration options.
Docker Isolation and Security
The book provides easy-to-understand descriptions of how Docker container isolation works in Windows and how it differs from Linux. Specifically under normal isolation and Hyper-V (extended isolation) modes. He covers user process / execution context as well, which leads to some great recommendations for securing your containers.
There are also sections completely devoted to handling Windows Updates– both for the containers and the hosts, and how to perform downtime-free security updates in a distributed application.
Docker on Windows: From 101 to Production is a fantastic read for anyone looking to run Docker in a Windows or .NET stack environment. I appreciate how much attention was given towards the benefits of .NET core and the great information for building distributed applications.