hostcompute_nspawn utility is a proof-of-concept implementation of
a launcher for Windows Server containers. It is inspired by systemd-nspawn.
Utility uses Windows Host Compute Service, that is available in Windows Server 2016, to mount specified directory into container and run specified executable from that directory inside the isolated container environment.
Current limitations:
- no base images handling (not easy to solve as Windows images are not free, Docker can be used to pull the initial image)
- no console support (
stdoutis redirected into the file inside mounted directory) - no networking support (should be easy to add)
- binary for Windows Server 2016: hostcompute_nspawn.exe (0.6MB)
- sha256:
a8bf6464380c59441ba9ddf383b017e553392bb17efca5a536ad1f49fbb4d744
Check that you run Windsows Server 2016 with latest updates:
$ ver
Microsoft Windows [Version 10.0.14393]
Download Docker daemon and client to pull the base image microsoft/nanoserver:
$ dockerd.exe -D
time="2017-01-24T03:25:13.504516100-08:00" level=debug msg="Listener created for HTTP on npipe (//./pipe/docker_engine)"
...
$ docker.exe pull microsoft/nanoserver
Using default tag: latest
latest: Pulling from microsoft/nanoserver
bce2fbc256ea: Pull complete
3ac17e2e6106: Pull complete
Digest: sha256:03fac8366a7d5b2b2e596a3c86401e55796ce705ed5d472ae8d794c6ecf2e9ca
Status: Downloaded newer image for microsoft/nanoserver:latest
$ docker.exe inspect microsoft/nanoserver
...
"GraphDriver": {
"Name": "windowsfilter",
"Data": {
"dir": "C:\\ProgramData\\docker\\windowsfilter\\c889dc67d89b23186c943dadaa8ec4bbabd090a9dcfeffea99b61107f7433604"
}
},
...
Stop Docker daemon - it is needed only to pull the image.
Specify the parameters in config.json file (example):
parent_layer_directory: use value fromdirattribute from above outputprocess_directory: host directory that will be mounted into containertprocess_executable: relative path to executable to run inside the containerprocess_arguments: arguments to executablemax_ram_mb: max amount of RAM in megabytes allowedcpus_count: max number of CPU cores allowed (it looks like HCS doesn't actually enforce it)cpu_affinity_hex: CPU affinity mask, allows to bind containerized process to specific CPUs, must be specified in decimal, used as hex maskmax_cpu_percent: CPU maximum usage percentmax_storage_iops: maximum storage IOPSmax_storage_bandwidth_bytes_per_sec: maximum storage bandwidth in bytes per secondmapped_directory: mount point forprocess_directoryinside the containerstdout_filename: relative path tostdoutfile that will be written intoprocess_directory
Process example:
{
"process_executable": "jdk/bin/java.exe",
"process_arguments": ["-version"],
...
}
Run hostcompute_nspawn specifying the config file:
$ hostcompute_nspawn.exe -c config.json
It will print verbose output about container details to current terminal. Target process output will be written to nspawn_out.txt file inside the mounted directory:
openjdk version "1.8.0_111-3-ojdkbuild"
OpenJDK Runtime Environment (build 1.8.0_111-3-ojdkbuild-b15)
OpenJDK 64-Bit Server VM (build 25.111-b15, mixed mode)
CMake is required for building.
pkg-config utility is used for dependency management.
Ready-to-use binary version of pkg-config can be obtained from tools_windows_pkgconfig repository.
To build this utility using Visual Studio 2013 Express run the following commands using
Visual Studio development command prompt
(C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Tools\Shortcuts\VS2013 x64 Cross Tools Command Prompt):
git clone --recursive https://github.com/akashche/hostcompute_nspawn.git
cd hostcompute_nspawn
mkdir build
cd build
cmake .. -G "Visual Studio 12 2013 Win64"
cmake --build .
This project is released under the Apache License 2.0.
2017-05-06
- version
1.3 - CPU affinity support
2017-03-31
- version
1.2 - support for CPU load, IOPS and storage bandwidth
- deps update
2017-01-31
- version
1.1 - RAM and CPU cores limits support
- correct rollback behaviour on errors
2017-01-26
- initial public version