Tag: Container

Windows Sandbox

How to configure Windows Sandbox

With the latest release of Windows 10 (1903), Microsoft introduced a new feature called Windows Sandbox. Windows Sandbox is based on Hyper-V technology and allows you to spin up an isolated, temporary, desktop environment where you can run untrusted software. In this blog post, I will show you how you can set up and configure Windows Sandbox in Windows 10. I will also cover who you can do an advanced configuration of your Windows Sandbox using Windows Sandbox config files.

The sandbox is great for demos, troubleshooting or if you are dealing with malware. If you close the sandbox, all the software with all its files and state are permanently deleted. It is a Windows 10 virtual machines, with the advantage that it is built into Windows 10, so it leverages the existing OS, which gives you faster startup, less footprint, better efficiency, and easier handling, without losing security.

Dynamic Image

Source: Microsoft

Windows Sandbox is a lightweight virtual machine with an operating system. The significant advantage which makes it so small is the usage of existing files from the host, for data which cannot change. For the files which can change, it uses a dynamically generated image, which is only ~100MB in size.

There are much more exciting things happening with the Windows Sandbox like smart memory management, Integrated kernel scheduler, Snapshot and clone, Graphics virtualization and Battery pass-through. If you want to find out more about the Windows Sandbox, check out the official blog post.

Prerequisites

Windows Sandbox comes with a couple of requirements. How more powerful your machine is, the better the experience will be.

  • Windows 10 (1903) Pro or Enterprise build 18362 or later
  • 64-bit architecture
  • Virtualization capabilities enabled in BIOS
  • At least 4GB of RAM (8GB recommended)
  • 1GB of free disk space (SSD recommended)
  • 2 CPU cores (4 cores with hyperthreading recommended)


Windows Sandbox

Windows Sandbox – Isolated Windows Desktop

Today Microsoft announced a new feature called Windows Sandbox. Windows Sandbox is built based on Windows Container technology, which allows you to spin up an isolated, temporary, desktop environment where you can run untrusted software. The software you run and install in the Windows Sandbox does not affect the host. If you shut down the Windows Sandbox all changes and all software you installed in the Sandbox are gone again. This sounds very similar to the technology Windows Defender Application Guard already used to build a sandbox environment for Microsoft Edge.

Windows Sandbox Overview

Windows Sandbox

Windows Sandbox has the following properties:

  • Part of Windows – everything required for this feature ships with Windows 10 Pro and Enterprise. No need to download a VHD!
  • Pristine – every time Windows Sandbox runs, it’s as clean as a brand-new installation of Windows
  • Disposable – nothing persists on the device; everything is discarded after you close the application
  • Secure – uses hardware-based virtualization for kernel isolation, which relies on the Microsoft’s hypervisor to run a separate kernel which isolates Windows Sandbox from the host
  • Efficient – uses integrated kernel scheduler, smart memory management, and virtual GPU

Windows Sandbox brings the advantages of Windows Containers and also adds a desktop. If you compare this to a Windows 10 Virtual Machine, the Windows Sandbox will consume much fewer resources, it starts up match faster and will be much more efficient with hardware resources. You can think of it like a lightweight virtual machine, which can share the same hardware but also the same kernel and memory as the host system (like a container).



Remove All Docker Container Images

New Windows Server 2019 Container Images

Microsoft today released the new Windows Server 2019 again. After they quickly released Windows Server 2019 during Microsoft Ignite, they removed the builds again, after some quality issues. However, today Microsoft made the Windows Server 2019 builds available again. Microsoft also released new Windows Server 2019 Container Images for Windows, Windows Server Core and Nano Server.

Download Windows Server 2019 Container Images

You can get them from the new Microsoft Container Registry (MCR).

Microsoft was hosting their container images on Docker Hub until they switch to MCR (Microsoft Container Registry). This is now the source for all Windows Container Images like Windows Server 2019, Windows Server 2016 and all the Semi-Annual Channel releases like Windows Server, version 1709 or Windows Server, version 1803.

Download the Windows Server 2019 Semi-Annual Channel Container Images (Windows Server, version 1809). This includes also the new Windows Container Image.

 
docker pull mcr.microsoft.com/windows/servercore:1809
docker pull mcr.microsoft.com/windows/nanoserver:1809
docker pull mcr.microsoft.com/windows:1809

The Windows Server Core Image is also available as a Long-Term Servicing Channel Image:

 
docker pull mcr.microsoft.com/windows/servercore:ltsc2019

However, if you want to browse through container images, Docker Hub continues to be the right place to discover container images. Steve Lasker wrote a blog post about how Microsoft syndicates the container catalog and why.

Download Windows Server 2016 and Windows Server SAC Container Images

Also the existing Windows Server 2016 and Windows Server, version 1803 and Windows Server 1709 container images moved to the Microsoft Container Registry (MCR).

 
# Here is the old string for pulling a container
 
# docker pull microsoft/windowsservercore:ltsc2016
 
# docker pull microsoft/nanoserver:1709
 
# Change the string to the new syntax and use the same tag
 
docker pull mcr.microsoft.com/windows/servercore:ltsc2016
 
docker pull mcr.microsoft.com/windows/nanoserver:1709

You should also make sure to update your Dockerfile references:

Old Windows Server Dockerfile reference

FROM microsoft/windowsservercore:ltsc2016

New Windows Server Dockerfile reference

FROM mcr.microsoft.com/windows/servercore:ltsc2016

Removing the “latest” tag from Windows Images

Starting 2019, Microsoft is also deprecating the “latest” tag for their container images.

We strongly encourage you to instead declare the specific container tag you’d like to run in production. The ‘latest’ tag is the opposite of specific; it doesn’t tell the user anything about what version the container actually is apart from the image name. You can read more about version compatibility and selecting the appropriate tag on our container docs.

Removing Container Images

Remove All Docker Container Images

If you want to remove existing container images from your PC, you can run docker rmi to remove a specific image. You can also remove all containers and container images with the following commands:

 
# Remove all containers
docker rm $(docker ps -a -q)
 
# Remove all container images
docker rmi $(docker images -q)

If you want to know more about Windows Containers and the Microsoft container eco system, visit the Microsoft container docs.



Windows Server 2019

Windows Server 2019 released, get it now!

Microsoft announced Windows Server 2019 a while ago and also showed of a lot of new features and improvements at Microsoft Ignite last week. Today Microsoft announced the release of Windows Server 2019. Windows Server brings improvements in four key areas, such as Hybrid, Security, Application Platform and Hyper-converged Infrastructure (HCI). Together with Windows Admin Center, Windows Server 2019 becomes a powerful platform to run your workloads on-premise or in the cloud.

Update: Windows Server 2019 availability

On October 2, 2018, we announced the availability of Windows Server 2019 and Windows Server, version 1809. Later that week, we paused the rollout of these new releases to investigate isolated reports of users missing files after updating to the latest Windows 10 feature update. We take any case of data loss seriously, so we proactively removed all related media from our channels as we started investigation of the reports and have now fixed all known related issues.

 

In addition to extensive internal validation, we have taken time to closely monitor feedback and diagnostic data from our Windows Insiders and from millions of devices on the Windows 10 October 2018 Update. There is no further evidence of data loss. Based on this data, today we are beginning the re-release of Windows Server 2019, Windows Server, version 1809, and the related versions of Windows 10.

 

Customers with a valid license of Windows Server 2019 and Windows Server, version 1809 can download the media from the Volume Licensing Service Center (VLSC). Azure customers will see the Windows Server 2019 image available in the Azure Marketplace over the coming week. We are also working to make the Windows Server 2019 evaluation available on the Microsoft Eval Center. We will provide an update to this blog and our social channels once it’s available.

 

November 13, 2018 marks the revised start of the servicing timeline for both the Long-Term Servicing Channel and the Semi-Annual Channel. For more information please visit the Support Lifecycle page.

Source: Microsoft

Windows Server 2019 Investments

You can also read more about Windows Server innovations on my blog:

I have some other blog post in the pipeline, covering new features in Windows Server 2019.

Download Windows Server 2019

You can download and get Windows Server 2019 form different Microsoft source:

Update: Windows Server 2019, is now available on the Azure Marketplace, MSDN and the Evaluation Center!

At Microsoft Ignite, Microsoft showed also some great Windows Server demos and I hope you check it out!



Windows Server 2019

Windows Server 2019 – What is coming Next

A while ago Microsoft announced the next key versions Windows Server 2019 and System Center 2019. And a couple of weeks ago, at the Windows Server Summit, Microsoft was taking more about what is new in Windows Server 2019. Microsoft also talked a lot about the positioning of Windows Server and what we can expect in the future. With the news finally released to the public, I can start talking and blogging about the new features and investments. I decided to create a series of blogs, to show the world the great new features. This blog post here, should give you a high level overview about how Microsoft is investing in Windows Server 2019.

Windows Server – The Power behind the Intelligent Cloud and the Intelligent Edge

Intelligent Cloud and Intelligent Edge

Windows Server is not only powering the Intelligent Edge where you have a great Software-Defined Datacenter plaform running Hyper-V or Stroage Spaces Direct, or as application platform. It is also powering the Microsoft Azure Intelligent Cloud. Windows Server is running the foundation of the platform of Azure and also many many services running in Microsoft Azure and Microsoft Azure Stack. If the innovation happening in the Microsoft Public Cloud, we as customers also benefit from that.

Windows Server – Hybrid Cloud in the DNA

Windows Server Hybrid Cloud

Windows Server is a great platform and it runs where ever you are. If you run on-premises in your Software-Defined Datacenter running in on physical hardware or in virtual machines or on Azure Stack, Windows Server is your platform. If you are running in the Public Cloud, Windows Server is not only the platform powering Azure. Windows Server is also a great platform for you to run application in Microsoft Azure or other cloud services providers.

Azure Hybrid Benefit for Windows Server

Azure Hybrid Benefit for Windows Server Reserved Instances

The Azure Hybrid Benefit for Windows Server is also a great option to run Windows Server workloads in the cloud. It allows customer to leverage the licensing they already have. This can bring down cost by a huge factor, and this together with Azure Reserved VM Instances up to 82%.

Windows Server 2019 – Innovation and Investments

Windows Server 2019 Investments

If we have a look at the investments done in Windows Server 2019, we can see that we can categorize them in 4 categories.

  • Hybrid Datacenter Platform
  • Security
  • Application Innovation
  • Hyper-Converged Infrastructure

Unique hybrid datacenter platform

Windows Server 2019 brings new functionality and features to extend your datacenter to Azure to maximize existing investments and gain new hybrid capabilities. To achieve this Microsoft brings improvements to Windows Server 2019 like built-in Azure Active Directory integration, Azure Backup, Azure Site Recovery, Storage Migration Services and many more.

Enhanced security capabilities

One of the key factors in today’s IT landscape is security. Microsoft started the journey by bringing enhanced security features to Windows Server 2016. With Windows Server 2019 Microsoft improves these security features of their server operating system. Microsoft adds new capabilities like Shield Virtual Machines for Linux, Exploit Guard, Encrypted Virtual Networks and under a lot of others. My favorite, the integration of Windows Defender Advanced Thread Protection or Windows Defender ATP.

Faster innovation for applications

With the Semi-Annual Channel releases of Windows Server, Microsoft already released some great investments to enable developers and IT pros. These allow them to create cloud native apps or modernize their traditional apps using containers and micro-services. In Windows Server 2019, Microsoft goes one step further and releases the SAC Improvement s like Linux Containers on Windows Server and the Windows Subsystem for Linux on Windows Server to the LTSC release. Microsoft also invest heavily to improve the container experience on Windows Server, by optimizing the container images for Server Core and Nano Server, a new Windows Container Image and better integration into orchestrators like Kubernetes and Service Fabric.

Unprecedented Hyper-converged Infrastructure

Microsoft is also improving your software-defined datacenter experience to achieve greater efficiency and security. With Windows Admin Center, Microsoft introduced a new web-based management UI which will be a perfect solution to manage your Windows Server 2019 servers. However, Microsoft is also investing in more hardware support like Storage Class Memory support. But also, on adding scale, resilience and performance improvements to your Storage Spaces Direct deployments. This includes improvements like Cluster Sets, improved performance for Mirror-accelerated parity volumes and much more.

In the next couple of days and weeks I will release some blog posts. These will covering the new features and improvements in Windows Server 2019 with a little more technical depth. And I am sure we will even have more to share after Microsoft Ignite. So ,stay tuned and follow my blog 🙂



AzCopy Azure and Azure Stack

Sync Azure Blob Storage with Azure Stack Blob Storage

There are some scenarios where you want to sync Blob Storage on Azure with Blob Storage on Azure Stack. This easily be done using the AzCopy tool. AzCopy is a command-line utility designed to copy data to and from Microsoft Azure blob and table storage using simple commands with optimal performance. You can copy data from one object to another within your storage account, or between storage accounts in Azure as well as in Azure Stack.

You can get AzCopy on Windows and AzCopy on Linux. You should get at least AzCopy version 7.1.0. In my example I use the version 8.0.0 preview version, which also works fine. Make also sure that you have deployed a supported version of Azure Stack. Check out my blog about updating Azure Stack to get more information.

After the installation you will find the AzCopy.exe in the “C:\Program Files (x86)\Microsoft SDKs\Azure\AzCopy”

How to Sync and copy files from Azure to Azure Stack

You can use AzCopy with Azure Stack as you would do in Microsoft Azure. To copy and Sync files you can use the following command. Be aware that synchronous data transfer between Azure storage and Azure Stack is not supported. There for you will need to specify the the /SyncCopy or –sync-copy parameter.

 
#Windows
 
AzCopy /Source:https://azcopywithazs.blob.core.windows.net/thomasmaurer /Dest:https://azcopywithazs.blob.azurestack.thomasmaurer.ch/thomasmaurer /SourceKey:key1 /DestKey:key2 /S /SyncCopy
 
#Linux
 
azcopy \
--source https://azcopywithazs.blob.core.windows.net/thomasmaurer/ \
--destination https://azcopywithazs.blob.azurestack.thomasmaurer.ch/thomasmaurer/ \
--source-key key1 \
--dest-key key2 \
--include "tm.txt" \
--sync-copy

Of course this works in both directions and also between two different Azure Stack storage accounts.

You can find more about AzCopy on Azure Stack on the documentation page. If you have any questions feel free to comment on the blog post. There are other great storage tools which work great with the Microsoft Hybrid Cloud environment like Visual Studio or Azure Storage Explorer. These scenarios show perfectly how Microsoft built their hybrid cloud environment. Basically you can use the same tools, processes and knowhow in the Public Cloud as well as in your datacenter.



Windows Container Images

The New Windows Container Image

At Microsoft Build 2018, Microsoft announced a new Windows container image, next to the Windows Server Core container image and the Nano Server container image. This new Windows container image is for applications and workloads which need additional API dependencies beyond Nano Server and Windows Server Core.

With the release of the latest Windows 10 Insider Preview (Build 17704), you can now download a preview of that container image. Your container host will need to run at least on the Windows Insider build 17704.

Windows Container Image

The IT world is transforming and Microsoft can see a huge demand by customers for containers. However the container images available today, Nano Server and Windows Server Core are lightweight versions of Windows and not including some of the components of Windows. A huge scenario for containers is to put legacy applications into containers. With the new Windows container image, Microsoft is offering a new option for applications who need more components which are not included in Windows Server Core, like DirectX or proofing support.

Microsoft Windows Container Images

As of today, Microsoft offers 3 container images in preview:

ImageVersionSize
mcr.microsoft.com/nanoserver-insider10.0.17704.1000232 MB
mcr.microsoft.com/windowsservercore-insider10.0.17704.10003.38 GB
mcr.microsoft.com/windows-insider10.0.17704.10008.07 GB

Getting started with Windows Containers

First you need to have a host running Windows Insider Preview Build 17704 or higher. After that you can simply use docker to get the latest Insider container images from the Microsoft Container Registry:

 
docker pull mcr.microsoft.com/nanoserver-insider
 
docker pull mcr.microsoft.com/windowsservercore-insider
 
docker pull mcr.microsoft.com/windows-insider

You can read more about the new Windows Container image here on the Microsoft Virtualization Blog.

If you want to know more about the production Container Images for Windows, check out my blog post: Docker Container Images for Windows Server 1709 and new tagging