Hot Topics
Cloud-Native Development Features Topics 

Why Windows Containers Are Less Attractive Than Linux Containers

, , , ,
by Christopher Tozzi

The fact that you can run Docker containers on Windows as well as Linux is amazing. Yet, I sometimes struggle to see a clear use case for Windows containers. Compared to Linux containers, there are fewer obvious reasons to run containers on Windows.

I know that’s a somewhat controversial statement, so let me walk through the various reasons why Windows containers are much less attractive than Linux containers.

Docker Supports Only Certain Windows Versions

One of the greatest things about Docker on Linux is that you can build a Docker image and deploy it on any version or distribution of Linux, as long as your Linux system has Docker installed. In this way, Docker smooths over the often steep differences between different Linux distributions.

In the Windows ecosystem, however, Docker can’t perform this magic. Docker only runs on a handful of Windows releases: Namely, Windows Server 2016 and certain editions of Windows 10.

As a result, in the Windows world, Docker doesn’t deliver on its “build once, run anywhere” promise.

There Are Few Public Windows Container Registries and Images

Another powerful reason to use Docker on Linux is that there are a plethora of public container image registries, from which you can grab ready-to-run containers for free. Name a common Linux application and chances are very good that you can find a publicly available Docker image for it.

Here again, Windows comes up short by comparison. Few vendors in the Windows ecosystem offer Docker images of their software, and public Windows container registries are few and far between. If you use Docker on Windows, you’ll probably have to build all your container images yourself.

Windows Is a Less Secure Host for Containers

If you’re obsessive about security—as well should be these days—you like running containers on Linux because you can use a host operating system that has a very small footprint. The fewer things you have running on the host, the better from a security perspective. That’s why Linux distributions such as Alpine are popular options for hosting Docker containers.

With Windows, running a minimal host system is not an option. You have to run a full-fledged Windows host, even if the majority of services and utilities included in the system aren’t necessary for hosting Docker. All that extra stuff is an extra security attack vector.

The Future of Windows Containers Is Unclear

There have been few developments in the world of Windows containers since Microsoft and Docker announced native container support for Windows a couple of years ago. Pessimists might wonder whether the companies are committed to supporting Windows containers for the long haul. And they might, in turn, hesitate to become dependent on them.

I’d bet a lot of money that Docker still will work fine on Linux in 10 years. I wouldn’t make a similar wager for Docker on Windows.

Conclusion

I don’t mean to suggest that Docker on Windows has no use at all. For some scenarios, it surely makes sense to run them. But by and large, I have a hard time seeing a broad set of use cases for Windows containers as compared to Linux containers. And I don’t see that changing anytime soon.

Christopher Tozzi

Christopher Tozzi has covered technology and business news for nearly a decade, specializing in open source, containers, big data, networking and security. He is currently Senior Editor and DevOps Analyst with Fixate.io and Sweetcode.io.

Christopher Tozzi has 254 posts and counting. See all posts by Christopher Tozzi