The growing excitement around Kubernetes is well deserved. It’s a fantastic system for deploying, managing, and securing modern, cloud-native applications. We think Pivotal Container Service (PKS), developed jointly by Pivotal and VMware, is the very best way to deliver enterprise-grade Kubernetes in the data center or on any cloud. But so far, Windows workloads have been left out of the party. That’s about to change.
Support for Windows worker nodes is considered a stable feature in Kubernetes 1.14. Beginning in PKS 1.5 we’re bringing this feature to the Pivotal Cloud Foundry (PCF) platform. That’s great news for the many enterprises with significant investments in applications running on Windows Server.
PCF has supported Windows workloads for a few years now, via Pivotal Application Service (PAS) for Windows. But not every application can be easily or cost-effectively refactored or re-engineered to run on PAS. Windows on PKS is a new option that can allow these legacy Windows applications to run alongside cloud-native applications in a single, modern environment.
The Clock is Ticking For Legacy Windows Apps
The timing couldn’t be better. Too many legacy Windows applications are still limping along on versions of Windows that have reached the end of their support lifecycle, or soon will. That’s a dangerous situation. Unsupported versions of Windows no longer receive security updates from Microsoft, leaving systems exposed to potentially devastating attacks, should new OS vulnerabilities be discovered in the future.
Notably, both Windows Server 2008 and Windows Server 2008 R2 will reach the end of their lifecycles on January 14, 2020. And that’s only if you’ve purchased an Extended Support contract from Microsoft; if you haven’t, systems running these OS versions are already unsupported. Either way, there’s no time to waste in moving these workloads to a more secure environment.
Unfortunately, using traditional methods migrating apps to newer Windows Server versions can be easier said than done. Windows developers typically target their apps to run on VMs, each of which includes a full OS installation. But legacy apps may be incompatible with newer, more secure versions of Windows. For example, they may require an older version of the .NET Framework or Internet Information Server (IIS). Containers can help here.
Containers and PKS Change the Game For Windows
Windows Containers provide greater flexibility for bringing legacy apps to modern environments. They allow developers to bundle just the application code, along with its dependencies and configuration data, into a single, more compact Docker Image, built upon a base container image provided by Microsoft. These base images can run full Windows, but can also run a minimalist OS like Windows Server Core or even Nano Server, allowing for a reduced attack surface and maximum flexibility in the system components that can be installed.
As with VMs, container workloads are isolated from each other—so, for example, two different workloads running on a single Windows worker node can use two different versions of the .NET Framework or IIS. Each container also includes its own filesystem and Windows Registry, Global Assembly Cache, and other Windows-specific components. In this way, many legacy apps that were once tied to out-of-date Windows versions can be made to run on a current version, none the wiser.
Deploying Windows containers on PKS provides operational advantages, too. For years, Pivotal has provided security-hardened Windows Server stemcell images for running Pivotal Application Server (PAS) for Windows. Now these same images can be used to deploy new Windows nodes on PKS. The result is that cluster admins only need to worry about patching the OS on the host nodes, leaving responsibility for securing and maintaining the containers running on the nodes to application owners. And the underlying BOSH technology makes deploying, managing, and patching nodes fast and painless.
Containers will be able to run anywhere PKS on Windows is supported, including vSphere and public clouds. This means you'll be able to move them between environments for scaling, security, or availability purposes.
A single container image can be used to launch multiple container instances and deploy them to multiple environments, with each container instance operating independently from the others. This allows workloads to scale horizontally to address spikes or lulls in demand.
Better yet, Kubernetes allows you to mix Windows and Linux nodes in the same cluster. Virtually all enterprises are already operating a mix of Linux and Windows workloads. By deploying Windows workloads in this way, ops teams can manage both types as a single pool, using a common set of tools, processes, and procedures.
Windows worker nodes can coexist in the same cluster with Linux nodes.
Naturally, this comes with a couple of caveats. First, PKS 1.5 will only support Windows worker nodes running Windows Server 2019, so many organizations may need to upgrade their licenses before they can begin deploying Windows containers on PKS (legacy or otherwise). Second, they’ll also need at least some in-house Linux expertise, because for now at least, the master node, API server, and other control plane elements necessary to make Kubernetes function only run on Linux.
.NET and PCF: A Solid Foundation
Support for Windows workers on Kubernetes clusters is a new and exciting way to lift and shift legacy Windows applications into modern cloud environments. It will enable those applications to efficiently coexist with modern applications built on PKS and PAS, including modern .NET Core applications running on Linux.
Moving forward, you’ll likely want to modernize some of those legacy Windows workloads by refactoring them as composable microservices. PKS will support this model, as well, and in the future you can expect to see key Pivotal offerings running on top of PKS—including PAS itself—to make it even easier to build, deploy, and manage modern applications on Kubernetes.
At Pivotal, we’re dedicated to providing the best possible platform for .NET workloads, old or new. We want to transform the way the world builds, deploys, and secures software. That’s why we provide a single, unified platform for all your application needs, including PAS, PKS, and the upcoming Pivotal Function Service (PFS).
PKS 1.5 with support for Windows worker nodes on Kubernetes will ship soon. Be one of the first to get the bits and start moving your legacy Windows workloads to modern, cloud-native environments. Sign up today.
Would You Like To Learn More?
This blog contains statements relating to Pivotal’s expectations, projections, beliefs, and prospects which are "forward-looking statements” and by their nature are uncertain. Words such as "believe," "may," "will," "estimate," "continue," "anticipate," "intend," "expect," "plans," and similar expressions are intended to identify forward-looking statements. Such forward-looking statements are not guarantees of future performance, and you are cautioned not to place undue reliance on these forward-looking statements. Actual results could differ materially from those projected in the forward-looking statements as a result of many factors. All information set forth in this blog is current as of the date of this blog. These forward-looking statements are based on current expectations and are subject to uncertainties, risks, assumptions, and changes in condition, significance, value, and effect as well as other risks disclosed previously and from time to time by us. Additional information we disclose could cause actual results to vary from expectations. Pivotal disclaims any obligation to, and does not currently intend to, update any such forward-looking statements, whether written or oral, that may be made from time to time except as required by law.
This blog also contains statements which are intended to outline the general direction of certain of Pivotal's offerings. It is intended for information purposes only and may not be incorporated into any contract. Any information regarding the pre-release of Pivotal offerings, future updates or other planned modifications are subject to ongoing evaluation by Pivotal and is subject to change. All software releases are on an “if and when available” basis and are subject to change. This information is provided without warranty or any kind, express or implied, and is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions regarding Pivotal's offerings. Any purchasing decisions should only be based on features currently available. The development, release, and timing of any features or functionality described for Pivotal's offerings in this blog remain at the sole discretion of Pivotal. Pivotal has no obligation to update forward-looking information in this blog.
About the AuthorMore Content by Neil McAllister