Microsoft is investing in Linux containers on Windows Server — and if security and containers are important to you — keep on reading. At DockerCon today, Microsoft demonstrated support for Linux containers running natively on Windows Server through Hyper-V isolation technology. SUSE is excited to be a part of this announcement and will actively collaborate with Microsoft to enable our joint customers with SUSE-based Hyper-V isolated containers that run natively on Windows Server.
Why isolate containers inside a VM?
The path for Microsoft towards helping build an industry-standard cross platform container runtime and enabling native SUSE Linux containers on Windows Server also enables some valuable security benefits. Through Hyper-V isolation, running one VM per container provides kernel isolation capabilities, enabling enhanced security. The solution provides further capability to regulate workloads and increase performance with file-cache sharing, cloning, and benefits of a single file space.
For customers concerned about multi-tenancy, hyper-scale web apps, or those customers who may be exposed to malicious kernel attacks that could target other containerized apps– VM isolated containers should be a valuable feature.
What to do next: