Windows container requirements

This guides list the requirements for a Windows container Host.

OS Requirements

  • The Windows container feature is only available on Windows Server 2016 (Core and with Desktop Experience), Windows 10 Professional and Enterprise (Anniversary Edition) and later.
  • The Hyper-V role must be installed before running Hyper-V Containers
  • Windows Server Container hosts must have Windows installed to c:. This restriction does not apply if only Hyper-V Containers will be deployed.

Virtualized Container Hosts

If a Windows container host will be run from a Hyper-V virtual machine, and will also be hosting Hyper-V Containers, nested virtualization will need to be enabled. Nested virtualization has the following requirements:

  • At least 4 GB RAM available for the virtualized Hyper-V host.
  • Windows Server 2019, Windows Server version 1803, Windows Server version 1709, Windows Server 2016, or Windows 10 on the host system, and Windows Server (Full, Core) in the virtual machine.
  • A processor with Intel VT-x (this feature is currently only available for Intel processors).
  • The container host VM will also need at least 2 virtual processors.

Supported Base Images

Windows Containers are offered with four container base images: Windows Server Core, Nano Server, Windows, and IoT Core. Not all configurations support both OS images. This table details the supported configurations.

Host Operating System
Windows Server Container
Hyper-V Container
Windows Server 2016 / 2019 (Standard or Datacenter)
Server Core, Nano Server, Windows
Server Core, Nano Server, Windows
Nano Server*
Nano Server
Server Core, Nano Server, Windows
Windows 10 Pro / Enterprise
Not Available
Server Core, Nano Server, Windows
IoT Core
IoT Core
Not Available

Warning

Starting with Windows Server version 1709 Nano Server is no longer available as a container host.

Memory requirements

Restrictions on available memory to containers can be configured though resource controls or by overloading a container host. The minimum amount of memory required to launch a container and run basic commands (ipconfig, dir, etc...) are listed below. Please note that these values do not take into account resource sharing between containers or requirements from the application running in the container. For example a host with 512MB of free memory can run multiple Server Core containers under Hyper-V isolation because those containers share resources.

Windows Server 2016

Base Image Windows Server Container Hyper-V Isolation
Nano Server 40MB 130MB + 1GB Pagefile
Server Core 50MB 325MB + 1GB Pagefile

Windows Server version 1709

Base Image Windows Server Container Hyper-V Isolation
Nano Server 30MB 110MB + 1GB Pagefile
Server Core 45MB 360MB + 1GB Pagefile

Base Image Differences

How does one choose the right base image to build upon? While you are free to build with whatever you wish, these are the general guidelines for each image:

  • Windows Server Core: If your application needs the full .NET framework, this is the best image to use.
  • Nano Server: For applications that only require .NET Core, Nano Server will provide a much slimmer image.
  • Windows: You may find your application depends on a component or .dll that is missing in Server Core or Nano Server images, such as GDI libraries. This image carries the full dependency set of Windows.
  • IoT Core: This image is purpose-built for IoT applications. You should use this container image when targeting an IoT Core host.

For most users, Windows Server Core or Nano Server will be the most appropriate image to use. Below are a few things to keep in mind as you think about building on top of Nano Server:

  • The servicing stack was removed
  • .NET Core is not included (though you can use the .NET Core Nano Server image)
  • PowerShell was removed
  • WMI was removed
  • Starting with Windows Server version 1709 applications run under a user context, so commands that require administrator privileges will fail. You can specify the container administrator account via the --user flag (i.e. docker run --user ContainerAdministrator) however in the future we intend to fully remove administrator accounts from NanoServer.

These are the biggest differences and not an exhaustive list. There are other components not called out which are absent as well. Keep in mind that you can always add layers on top of Nano Server as you see fit. For an example of this check out the .NET Core Nano Server Dockerfile.