none
Run container on network ip and add it to domain RRS feed

  • Question

  • How can I run container on a network ip and add in AD domain? Right now, my container (created from default example) is running on local ip (172.16.0.2) and not accessible from outside.

    What is the best way to monitor containers? Can SCOM be used?

    I can map ports of local container with host machine and able to expose to outside world.

     

    Mukul Gupta


    • Edited by Mukulkgupta Monday, October 5, 2015 5:58 PM
    Monday, October 5, 2015 3:53 PM

All replies

  • Why do you wan't to join your container to an Active Directory domain? A Container will just get a random computer name, and is behind the container host's NAT. 

    By default, the container isn't accessible so this is something you have to open for explicit on the container host (open firewall and create static NAT rules to map traffic to the container itself).

    Right now, containers are part of Windows Server 2016 technical preview 3 and there's too early to comment on how any potential monitoring would be like. 

    If you want to see how the "others" have been doing this for a while, I suggest you look at Docker and Mesos to get a better understanding on how to manage containers. 

    If you have specific use cases and scenarios where you see active directory as a requirement, as well as using SCOM to monitor the containers, I'd like to hear more about this. 


    Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com )

    Thursday, October 8, 2015 7:45 PM
  • To answer the question "Why do you wan't to join your container to an Active Directory domain?", how else would you enable Windows authentication in app/service running inside the container? Does not the container need to be part of the AD domain in such case?


    Friday, January 8, 2016 8:24 AM
  • As I responded to your other thread...

    Many folks are asking this.  And there is a long (traditional) dependency on AD for Server apps written on Windows.

    It is really only cloudy apps that don't care (for the most part) - but there are even many IIS apps that have domain auth dependencies.

    and the traditional way to get domain auth is to join the OS.

    Personally, I don't think MSFT has an answer to this yet.  But I know they are watching and I am sure it is on the list.


    Brian Ehlert
    http://ITProctology.blogspot.com
    Learn. Apply. Repeat.

    Friday, January 8, 2016 3:52 PM
    Moderator