Key differences between containers on Linux and Windows
Docker containers on Linux and Windows aim to solve the same problems in principle and currently, the container management experience is starting to converge on these platforms. Nevertheless, if you come from the Linux ecosystem and have used Docker extensively there, you may be surprised by some differences that you can find. Let's briefly summarize them.
The largest and the most apparent limitation is the Windows host OS and Windows container OS compatibility requirements. In the case of Linux, you can safely assume that if the host OS kernel is running the minimum required version of 3.10, any Linux container will run without any problems, no matter which distribution it is based on. For Windows, it is possible to run containers with base OS versions that are exactly the same as the host OS version that's supported without any limitations. Running a newer container OS version on an old host OS is not supported, and what's more, running older container OS versions on a newer host OS comes with the requirement of using Hyper-V isolation. For example, a host running Windows Server version 1803 build 17134 can use containers with base image version Windows Server version 1803 build 17134 natively, but running containers with Windows Server version 1709 build 16299 will require Hyper-V isolation, and starting a container with Windows Server 2019 build 17763 is not possible at all. The following table visualizes this principle:
Host OS version Container base image OS version Compatibility
Windows Server, version 1803 build 17134 Windows Server, version 1803 build 17134 Process or Hyper-V isolation
Windows Server, version 1803 build 17134 Windows Server, version 1709 build 16299 Hyper-V isolation
Windows Server, version 1803 build 17134 Windows Server 2019 build 17763 Not supported
Windows Server 2019 build 17763 Windows Server 2019 build 17763 Process or Hyper-V isolation
For a more detailed compatibility matrix, please refer to the official Microsoft documentation at: https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/version-compatibility#choose-which-container-OS-version-to-use.
It is worth mentioning that the requirements for Hyper-V isolation may be a significant limitation in cloud environments or when running Docker on virtual machines (VMs). In such cases, Hyper-V isolation requires the nested virtualization feature to be enabled by the hypervisor. We will cover Hyper-V isolation in detail in the next section.
Another important aspect you may notice is the difference in sizes between the base images for Linux and Windows containers. Currently, the minimal Windows Server image, mcr.microsoft.com/windows/nanoserver:1809, is 98 MB in size, whereas, for example, the minimalistic image for Alpine Linux, alpine:3.7, is only 5 MB in size. The full Windows Server image, mcr.microsoft.com/windows/servercore:ltsc2019, is over 1.5 GB, while the base image for Windows, mcr.microsoft.com/windows:1809, is 3.5 GB. But it is worth mentioning that since the first release of Windows Server 2016 Core image, when the image size was 6 GB, these numbers constantly go down.
These differences can be seen more as the limitations of Docker containers on Windows. However, there is one aspect where Windows provides more flexibility than Linux – support for running Linux containers on Windows. Docker Desktop for Windows 10 supports such a scenario out of the box. Although this feature is still in development, it is possible to host Linux containers alongside Windows containers on Windows 10 with the help of Hyper-V isolation. We will cover this feature in more detail in the next section. The opposite scenario with Windows containers running on Linux has no native solution and requires manually hosting additional Windows VM on a Linux host.
In the next section, we will focus on the differences between different Windows container runtime variants.