Hosting Internet Information Services (IIS) applications in Docker
Complete .NET Framework apps can be easily packaged into Docker images, but there are some limitations you need to be aware of. Microsoft provides Nano Server and Windows Server Core base images for Docker. The complete .NET Framework doesn't run on Nano Server, so to host your existing .NET apps in Docker, you need to use the Windows Server Core base image.
Running from Windows Server Core means your application images will be around 4 GB in size, the bulk of which is in the base image. You have a complete Windows Server operating system, with all the packages available to enable Windows Server features, like Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP), even though you only want to use it for a single application role. It's perfectly reasonable to run containers from Windows Server Core, but you need to be aware of the implications:
- The base image has a large surface area with a lot of software installed, which means it's likely to have more frequent security and functional patches.
- The OS runs a lot of its own processes in addition to your application process, as several core parts of Windows run as background Windows services.
- Windows has its own application platforms, with high-value feature sets for hosting and management, which do not natively integrate with the Docker approach.
You can take an ASP.NET web application and Dockerize it in a few hours. It will build into a large Docker image that takes a little longer to distribute and start up than an application built on a lightweight, modern application stack. But you'll still have a single package with your whole application deployed, configured, and ready to run. This is a big step in improving quality and reducing deployment time, and it can be the first part of a program to modernize a legacy application.
To integrate an ASP.NET app more closely with Docker, you can modify how IIS logs are written, specify how Docker checks whether the container is healthy, and inject configuration into containers without any changes to the application code. If changing code is part of your modernization program, then with minimal changes, you can use the container's environment variables and filesystem for application configuration.