Behind the scenes : Creating a Microsoft SQL Server as a Windows / Docker Container

Introduction

This post is the first of a series in my journey to build a flexible / production ready MSSQL windows container. I thought this would have been a breeze with my experience on Docker for Linux, though I must admit┬árunning into multiple issues… This post will not provide you with a working container, as I’m still developing that one.

2016-07-06 14_23_15-kvaeschost01 - 104.45.23.120_3389 - Remote Desktop Connection

Once I deem it as production ready, it’ll be released to the community to be used freely. Though I want it to meet my personal quality standards, being that it should be stable and flexible enough to run in production mode.

 

Blueprint Braindump

For those who have been following me for a while (real life, twitter, yammer, linkedin, …); you probably know I’ve been preaching about MSSQL as a container for way too long. My personal vision was to have a MSSQL run in a container. The data should be located outside of the container, which would enable a (more/relative) easy path for the changes you want to implement.

kvaes-mssql-container-blueprint-docker-persistent-storage-identity-repository

So where volume mapping would be an option… I was also considering an integration with an external storage service. As an Azure fanatic, I (also) want to leverage the option of storing my data/temp files on Azure storage. This would provide my with total host independent storage persistence on Docker! For those who have been playing with Docker for a while, this is truly a powerful combination.

As a long term goal, I would like to see this running on a “serverless” platform. From what I have seen in the market, this is still an unreachable utopia/Walhalla at this point. So my current objective in that areas is to investigate the option of deploying this setup on a Service Fabric or to leverage the power of Rancher with Windows containers.

Continue reading “Behind the scenes : Creating a Microsoft SQL Server as a Windows / Docker Container”

Advertisements

Integrating Azure Active Directory with Rancher

Introduction

Today we’ll be doing a post on how to integrate “Azure Active Directory” with my favorite docker orchestration tool “Rancher“. A few months back I issued a request towards the Rancher team (via Github) and it was added in the latest 1.1.0 release!

 

Authentication & Authorisation

So what can we do with it? The first thing I want to point out that in any identity process, there are two conceptual aspects;

  • Authentication ; Here you provide a way to prove that you are really you… This can be done via user/pass, certificates, … and so on.
  • Authorization ; Once your identity has been known, you can be granted with a given set of permissions (maybe grouped by role).

Why do I say this? It’s important to know that once you enable the AAD (Azure Active Directory) integration, this part will become responsible for the authentication part. Rancher UI (or Rancher Server) will remain responsible for the authorization part!

 

Identity Flow with the AAD integration

The following diagram will show you how the flow goes…

kvaes-rancher-azure-active-directory-integration

Continue reading “Integrating Azure Active Directory with Rancher”