So I'm using docker for a project I'm working on and one problem I solved very easily I thought I'd share. I know some stuff that I have experience with isn't necessarily obvious to others. Docker does some great things but has some quirky limitations. Usually this isn't a big deal because most of the people playing with docker are developing new stuff so they can just code around the limitations. For the project I'm working on, this wasn't an option. I needed docker to talk to Windows in a way that is not built in to docker. When I thought about the use case which was just making some files available to Windows, I realized I already had the solution in Cloud Volumes ONTAP (formerly ONTAP Cloud). Data ONTAP has this nifty ability to bridge Unix/Linux and Windows environments. We've matured that ability to reconcile Windows ACLs and authentication with Unix many times over and written tons of papers on how to do it Example. Cloud Volumes ONTAP is actually one of the easiest ways to deploy this functionality too for a few reasons.
- You deploy Cloud Volumes ONTAP via a GUI in OnCommand Cloud Manager in AWS or just download the same software from NetApp and install it on a supported version of Windows that can communicate with your VPC. The docs cover what ports to open and what permissions to give the user in AWS IAM. Kevin's also put together videos of doing the whole thing if you prefer that format here
- The Cloud Manager (we always shorten it to OCCM) software also can take care of creating NFS shares for you which gets you up and running with Docker pretty quick.
- When you need docker to give some of the files presented on unix to a Windows host open the web interface to Data ONTAP 8.3 (System Manager). I find the easiest way to do this is my OCCM is deployed inside AWS. That instance is a Windows 2012 instance I can use the browser on it to log in to Data ONTAP inside of AWS. Use the key you downloaded in the EC2 interface to decrypt the Administrator password like this
- Remote desktop in to that with username Administrator and the password (I disable Enhanced IE protection in server manager and in IE on that instance pull up the cluster or node management IP (both internal only IP by default and in case you don't know it one easy way to get the IP you can hit is in the EC2 interface the last secondary IP is usually it but I wouldn't bank on that. The OCCM interface will let you drill in to the IPs it assigned also.
- Once logged in with admin and the password (That's the password you chose when you created Cloud ONTAP in OCCM) click Storage Virtual Machine at the bottom left, and select your SVM and you should see something like this
- If you click that CIFS next to the green NFS you'll find the System Manager page that lets you set up CIFS in Cloud Volumes ONTAP. Data ONTAP can join the Windows domain and use domain credentials and has a very mature Windows integration. How you configure the CIFS services for windows is very unique to the environment. If you've got an Active Directory environment either in the cloud or reachable from Data ONTAP you can just point it to Data ONTAP there. Otherwise you might need to review the best way to set it up in something like our CIFS and NFS Multiprotocol Configuration Express Guide. If you set up Cloud Volumes ONTAP with OCCM you can skip creating an svm, volume, setting up a CIFS data lif (interface) is already done for you and some other steps. The primary things to complete are the name mapping and joining Data ONTAP to the Windows Domain.
This gives docker a path to serve up the data in the native NFS client that docker supports while making the data usable in Windows environments. Hope this helps extend your docker reach in to Windows environments easier.