Mar 21 2021 12:37 PM - edited Mar 21 2021 01:45 PM
I have installed containers on my host ( a Hyper-V VM named CH1. After installation and installing PWSH and VS Code, I used this script to configure the server for docker:
After installation and reboot, all looks well - I can docker pull, docker search etc. However if I attempt to run the hello-world container, I see this:
PS C:\Foo> docker run hello-world
docker: Error response from daemon: hcsshim::CreateComputeSystem 90142433e8cebe0abaa7e2e99b026a835008d93f4c9dfd28d83b53184bd01431: The container operating system does not match the host operating system.
(extra info: {"SystemType":"Container","Name":"90142433e8cebe0abaa7e2e99b026a835008d93f4c9dfd28d83b53184bd01431","Owner":"docker","VolumePath":"\\\\?\\Volume{d7ea90db-8134-45c0-9ccf-15b742c39627}","IgnoreFlushesDuringBoot":true,"LayerFolderPath":"C:\\ProgramData\\docker\\windowsfilter\\90142433e8cebe0abaa7e2e99b026a835008d93f4c9dfd28d83b53184bd01431","Layers":[{"ID":"b4536180-60ed-5a6d-86d7-a37ed5ce5b11","Path":"C:\\ProgramData\\docker\\windowsfilter\\40283115b35607b66b4d8d7695efcb7458a8d257b436b3f7a390953f43c04fbe"},{"ID":"42828790-7ad8-5ecf-807f-b3e273827547","Path":"C:\\ProgramData\\docker\\windowsfilter\\902d2a8dccd4e30470ae472bdad3eb46ac6e086b06fc80192081fb940c0fbb0c"},{"ID":"a9a80d15-dd55-508d-852d-6cf117cf34a9","Path":"C:\\ProgramData\\docker\\windowsfilter\\811d69326ffcce5cace299f3e56e2fb721528576a1bcb07106dd942e7d19dcc6"}],"HostName":"90142433e8ce","HvPartition":false,"EndpointList":["fd49e246-152a-460c-85b5-95064b53aced"],"AllowUnqualifiedDNSQuery":true}).
i understand that this is because WIndows and docker have different versions. But if I attempt to run this with hyper-v, it fails too - like this:
S C:\Foo> docker run hello-world --isolation-hyperv
docker: Error response from daemon: hcsshim::CreateComputeSystem 112d3c21fa74f58019e3cea40302a17b4775c454515468e1531d05b14d61b86c: The container operating system does not match the host operating system.
(extra info: {"SystemType":"Container","Name":"112d3c21fa74f58019e3cea40302a17b4775c454515468e1531d05b14d61b86c","Owner":"docker","VolumePath":"\\\\?\\Volume{7005aac7-0fc8-4f1c-a498-7bd5a777ce70}","IgnoreFlushesDuringBoot":true,"LayerFolderPath":"C:\\ProgramData\\docker\\windowsfilter\\112d3c21fa74f58019e3cea40302a17b4775c454515468e1531d05b14d61b86c","Layers":[{"ID":"b4536180-60ed-5a6d-86d7-a37ed5ce5b11","Path":"C:\\ProgramData\\docker\\windowsfilter\\40283115b35607b66b4d8d7695efcb7458a8d257b436b3f7a390953f43c04fbe"},{"ID":"42828790-7ad8-5ecf-807f-b3e273827547","Path":"C:\\ProgramData\\docker\\windowsfilter\\902d2a8dccd4e30470ae472bdad3eb46ac6e086b06fc80192081fb940c0fbb0c"},{"ID":"a9a80d15-dd55-508d-852d-6cf117cf34a9","Path":"C:\\ProgramData\\docker\\windowsfilter\\811d69326ffcce5cace299f3e56e2fb721528576a1bcb07106dd942e7d19dcc6"}],"HostName":"112d3c21fa74","HvPartition":false,"EndpointList":["4fff9c4f-d11d-4307-acd2-6111c9ed7bef"],"AllowUnqualifiedDNSQuery":true}).
i know I am probably missing something trivial - but would appreciate any clues!
Mar 22 2021 07:58 AM - edited Mar 22 2021 09:33 AM
So with the latest build of Server 2022, I simply can not run any container either natively or via isolation.
I have a set of scripts at: https://github.com/doctordns/PACKT-PS7/tree/master/scripts/Ch%2012%20-%20Containers
ALL of them fail to run the container.
Each of these scripts worked with Server 2019 - and am happy to retest that if needed.
Mar 22 2021 01:53 PM
Mar 23 2021 03:09 AM
Thsanks for your reply
1. Regarding enabling virtualization - I have already set nested virtualization:
PS C:\Foo> Get-VM -VMName ch1
Name State CPUUsage(%) MemoryAssigned(M) Uptime Status Version
---- ----- ----------- ----------------- ------ ------ -------
CH1 Off 0 0 00:00:00 Operating normally 10.0
PS C:\Foo> Get-VMProcessor -vmname ch1 | fl *virt*
ExposeVirtualizationExtensions : True
So that is not a solution. 😞
I do understand that the issue is between the container host version and the container image, but so far, I can find actually ZERO containers that can run with Windows Server 2022, with or without virtualization.
If you look at the scripts I have tested, none of them works, whereas these all worked to a degree with
Windows Server 2019. This feels like a regression in 2022.
Are containers actually tested prior to Insiders released? If so, can you share the tests so I can see how to get containers to run successfully??
Mar 25 2021 06:44 AM - edited Mar 27 2021 01:33 AM
Solution
docker run hello-world --isolation-hyperv
should be
docker run --isolation=hyperv hello-world
Things after the container name are taken as parameters to the container execution, and so docker isn't seeing the "--isolation-hyperv" parameter when you add it, or it would have told you that it was an unknown parameter, as it needs to be "--isolation=hyperv" or "--isolation hyperv".
The hello-world container will need to run with Hyper-V isolation for you, because it's based on nanoserver:1809, i.e. Windows Server LTSC 2019. If you're following a guide for Windows 10, note that on Windows 10, Hyper-V isolation is the default for Docker, so they won't use --isolation=hyperv in examples like this.
To use process isolation, you'll need to use an insider container image base matching the installed build, e.g. mcr.microsoft.com/windows/nanoserver/insider:10.0.20303.1 . Sadly, I don't think many (or any) image sources in the wild produce builds based on the insider versions, so if you're not building your own containers, you'll need to use Hyper-V isolation until this version of Windows Server is shipped, and container builders add it to their CI pipelines.
Mar 25 2021 06:44 AM - edited Mar 27 2021 01:33 AM
Solution
docker run hello-world --isolation-hyperv
should be
docker run --isolation=hyperv hello-world
Things after the container name are taken as parameters to the container execution, and so docker isn't seeing the "--isolation-hyperv" parameter when you add it, or it would have told you that it was an unknown parameter, as it needs to be "--isolation=hyperv" or "--isolation hyperv".
The hello-world container will need to run with Hyper-V isolation for you, because it's based on nanoserver:1809, i.e. Windows Server LTSC 2019. If you're following a guide for Windows 10, note that on Windows 10, Hyper-V isolation is the default for Docker, so they won't use --isolation=hyperv in examples like this.
To use process isolation, you'll need to use an insider container image base matching the installed build, e.g. mcr.microsoft.com/windows/nanoserver/insider:10.0.20303.1 . Sadly, I don't think many (or any) image sources in the wild produce builds based on the insider versions, so if you're not building your own containers, you'll need to use Hyper-V isolation until this version of Windows Server is shipped, and container builders add it to their CI pipelines.