Cannot run Docker containers on Windows 2016, unless using --net=none

Archive Windows Server 2016
1

Expected behavior

Expected to be able to issue “docker run hello-world:nanoserver” and have it run properly.

Actual behavior

Docker fails to initialize and run the container:

C:\Windows\system32>docker -D -l debug run hello-world:nanoserver
time=“2018-05-29T16:44:38-04:00” level=debug msg="[hijack] End of stdout"
docker: Error response from daemon: container fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131 encountered an error during CreateContainer: failure in a Windows system call: The parameter is incorrect. (0x57) extra info: {“SystemType”:“Container”,“Name”:“fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131”,“Owner”:“docker”,“IsDummy”:false,“VolumePath”:"\\?\Volume{f105acde-6368-11e8-a2be-00155d524300}",“IgnoreFlushesDuringBoot”:true,“LayerFolderPath”:“C:\ProgramData\docker\windowsfilter\fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131”,“Layers”:[{“ID”:“e5350457-1387-5373-b9a8-07230e98aa8b”,“Path”:“C:\ProgramData\docker\windowsfilter\c11cbd0475c7a12f60b28d3ef1028a07eb9b82983e2f74fae8a6ee9bbb0b79c6”},{“ID”:“ab6b7c6a-98d4-5d6f-9930-b0906ca3aaaa”,“Path”:“C:\ProgramData\docker\windowsfilter\47ce7222617ba7158382208d1cdc5528e44ba9169292047aeabc38407826ff14”},{“ID”:“bf058292-101e-5355-9f92-844787bcbf02”,“Path”:“C:\ProgramData\docker\windowsfilter\53a16abf905135a14d88ac94c92aab0513a679068dd15a6352e5e1a874eb1972”},{“ID”:“e430fe00-7173-5711-90ca-d58bb9f5677c”,“Path”:“C:\ProgramData\docker\windowsfilter\6ca2b150ffc8adc88fe7fb1061819bb9bbb326ad15cc979f582abe6a446a5a67”}],“HostName”:“fcb79942db94”,“MappedDirectories”:,“HvPartition”:false,“EndpointList”:[“393390b2-1b7a-4943-a618-9f87e4b6f98d”],“Servicing”:false,“AllowUnqualifiedDNSQuery”:true}.

Information

C:\Windows\system32>docker events
2018-05-29T16:44:37.551112800-04:00 container create fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131 (image=hello-world:nanoserver, name=cranky_keller)
2018-05-29T16:44:37.554136400-04:00 container attach fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131 (image=hello-world:nanoserver, name=cranky_keller)
2018-05-29T16:44:37.813152400-04:00 network connect 39d5df00412efaa2ffa115195eab68a3e9896b1234f58ebb044c09cad584999e (container=fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131, name=nat, type=nat)
2018-05-29T16:44:38.996316900-04:00 network disconnect 39d5df00412efaa2ffa115195eab68a3e9896b1234f58ebb044c09cad584999e (container=fcb79942db94ab4c630aef0a3502e638e8aa2b811194e074cb8570f504927131, name=nat, type=nat)

C:\Windows\system32>docker info
Containers: 11
Running: 0
Paused: 0
Stopped: 11
Images: 1
Server Version: 17.06.2-ee-11
Storage Driver: windowsfilter
Windows:
Logging Driver: json-file
Plugins:
Volume: local
Network: l2bridge l2tunnel nat null overlay transparent
Log: awslogs etwlogs fluentd json-file logentries splunk syslog
Swarm: inactive
Default Isolation: process
Kernel Version: 10.0 14393 (14393.2273.amd64fre.rs1_release_1.180427-1811)
Operating System: Windows Server 2016 Standard
OSType: windows
Architecture: x86_64
CPUs: 4
Total Memory: 16GiB
Name: L3ENTTM1TST
ID: Z3TD:RJHF:5A6T:6GMB:XUPF:TXE6:4TKN:I637:IA2K:BS5N:P3O3:5SZZ
Docker Root Dir: C:\ProgramData\docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: -1
Goroutines: 25
System Time: 2018-05-29T16:59:36.4552085-04:00
EventsListeners: 1
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false

PS C:\Windows\system32> get-containernetwork

Name Id Subnets Mode SourceMac DNSServers DNSSuffix

nat 16a3e050-d297-48b8-a90f-69082420e508 {172.29.240.0/20} NAT

PS C:\Windows\system32> get-netnat

Name : H16a3e050-d297-48b8-a90f-69082420e508
ExternalIPInterfaceAddressPrefix :
InternalIPInterfaceAddressPrefix : 172.29.240.0/20
IcmpQueryTimeout : 30
TcpEstablishedConnectionTimeout : 1800
TcpTransientConnectionTimeout : 120
TcpFilteringBehavior : AddressDependentFiltering
UdpFilteringBehavior : AddressDependentFiltering
UdpIdleSessionTimeout : 120
UdpInboundRefresh : False
Store : Local
Active : True

PS C:\Windows\system32> get-vmswitch

Name SwitchType NetAdapterInterfaceDescription

nat Internal

PS C:\Windows\system32> get-netadapter

Name InterfaceDescription ifIndex Status MacAddress LinkSpeed

vEthernet (HNS Interna… Hyper-V Virtual Ethernet Adapter 5 Up 00-15-5D-8D-43-28 10 Gbps
Ethernet vmxnet3 Ethernet Adapter 8 Up 00-50-56-8B-51-0E 10 Gbps

Microsoft Windows Server 2016 Standard
10.0.14393

Steps to reproduce the behavior

  1. Add Windows Container feature
  2. Install Docker using published PS script steps, since this server is disconnected from the Internet
  3. Run the “docker” service
  4. Load the “hello-world” image that was saved from another server that is connected to the internet
  5. Issue the “docker run hello-world:nanoserver” command

Additionally

The container runs fine if I issue “docker run --net=none hello-world:nanoserver”. The host that I’m using here is also virtual server itself, although that hasn’t been an issue for me previously.

Also, after the “docker run hello-world:nanoserver” command fails, I can see that the virtual instance created for the container was actually created by reviewing the hardware device manager:

image

With debug enabled for the Docker daemon, I can see that the event log network error, and after the container fails and is released, Docker fails to remove the virtual instance:

debug: Result: {“Error”:-2147024809,“ErrorEvents”:[{“Data”:[{“Type”:“String”,“Value”:“565e2b0d9fe9676b9f89ad1b957eea5b7296e19c2d51ae53a12da4145a1b4557”},{“Type”:“String”,“Value”:“One or more arguments are invalid”},{“Type”:“String”,“Value”:“0x80070057”},{“Type”:“Guid”,“Value”:“DF1BDA76-5CF7-4ABC-B066-A6CB7BCACAD3”}],“EventId”:12102,“Message”:“Failed to attach network endpoint to Container ‘565e2b0d9fe9676b9f89ad1b957eea5b7296e19c2d51ae53a12da4145a1b4557’, network endpoint ID ‘{DF1BDA76-5CF7-4ABC-B066-A6CB7BCACAD3}’: One or more arguments are invalid (0x80070057).”,“Provider”:“17103e3f-3c6e-4677-bb17-3b267eb5be57”}],“ErrorMessage”:“The parameter is incorrect.”}

driver error deleting endpoint musing_heisenberg : HNS failed with error : The parameter is incorrect.

However, I can delete this instance through the hardware device manager. I’ve tried uninstalling and reinstalling everything, removed everything related to the virtual network with cleanup scripts and commands, etc. to no avail so far.

I’m hoping that someone here can help?