Hi,
I’m running a .NET service on a windows VM, which i’m interested to have the ability to run a container locally.
This works well for me using the Docker.DotNet
library (or docker cmdline), as long as i’m running elevated on the windows VM.
This is how I instantiate the Docker.DotNet
client before using is successfully.
dockerClient = new DockerClientConfiguration(new Uri("npipe://./pipe/docker_engine")).CreateClient();
So far so good. However, when my service runs under the NETWORK SERVICE
identity (which is the state in Production, not changeable), I find it impossible to connect to the local docker daemon, either using Docker.DotNet
.
even simple commands such as docker version
fail under this identity, all with the following message:
error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.30/version: open //./pipe/docker_engine: Access is denied. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.
I’ve verified the docker daemon is up and running - this is most probably a permissions/security issue.
Q: are there any ways to workaround this?
I’ve so far tried enabling the docker engine to be available on tcp://localhost:2375
, but that hasn’t been successful, and i’d prefer to not have to do so.
Thanks for your help!