Questions from a former Docker OS X user

Docker Desktop
1

I was happily following along Docker community for almost 2 years while developing on Docker for OSX and was sold - it’s awesome. At my new gig, sadly, we’re on Windows 10, on a strict IT policy corporate domain and I do not have admin privileges on the local machine. Some things I am required to use force me to connect with Cisco VPN. After a week of pleading my case with the powers that be, I got Docker installed. I was cautiously optimistic.

Now after a week of working with the latest D4W I find Docker latest stable frustrating at best, unusable at worst.

I can mount volumes, sometimes, but other times the files disappear. I believe it has to do with the order of start up programs, or if I’m connected to VPN first before launching Docker, or if Docker launches first, and then my VPN causes a change to the network. I’m really hoping someone can point to a better (more stable/reliable) way to share files between the host and containers. I’m debating using an FTP server on the web server container, but it won’t work for MySQL data, for example.

Does anyone know a solid way to get file sharing working reliably on Windows?

Another example; I don’t really understand what I’m seeing here… I turned off the “launch Docker at boot” option. My docker machine is not running. Yet I can list containers, and some are running. That is,

> docker-machine ls 
NAME   ACTIVE   DRIVER   STATE   URL   SWARM   DOCKER   ERRORS

> docker ps -a
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS                  PORTS                              NAMES
05f845c1f4d4        redis:latest        "docker-entrypoint.sh"   3 days ago          Up 2 days               0.0.0.0:6379->6379/tcp, 6379/tcp   redis
729c9e06cb7b        percona:latest      "docker-entrypoint.sh"   3 days ago          Up 2 days               0.0.0.0:3306->3306/tcp             db

How is this possible?

At any rate, I figured out how to map my Mac OS X shortcuts from ~/.bash_profile to %USER_DIR%/WindowsPowerShell/Microsoft.PowerShell_profile.ps1

Here they are if you find them useful.

function dll()
{
	docker ps -a
}

function dim()
{
	docker images
}

function de($container)
{
	docker exec -it $container /bin/bash
}

function drun($app)
{
	if (!$app)
	{
		write-host "You must supply one argument, the name of the app/container to run."
	}
	else 
	{
		switch ($app)
		{
			"redis" {docker run -d -e APP=redis --name redis -p 6309:6309 redis:latest}

			"db" {docker run -d -e APP=db -e MYSQL_ROOT_PASSWORD=<XX> -e MYSQL_DATABASE=<XX> -e MYSQL_USERNAME=<XX> -e MYSQL_PASSWORD=<XX> --name=db -p 3306:3306 percona:latest}

			"web" {docker run -d -e APP=web --link db:db --link redis:redis -v C:/Users/YOURUSER/Documents/YOURAPP:/var/www/html -p 80:80 --name YOURCONTAINER YOURIMAGE}

		}
	}
}

function dsta ($app)
{
	docker start $app
}

function dsto ($app)
{
	docker stop $app
}

function drm ($app)
{
	docker rm $app
}

function ls ($arg)
{
	dir
}
2

Okay so there is no need for docker-machine on Windows. I guess I have more reading to do.

3

That’s correct! With Docker for Windows, docker-machine is only meant for provisioning remote dev instances.

If you’re experiencing reliability problems with filesharing, can you please run the in-app diagnostics and post it here? https://github.com/docker/for-win/issues/157

4

I can file a ticket but I’m fairly sure it’s related to one or more of the following:

  • I don’t have admin rights on the Win10 host
  • encrypted hard drive & filesystem
  • windows firewall is on
  • secondary Symantec firewall installed
  • Cisco vpn has to be used sometimes

It would make more sense to me if the D4W settings panel had specific folders designated for sharing instead of the whole C: drive, since I don’t have permission to share the whole drive. I notice some flakiness with that setting. I find it can be checked and think it isn’t checked, and vice versa, and restarting Docker doesn’t fix it - rebooting sometimes does.

I saw the “port 445 is blocked” dialog at one point. Our IT security team ensured me it wasn’t blocked but Docker thought it was and refused to sync files.

5

If you upload the diagnostics dump it’s gonna be easier for us to resolve where the setup is not working.

6

Is that just a part of the log file? Or is there a special way to trigger extra verbose debugging?

7

It’s in the Docker for Windows tray icon menu, “Diagnose & Feedback”

8

I’ve had similar challenges in my workplaces but I’ve found that it’s the blocking of port 445 that is the root cause to most trouble.

Symantec Endpoint Security was first challenge. I bet if IT would have changed the group policy applied rules to allow port 445 on the docker ip range everything would have worked straight up. But it ended up with them removing SEP for me.

Had issues with our F5 VPN too, got that working as it was possible to tick the Allow local resources checkbox in the VPN group I belonged to.

Now everything works flawlessly on or off VPN.

The admin rights I haven’t had issues with at all as the folders I’ve used for volumes has been in my own users folder. But seems like a lot of people get confused about that it’s labeled as the whole drive being shared.

9

I’ve narrowed this problem down to Cisco VPN client. I can have Docker version 1.12.3, build 6b644ec up and running with a shared folder on C using the normal -v option to Docker run and everything is fine and dandy, and almost as seamless as on Mac or Linux.

The moment I connect to Cisco VPN, the files disappear from the container.

The moment I disconnect from Cisco VPN, the files re-appear in the container.

No rebooting or Docker system tray settings Restart Docker required.

This is already filed on D4W issue 114.