Supported install procedure for Windows Server 2022 without internet access

ishnets · May 19, 2023, 1:53pm

Is there a supported path for installing Docker on Windows Server 2022 without an internet connection?

I’ve managed to compile these instructions around the web, but still get the TLS handshake during docker-compose up.

# install Containers feature on Server
# install Hyper-V role on Server

# -----------------------

# execute on PC: 
Install-PackageProvider -Name DockerMsftProvider
Import-PackageProvider -Name DockerMsftProvider -Force
Find-Package -Provider DockerMsftProvider -AllVersions
mkdir C:\docker
Save-Package -Name Docker -Path c:\docker

# ------------------------

# copy the file to C:\temp on Server and execute:

Expand-Archive C:\temp\docker-xx.xx.xx.zip -DestinationPath $Env:ProgramFiles -Force

"C:\Program Files\docker\dockerd" --register-service
Start-Service docker

#add docker installation to path

$newPath = "$env:ProgramFiles\docker;" +
[Environment]::GetEnvironmentVariable("PATH",
[EnvironmentVariableTarget]::Machine)
[Environment]::SetEnvironmentVariable("PATH", $newPath,
[EnvironmentVariableTarget]::Machine)

# download docker-compose for windows from this url: [Releases · docker/compose (github.com)](https://github.com/docker/compose/releases/), copy it to C:\Program Files\docker\ and rename to docker-compose.exe

ishnets · May 20, 2023, 2:18pm

The TLS handshake error in this case was due to the fact that even though these were all local images coming from the local Docker registry, they were built from Microsoft base images, and those required a live internet connection, which this server doesn’t have.

I wish Docker errors were more descriptive.

neersighted · May 21, 2023, 10:00pm

You should probably be aware that Microsoft discontinued support for the DockerMsftProvider earlier this year; you in fact are ending up with an out-of-date version of Mirantis Container Runtime with unpatched vulnerabilities. I would suggest you instead update to a current version of Mirantis Container Runtime (23.0 or 20.10) if you want an installer, or consider something like GitHub - slonopotamus/stevedore: 🚢 Docker distribution for Windows Containers that Just Works if you’re okay with trusting a community source.

ishnets · May 27, 2023, 10:05am

Thanks for the heads up. What about using Docker CE/Moby, are there any caveats in using this on Windows Server 2022?

neersighted · May 27, 2023, 5:58pm

There is no official installer for Docker CE, though I think Microsoft has a script that does not permit upgrades. For most users, I would suggest the Stevedore project instead.

It’s also worth noting that MCR is also upstream Moby (plus some additional enterprise patches like FIPS, QA + validation, and support), but their version numbers don’t match on the 20.10 branch. Otherwise, any source is “fine” – it’s really just who you want to trust/get it from, and what kind of install experience they have.

ishnets · May 28, 2023, 11:17am

Yup, but Stevedore is still relatively new and MCR has a 900$ pricetag (per node) next to it.

vrapolinario · May 31, 2023, 8:39pm

FYI: Microsoft does have guidance to install Moby here: Prepare Windows operating system containers | Microsoft Learn

ishnets · June 1, 2023, 5:39am

Thanks, I found that one couple of days ago, installed it by downloading the referenced URL before running the script, seems to be running fine this week. I’m not sure whether I can legally use docker-compose cli plugin with this setup, though I did a test run and it seems to be working.