search

docker / for-win

Bug reports for Docker Desktop for Windows
https://www.docker.com/products/docker#/windows
1.85k stars 287 forks source link

WCOW transparent network not persisting --ip during runtime #12946

Open gerneio opened 2 years ago

gerneio commented 2 years ago

https://github.com/docker/for-win/issues/2985 is unrelsoved but was automatically closed. I can confirm that the exact same issue is occurring nearly 4 years later.

docker network create --driver=transparent --subnet=192.168.1.0/24 --gateway=192.168.1.254 -o com.docker.network.windowsshim.interface="Ethernet 12" test-network

docker run -itd --network=test-network --ip="192.168.1.207" --name test mcr.microsoft.com/windows/servercore:20H2

Afterwards, opening a terminal against that running container and running "ipconfig" will show an ip assigned by the networks DHCP server, NOT the one set via the --ip tag.

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : attlocal.net
   IPv4 Address. . . . . . . . . . . : 192.168.1.186
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254

One important thing I'd like to point out is that if I run the following command:

docker run -itd --network=test-network --ip="192.168.1.207" --entrypoint="ipconfig" --name test mcr.microsoft.com/windows/servercore:20H2

The container will start but immediately exit since the ipconfig command has completed. Looking at the containers logs, you can see that the results DO show the specified IP in use. This leads me to believe that an internal mechanism is changing out the IP during runtime, however as you can see we are just pulling the base image from microsoft. I've been able to set static IP's with this same image using a NAT network where as this issue seems to be specific with a Transparent network for some reason.

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :    
   IPv4 Address. . . . . . . . . . . : 192.168.1.207
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.254

The "workaround" would be to execute a script on container start to remove all existing ip's and specifically add the one needed for that container, which defeats the purpose of having these options within the CLI or a docker compose file.

Get-NetIPAddress -InterfaceAlias Ethernet | Remove-NetIPAddress -Confirm:$false
New-NetIPAddress -InterfaceIndex 4 -IPAddress 192.168.1.207 -PrefixLength 24 -ErrorAction SilentlyContinue

Please note that I did try this same test with an IIS container (mcr.microsoft.com/windows/servercore/iis:windowsservercore-20H2), as well as declaring both from a docker compose file, and still experienced identical results as described above.

I'm also wondering if this is related to running within win 10 w/ hyper-v isolation (which is where the above tests were run against), vs win server w/ process isolation. I did perform these same test on server 2019 with process isolation, and the container does persist the static IP during runtime, however, it's not reachable over that network (which is most likely a separate/unrelated issue). However, this is still something that we would expect to work within our development environment.

Environment:

Win 10 Pro
10.0.19044.1889
Docker 20.10.17
Docker Desktop 4.12.0
OS/Arch: windows/amd64

Output of docker info:

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc., v0.9.1)
  compose: Docker Compose (Docker Inc., v2.10.2)
  extension: Manages Docker extensions (Docker Inc., v0.2.9)
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
  scan: Docker Scan (Docker Inc., v0.19.0)

Server:
 Containers: 1
  Running: 0
  Paused: 0
  Stopped: 1
 Images: 23
 Server Version: 20.10.17
 Storage Driver: windowsfilter
  Windows:
 Logging Driver: json-file
 Plugins:
  Volume: local
  Network: ics internal l2bridge l2tunnel nat null overlay private transparent
  Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog
 Swarm: inactive
 Default Isolation: hyperv
 Kernel Version: 10.0 19044 (19041.1.amd64fre.vb_release.191206-1406)
 Operating System: Windows 10 Pro Version 2009 (OS Build 19044.1889)
 OSType: windows
 Architecture: x86_64
 CPUs: 8
 Total Memory: 31.88GiB
 Name: DESKTOP-F67NQ9T
 ID: V6DS:GCAJ:EA2B:XOWT:5HA2:DONP:O3R3:M4PV:OQ4R:RPRS:U4MX:FJYA
 Docker Root Dir: C:\ProgramData\Docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Product License: Community Engine
docker-robott commented 1 year ago

There hasn't been any activity on this issue for a long time. If the problem is still relevant, mark the issue as fresh with a /remove-lifecycle stale comment. If not, this issue will be closed in 30 days.

Prevent issues from auto-closing with a /lifecycle frozen comment.

/lifecycle stale

gerneio commented 1 year ago

/remove-lifecycle stale

docker-robott commented 1 year ago

There hasn't been any activity on this issue for a long time. If the problem is still relevant, mark the issue as fresh with a /remove-lifecycle stale comment. If not, this issue will be closed in 30 days.

Prevent issues from auto-closing with a /lifecycle frozen comment.

/lifecycle stale

gerneio commented 1 year ago

/remove-lifecycle stale

Can confirm identical issue to my OP, and this is on a completely different laptop running Win 11 and updated docker as well as completely different network/router.

Environment:

Win 11 Business 22H2
OS Ver 10.0.22621.1265
Docker 20.10.23
Docker Desktop 4.17.0 (99724)
OS/Arch: windows/x86_64

Output of docker info:

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc., v0.10.3)
  compose: Docker Compose (Docker Inc., v2.15.1)
  dev: Docker Dev Environments (Docker Inc., v0.1.0)
  extension: Manages Docker extensions (Docker Inc., v0.2.18)
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc., 0.6.0)
  scan: Docker Scan (Docker Inc., v0.25.0)
  scout: Command line tool for Docker Scout (Docker Inc., v0.6.0)

Server:
 Containers: 3
  Running: 0
  Paused: 0
  Stopped: 3
 Images: 12
 Server Version: 20.10.23
 Storage Driver: windowsfilter
  Windows: 
 Logging Driver: json-file
 Plugins:
  Volume: local
  Network: ics internal l2bridge l2tunnel nat null overlay private transparent
  Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog
 Swarm: inactive
 Default Isolation: hyperv
 Kernel Version: 10.0 22621 (22621.1.amd64fre.ni_release.220506-1250)
 Operating System: Windows 10 Pro Version 2009 (OS Build 22621.1265)
 OSType: windows
 Architecture: x86_64
 CPUs: 24
 Total Memory: 63.61GiB
 Name: AT-PC30
 ID: 62SQ:RORL:JMYD:DJAZ:JCSH:NBXH:2RJO:CB7X:L6TF:JKRN:24S5:LYML
 Docker Root Dir: C:\ProgramData\Docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Product License: Community Engine
docker-robot[bot] commented 1 year ago

There hasn't been any activity on this issue for a long time. If the problem is still relevant, mark the issue as fresh with a /remove-lifecycle stale comment. If not, this issue will be closed in 30 days.

Prevent issues from auto-closing with a /lifecycle frozen comment.

/lifecycle stale