search

docker / for-win

Bug reports for Docker Desktop for Windows
https://www.docker.com/products/docker#/windows
1.85k stars 285 forks source link

Docker engine does not start after update to 4.33.1 / issue with Docker Desktop Privileged Helper and elevation #14240

Open phillies opened 1 month ago

phillies commented 1 month ago

Description

After updating Docker Desktop from 4.32 to 4.33.1 the engine does not start anymore. During the start attempt a "Docker Desktop Privileged Helper" tries to install something / requests elevation. When granted, the engine start goes directly over to engine shutdown. The engine tries to restart after the shutdown, resulting in again the "Docker Desktop Privileged Helper" request. Denying the request leads to an error message that an wsl update failed and Docker Desktop closes. Uninstalling 4.33.1 and reinstalling 4.32 works.

Reproduce

  1. Install docker 4.32 on Windows 11 (installer from docker website)
  2. Update docker to latest version shown in Docker Desktop (4.33.1)
  3. Start Docker Desktop
  4. Elevation request from Docker Desktop Privileged Helper pops up, clicking on yes closes it and docker engine tries to start, then immediately shuts down again and Docker Desktop Privileged Helper window appears again. Clicking No leads to wsl update error. image image

Expected behavior

Docker Desktop Privileged Helper window should close after clicking on yes

docker version

Client:
 Version:           27.0.3
 API version:       1.46
 Go version:        go1.21.11
 Git commit:        7d4bcd8
 Built:             Sat Jun 29 00:01:25 2024
 OS/Arch:           linux/amd64
 Context:           default
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

docker info

Client:
 Version:    27.0.3
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.15.1-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.28.1-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.32
    Path:     /usr/local/lib/docker/cli-plugins/docker-debug
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /usr/local/lib/docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.25
    Path:     /usr/local/lib/docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     /usr/local/lib/docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.10.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-scout
WARNING: Plugin "/usr/local/lib/docker/cli-plugins/docker-scan" is not valid: failed to fetch metadata: fork/exec /usr/local/lib/docker/cli-plugins/docker-scan: no such file or directory

Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info

Diagnostics ID

4D2EDD9D-1FB0-42E7-97D1-7363EB0FFA15/20240805142824

Additional Info

No response

telsaleh commented 1 month ago

Same problem with version 4.33.1 (on Windows 11). Tried also running as Admin, but dashboard just keeps looping between Docker Starting and Stopping.

Diagnostics ID

D594353A-A820-4B7E-B26F-1E146A9BDBF0/20240805184808

TotallyNotYT commented 1 month ago

Having the same issue

Danyalalam commented 1 month ago

same issue 28A128F9-4210-484E-A792-8872A6E0F3E4/20240806110933

andrea-reale commented 1 month ago

Hey all, I have shared a development build that should avoid this loop of "WSL Update required" prompts https://github.com/docker/for-win/issues/13806#issuecomment-2271507065. Feel free to try that out and report any feedback!

(Please, also note that custom WSL2 kernels are not officially supported in Docker Desktop - some of the diagnostics shared in this and other threads point to that as a common source of the problem)

Pierstoval commented 1 month ago

I have the same kind of issue: just updated, now Docker doesn't start.

I rolled back to 4.32.0 and it doesn't start either (while it was 4.32.0 yesterday and it worked perfectly). I tried with your build @andrea-reale, but it didn't work either.

I'm starting to rip my hair out of my head, so I'll take a rest and come back after that, maybe I'll have fresh ideas on how to fix this 😅

Danyalalam commented 1 month ago

Hey, i just reinstalled the docker and its fixed now

andrea-reale commented 1 month ago

I'm starting to rip my hair out of my head, so I'll take a rest and come back after that, maybe I'll have fresh ideas on how to fix this

Hey @Pierstoval , please do not rip your hair off your head! Do instead upload and share a diagnostics bundle if you can, and we'll happily take a look.

telsaleh commented 1 month ago

Thanks @andrea-reale. Tried with your build but now I get another error. Sounds like a factory reset might be required, but would rather check first before destroying all the containers.

image

Diagnostic ID: D594353A-A820-4B7E-B26F-1E146A9BDBF0/20240806200453

egbakou commented 1 month ago

I encountered the same issue. Installing version 4.33.0 worked for me(workaround)

Pierstoval commented 1 month ago

@andrea-reale I reinstalled v4.33.1, went to the "Troubleshoot" settings tab, purged data and reset to factory defaults

Version : 4.33.1 (161083)
Engine: 27.1.1
Compose: v2.29.1-desktop.1
Credential Helper: v0.8.2
Kubernetes: v1.30.2

Docker engine doesn't start, so here's the diagnose check output:

Click to expand ``` & "C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe" check Starting diagnostics [2024-08-07T07:56:58.986581200Z][com.docker.diagnose.exe.ipc] 954252a1-diagnose -> \\.\pipe\dockerBackendApiServer BackendAPI [2024-08-07T07:56:58.990581900Z][com.docker.diagnose.exe.ipc] (f2de6b5b) 954252a1-diagnose C->S BackendAPI POST /idle/make-busy [2024-08-07T07:56:58.992807900Z][com.docker.diagnose.exe.ipc] (f2de6b5b) 954252a1-diagnose C<-S dcb6ef43-BackendAPI POST /idle/make-busy (2.226ms): 0xc00067f450 [2024-08-07T07:56:59.992195500Z][com.docker.diagnose.exe.ipc] (f2de6b5b-1) 954252a1-diagnose C->S BackendAPI GET /idle [2024-08-07T07:56:59.995147600Z][com.docker.diagnose.exe.ipc] (f2de6b5b-1) 954252a1-diagnose C<-S dcb6ef43-BackendAPI GET /idle (2.8429ms): {"apisInFlight":{"/v1.46/info":1,"heartbeat":1},"booted":true,"busyReason":["in-flight APIs: map[/v1.46/info:1 heartbeat:1]","timed activities: map[/idle/make-busy:28998420600 Go-http-client/1.1 /grpc:10535343300 dial//run/guest-services/volume-contents.sock:54346122200 write//run/guest-services/volume-contents.sock:54350002900]"],"timedActivities":{"/idle/make-busy":"float64","Go-http-client/1.1 /grpc":"float64","dial//run/guest-services/volume-contents.sock":54346122200,"write//run/guest-services/volume-contents.sock":54350002900},"vmRunning":true} [PASS] DD0027: is there available disk space on the host? [SKIP] DD0028: is there available VM disk space? [SKIP] DD0002: does the bootloader have virtualization enabled? [SKIP] DD0018: does the host support virtualization? [PASS] DD0001: is the application running? [SKIP] DD0022: is the Virtual Machine Platform Windows Feature enabled? [SKIP] DD0021: is the WSL 2 Windows Feature enabled? [PASS] DD0024: is WSL installed? [PASS] DD0025: are WSL distros installed? [PASS] DD0026: is the WSL LxssManager service running? [PASS] DD0029: is the WSL 2 Linux filesystem corrupt? [PASS] DD0035: is the VM time synchronized? [PASS] DD0017: can a VM be started? [PASS] DD0016: is the LinuxKit VM running? [FAIL] DD0004: is the Docker engine running? Cannot connect to the Docker daemon at npipe:////./pipe/docker_engine_linux. Is the docker daemon running? [PASS] DD0015: are the binary symlinks installed? [FAIL] DD0031: does the Docker API work? prereq failed: is the Docker engine running? [PASS] DD0013: is the $PATH ok? [FAIL] DD0003: is the Docker CLI working? prereq failed: is the Docker engine running? [PASS] DD0005: is the user in the docker-users group? [FAIL] DD0038: is the connection to Docker working? prereq failed: is the Docker engine running? [PASS] DD0014: are the backend processes running? [PASS] DD0007: is the backend responding? [SKIP] DD0009: is the vpnkit API responding? [PASS] DD0010: is the Docker API proxy responding? [SKIP] DD0006: is the Docker Desktop Service responding? [FAIL] DD0030: is the image access management authorized? prereq failed: is the Docker engine running? [PASS] DD0033: does the host have Internet access? [PASS] DD0002: does the bootloader have virtualization enabled? [PASS] DD0018: does the host support virtualization? [PASS] DD0001: is the application running? [PASS] DD0022: is the Virtual Machine Platform Windows Feature enabled? [PASS] DD0021: is the WSL 2 Windows Feature enabled? [PASS] DD0024: is WSL installed? [PASS] DD0025: are WSL distros installed? [PASS] DD0026: is the WSL LxssManager service running? [PASS] DD0029: is the WSL 2 Linux filesystem corrupt? [PASS] DD0035: is the VM time synchronized? [PASS] DD0017: can a VM be started? [PASS] DD0016: is the LinuxKit VM running? [WARN] DD0004: is the Docker engine running? Cannot connect to the Docker daemon at npipe:////./pipe/docker_engine_linux. Is the docker daemon running? [PASS] DD0015: are the binary symlinks installed? [WARN] DD0031: does the Docker API work? prereq failed: is the Docker engine running? [WARN] DD0032: do Docker networks overlap with host IPs? prereq failed: does the Docker API work? Please note the following 3 warnings: 1 : The check: is the Docker engine running? Produced the following warning: Cannot connect to the Docker daemon at npipe:////./pipe/docker_engine_linux. Is the docker daemon running? The Docker engine manages all containers and images on the host. Check the dockerd.log to see why it failed to start. 2 : The check: does the Docker API work? Produced the following warning: prereq failed: is the Docker engine running? If the Docker API is not available from the host then Docker Desktop will not work correctly. 3 : The check: do Docker networks overlap with host IPs? Produced the following warning: prereq failed: does the Docker API work? If the subnet used by a Docker network overlaps with an IP used by the host, then containers won't be able to contact the overlapping IP addresses. Try configuring the IP address range used by networks: in your docker-compose.yml. See https://docs.docker.com/compose/compose-file/compose-file-v2/#ipv4_address-ipv6_address Please investigate the following 1 issue: 1 : The test: is the Docker engine running? Failed with: Cannot connect to the Docker daemon at npipe:////./pipe/docker_engine_linux. Is the docker daemon running? The Docker engine manages all containers and images on the host. Check the dockerd.log to see why it failed to start. ```

Also, here's my %HOME%/.wslconfig file:

[wsl2]
kernelCommandLine=ipv6.disable=1
memory=20GB
swap=4GB
localhostForwarding=true
processors=4

[experimental]
sparseVhd=true

I also have the failed to unregister WSL docker-desktop distro: Accès refusé. error now when I want to refresh WSL's integration in the Settings > Resources > WSL Integration panel.

andrea-reale commented 1 month ago

@telsaleh thanks for uploading your diagnostics. From the logs, I can see a WSL2 error that says:

[2024-08-06T20:02:53.965973700Z][com.docker.backend.exe.WSLKeepAlive] Failed to attach disk 'F:\docker\wsl\disk\ext4.vhdx' to WSL2: The system cannot find the file specified.

It looks like WSL2 cannot find the disk backing the docker-desktop-data distribution at the expected path. A factory reset will definitely help (note that all existing containers, images, etc. will be deleted), unless you know what might have happened to the missing disk.

andrea-reale commented 1 month ago

@Pierstoval, can you please share the diagnostics ID (it's a string similar to: D594353A-A820-4B7E-B26F-1E146A9BDBF0/20240806200453).

This is generated by going in the Troubleshoot menu (the bug shaped icon on the top bar), then clicking on Get Support, and finally clicking Upload to get a Diagonostics ID. Thanks

Pierstoval commented 1 month ago

@andrea-reale Yep, here it is: C7599527-E956-48F0-BC16-D8C9E30ACB42/20240807075941.

I can run other diagnostics if you need, because it's heavily changing, sometimes I have different errors... (rip hair from head, etc. 😂).

I just restarted it and got Unable to calculate image disk size right at launch time. After that, I checked my WSL distro in Resources > WSL integrations . I also had the "Privileged service not started" error, clicked on "Start"

andrea-reale commented 1 month ago

Hey @Pierstoval,

from the logs I see that the problem is related to the fact that you have IPv6 disabled in your wsl config: (kernelCommandLine=ipv6.disable=1).

FATAL: running services: running services namespace: adding IPv6 to services1

Is that something that you (or your company administrator, if any) recently changed?

Pierstoval commented 1 month ago

I've been using this for years, as ipv6 is not supported everywhere, and I had issues with it enabled in the past. I wonder why it would suddenly break things right now 🤔

EDIT: Oh my. I re-enabled ipv6 and it now starts. With the latest version 😱 I'm gonna check lots of things to see if my projects work on it (though I have to re-download all images and reinstall all the projects I'm working on 😑)

EDIT 2: apparently, my main project works... 😱

Carigo77 commented 1 month ago

Docker doesn't work anymore since 12. Juli '24.

It worked for 2 Years, now it stucks in engine starting. Nothing helped, updates, new installation,

Whats wrong?

NawarA commented 1 month ago

Same thing, going to try uninstalling and reinstalling. Bad update

NawarA commented 1 month ago

Same thing, going to try uninstalling and reinstalling. Bad update

this works

bigsk1 commented 1 month ago

same issue, doesn't start and just keeps asking for previledge helper in a loop.

wsl --update which I run and is already up to date

dia ID A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808033712

EDIT:

solved by commenting out in wslconfig

[wsl2]
# kernel=C:\\Users\\dragon\\bzImage-5-15-153-1
Pierstoval commented 1 month ago

@bigsk1 for the record, I think custom kernels are kinda experimental in WSL

bigsk1 commented 1 month ago

@bigsk1 for the record, I think custom kernels are kinda experimental in WSL

I say custom but I mean latest from wsl github repo and complied, after 2 years without a wsl update nativly had to take measures. I think there was something specfic at the time and needed above a certain kernel in order to work. Such is life..

telsaleh commented 1 month ago

@telsaleh thanks for uploading your diagnostics. From the logs, I can see a WSL2 error that says:

[2024-08-06T20:02:53.965973700Z][com.docker.backend.exe.WSLKeepAlive] Failed to attach disk 'F:\docker\wsl\disk\ext4.vhdx' to WSL2: The system cannot find the file specified.

It looks like WSL2 cannot find the disk backing the docker-desktop-data distribution at the expected path. A factory reset will definitely help (note that all existing containers, images, etc. will be deleted), unless you know what might have happened to the missing disk.

Thanks @andrea-reale for pointing this out. I recently had to move docker to another drive, and hence the problem. A rename of the file fixed the issue.
Working now, many thanks!!

N.B: Probably worth confirming that on my other (unadministered) machine , it worked fine without the need for the special updated version.

tparikkaatmilliman commented 1 month ago

same issue, doesn't start and just keeps asking for previledge helper in a loop.

wsl --update which I run and is already up to date

dia ID A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808033712

EDIT:

solved by commenting out in wslconfig

[wsl2]
# kernel=C:\\Users\\dragon\\bzImage-5-15-153-1

This might be rough for users who are utilizing custom kernels in order to address #12944 / https://github.com/carlfriedrich/wsl-kernel-build/issues/1 - that defect requires the selection of a custom kernel to avoid excessive memory usage. Is anyone else here encountering this issue not also using custom kernels?

phillies commented 1 month ago

same issue, doesn't start and just keeps asking for previledge helper in a loop. wsl --update which I run and is already up to date dia ID A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808033712 EDIT: solved by commenting out in wslconfig

[wsl2]
# kernel=C:\\Users\\dragon\\bzImage-5-15-153-1

This might be rough for users who are utilizing custom kernels in order to address #12944 / carlfriedrich/wsl-kernel-build#1 - that defect requires the selection of a custom kernel to avoid excessive memory usage. Is anyone else here encountering this issue not also using custom kernels?

Yes, I'm using vanilla wsl (as far as I'm aware, never intentionally set a custom kernel)

mattezell commented 4 weeks ago

same issue, doesn't start and just keeps asking for previledge helper in a loop. wsl --update which I run and is already up to date dia ID A89CF936-1CF7-4B13-AD32-CF7D80A703F4/20240808033712 EDIT: solved by commenting out in wslconfig

[wsl2]
# kernel=C:\\Users\\dragon\\bzImage-5-15-153-1

This might be rough for users who are utilizing custom kernels in order to address #12944 / carlfriedrich/wsl-kernel-build#1 - that defect requires the selection of a custom kernel to avoid excessive memory usage. Is anyone else here encountering this issue not also using custom kernels?

Yes, I am now experiencing this and am not using a custom kernel (I don't even have a .wslconfig).

cdonnellytx commented 4 weeks ago

Getting this too.

demugen commented 4 weeks ago

Installing the latest version of WSL helped me get Docker Desktop running. https://github.com/microsoft/WSL/releases

matsgf commented 3 weeks ago

I've been using this for years, as ipv6 is not supported everywhere, and I had issues with it enabled in the past. I wonder why it would suddenly break things right now 🤔

EDIT: Oh my. I re-enabled ipv6 and it now starts. With the latest version 😱 I'm gonna check lots of things to see if my projects work on it (though I have to re-download all images and reinstall all the projects I'm working on 😑)

EDIT 2: apparently, my main project works... 😱

Where and how did you re-enable ipv6? (windows, docker, wsl2?) trying to get this to work as well too

Pierstoval commented 3 weeks ago

Where and how did you re-enable ipv6? (windows, docker, wsl2?)

To enable/disable ipv6 in WSL, edit to your %HOME%/.wslconfig file (or create it if you don't have it) and add this:

[wsl2]
kernelCommandLine=ipv6.disable=1

The example above will disable ipv6.

In my setup, I had it disabled and when I removed this line of config, it fixed the issue.

(though I still don't understand why)

bdkuhman commented 3 weeks ago

Same issue after updating to 4.33.1 (161083)

Was previously running 4.32 fine

Updated to WSL 2.3.17, WSL kernel 6.6, then docker, and rolled back to WSL 2.2.4 and kernel 6.1.21.2

When docker starts, it keeps asking for the UAC for C:\Program Files\Docker\Docker\resources\com.docker.admin.exe" wsl-update , but wsl is up to date.

Running docker with privilege has docker constantly starting and stopping in a loop.

685A9D10-74D9-48FC-AC3E-033962CD07CD/20240822135617 and 685A9D10-74D9-48FC-AC3E-033962CD07CD/20240822140032

andrea-reale commented 3 weeks ago

@bdkuhman , please see this comment and let me know if that helps.

bdkuhman commented 3 weeks ago

@bdkuhman , please see this comment and let me know if that helps.

@andrea-reale, Thanks! Dev build fixed UAC issue, Docker's still failing to start. With kernel 6.6 error spotted in wslbootstrap log: "[2024-08-22T16:28:26.142128706Z][wsl-bootstrap][F] exit status 32" bundle 685A9D10-74D9-48FC-AC3E-033962CD07CD/20240822163021

With kernel 6.1 error spotted in wslbootstrap log: "[2024-08-22T16:37:23.953265555Z][wsl-bootstrap][F] mounting /lib/modules to /tmp/docker-desktop-<USER>/lib/modules: no such file or directory" bundle 685A9D10-74D9-48FC-AC3E-033962CD07CD/20240822163732

both wsl 2.2.4.0 and 2.3.17.0

EDIT: this comment helped with modules not being found in 6.1; but I'm still getting exit status 32 with kernel 6.6.

skiesewetter-intershop commented 2 weeks ago

At least on Windows a system restart seems to fix the problem. Afterwards Docker Desktop and the docker engine are starting properly.

matsgf commented 2 weeks ago

For me it fails the first time with the message wsl update failed. Second time i start docker desktop it starts ok...

agray commented 2 weeks ago

Why is this issue dragging on for so long?

tobesucht commented 2 weeks ago

For me purge data & factory reset helped to fix the problem.

hewittmwork commented 1 week ago

Why no solution yet!?

hewittmwork commented 1 week ago

This is all I am getting in the report log. 1725554399-13270dff1bd40864e018aab7ce955e2470b4dabf4e994d1d6959e70b4502fdc285eb691ed8fd7b8a8dd270463bcc72f0cd99c978221e70c440dca94bbae070c7

andrea-reale commented 1 week ago

Hey there, please try out Docker Desktop 4.34.1 (download page), and let us know if the issue with WSL Updates and Privilege Helper loops continues.

agray commented 1 week ago

Why can't you just fix the problem??

kimwuchen commented 4 days ago

Hey there, please try out Docker Desktop 4.34.1 (download page), and let us know if the issue with WSL Updates and Privilege Helper loops continues.

It really works in my lab, thanks my friend.