search

docker / roadmap

Welcome to the Public Roadmap for All Things Docker! We welcome your ideas.
https://github.com/orgs/docker/projects/51
Creative Commons Zero v1.0 Universal
1.74k stars 260 forks source link

Open Docker Desktop at startup without logging on Windows #515

Open AxelGuignard opened 1 year ago

AxelGuignard commented 1 year ago

Tell us about your request It should be possible to start Docker Desktop on windows at startup without having to log in first.

Which service(s) is this request for? Docker for Windows

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? After a long and frustrating search, I came to the conclusion that it is currently impossible to start Docker Desktop or the docker engine at startup on windows without logging with a user.

Solutions I found on internet were either to configure a task to launch Docker Desktop at startup or to use the daemon as a service that automatically start. None of these seem to work anymore, because now Docker Desktop must be run in interactive mode and it seems that starting dockerd alone don't work with windows, or at least is not supposed to be used that way.

I understand there is a security issue of being able to run docker without logging first, but it makes it impossible to run applications in production reliably using docker, as a server reboot will make them inaccessible until someone actively logs into the server and start Docker Desktop. This can lead to frequent application outages, that are easily fixed (providing there is someone available and authorized to log into the server and start Docker Desktop), but hinders productivity and customer satisfaction. There are other cases when this is inconvenient, such as using docker to do CI.

We should be able to automatically start Docker Desktop at server startup in production.

Are you currently working around the issue? As far as I know from my research, the only workaround is to automatically logs a user at startup, but the security implications are way worse so we didn't do that.

Additional context Docker Desktop v4.21.1 Windows Server 2022

macmirchdocker commented 1 year ago

What you describe should be possible through the Docker Engine - the instructions for install of this are available here. This would not be possible with Docker Desktop.

AxelGuignard commented 1 year ago

Hi @macmirchdocker. Since Docker Desktop is the preferred way of installing docker on windows (according to docker documentation), this feature should be available for Docker Desktop. If windows limitations don't allow that, using the engine directly could indeed be a workaround, except that I believe it is not currently possible to launch the docker engine at windows startup.

I tried installing docker directly in WSL, but once again you can't start it at windows startup without logging in with a user.

At the moment, there is no way of doing that except with some whacky workaround like auto login.

I don't consider this issue closed.

macmirchdocker commented 1 year ago

Re-opening.

WhimsicalWalrus commented 8 months ago

Has this issue been revisited at all?

fricpa commented 7 months ago

What a pain. I am trying to set up a Windows Server to be a Jenkins Agent but there is no way to enable it to run docker commands because of this. A selection of errors I get when trying various workarounds are:

docker: error during connect: in the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect: Post "http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.24/containers/create": open //./pipe/docker_engine: Das System kann die angegebene Datei nicht finden.
See 'docker run --help'.

C:\Users\Administrator>docker run hello-world
    docker: request returned Internal Server Error for API route and version http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.24/containers/create, check if the server supports the requested API version.
    See 'docker run --help'.

docker: Error response from daemon: hcs::CreateComputeSystem 49df84e247a5146d5a480bf71da3d654c1f815923e13a6febe9e8ccf86c24b6d: Die Anforderung wird nicht unterstützt.

the various docker .exe seem to start, but they are never in a functional state (for running containers in the WSL 2 backend) except when Docker Desktop is started interactively.

The Server I need to get this to work on doesn't allow me to configure auto login and I cannot allow "Log on as a batch job" for the admin user due to a group policy. Running a scheduled job at boot as the SYSTEM authority also doesn't bring up docker in a functional state.

andyg2 commented 4 months ago

Does ARSO help in your situation? Admittedly it's a variation of automatic login but it also locks the session.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/winlogon-automatic-restart-sign-on--arso-

fricpa commented 4 months ago

I ended up creating another local admin user (besides the default Administrator on Windows Server) and could configure automatic login for that via netplwiz and by following https://www.makeuseof.com/windows-11-missing-auto-login-fix/ to restore the auto login option there. Now I just have a shellscript in shell:startup that definitely runs in user mode and Docker Desktop is started properly and then I can finally run some docker commands in my Jenkins Agent jobs...

grazy27 commented 3 months ago

Does ARSO help in your situation? Admittedly it's a variation of automatic login but it also locks the session.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/winlogon-automatic-restart-sign-on--arso-

ARSO solved my issue as well. Interestingly, it doesn't work if last login was made via RDP, after physically logging in to server once it started working