search

microsoft / navcontainerhelper

Official Microsoft repository for BcContainerHelper, a PowerShell module, which makes it easier to work with Business Central Containers on Docker.
MIT License
369 stars 239 forks source link

New-BCContainer with databaseparams fails at Import Encryption Key #3247

Open jordihayes opened 7 months ago

jordihayes commented 7 months ago

PLEASE DO NOT INCLUDE ANY PASSWORDS OR TOKENS IN YOUR ISSUE!!!

Describe the issue New-BCContainer with databaseparams fails at Import Encryption Key. I have installed SQL server on host, and enabled mixed mode authentication. I have created sa user in SQL Server on host. I have disabled all firewall on host.

Scripts used to create container and cause the issue

# new-navbccontainer with sql server database created in host machine

$containerName = 'bcserver4'
$password = 'P@ssw0rd'
$securePassword = ConvertTo-SecureString -String $password -AsPlainText -Force
$credential = New-Object pscredential 'admin', $securePassword
$auth = 'UserPassword'

#$licenseFile = $licenseFileSecret.SecretValueText

#$artifactUrl = Get-BcArtifactUrl -country us
$artifactUrl = "https://bcartifacts.azureedge.net/sandbox/22.5.59966.60187/au"

$databaseParams = @{
    "databaseServer" = 'host.containerhelper.internal'
    "databaseInstance" = ''
    "databasePrefix" = "$containerName-"
    "databaseName" = 'CRONUS'
    "databaseCredential" = New-Object pscredential 'sa', $securePassword
    "multitenant" = $true
}

New-BcContainer @databaseParams -replaceExternalDatabases `
    -accept_eula `
    -containerName $containerName `
    -credential $credential `
    -auth $auth `
    -artifactUrl $artifactUrl `    
    -updateHosts

Full output of scripts

S C:\Windows\system32> C:\Users\jorda\Desktop\docker shortcuts\Create BCContainer with local database.ps1
BcContainerHelper is version 6.0.0
BcContainerHelper is running as administrator
HyperV is Enabled
UsePsSession is True
Host is Microsoft Windows 11 Pro - 10.0.22621.2715
Docker Client Version is 24.0.6
Docker Server Version is 24.0.6
Removing Session bcserver4
Removing container bcserver4
Removing Desktop shortcuts
Removing C:\ProgramData\BcContainerHelper\Extensions\bcserver4
Setting database bcserver4-tenant offline
Removing database bcserver4-tenant
Setting database bcserver4-CRONUS offline
Removing database bcserver4-CRONUS
Starting Database Restore job from https://bcartifacts.azureedge.net/sandbox/22.5.59966.60187/au
C:\Program Files\WindowsPowerShell\Modules\BcContainerHelper\6.0.0\Import-BcContainerHelper.ps1
Fetching all docker images
Fetching all docker volumes
Using image mcr.microsoft.com/businesscentral:10.0.20348.2031
Creating Container bcserver4
Style: sandbox
Multitenant: Yes
Version: 22.5.59966.60187
Platform: 22.0.60139.0
Generic Tag: 1.0.2.14
Container OS Version: 10.0.20348.2031 (ltsc2022)
Host OS Version: 10.0.22621.2715 (22H2)
Using process isolation
Using locale en-AU
Disabling the standard eventlog dump to container log every 2 seconds (use -dumpEventLog to enable)
Files in C:\ProgramData\BcContainerHelper\Extensions\bcserver4\my:
- AdditionalOutput.ps1
- MainLoop.ps1
- SetupDatabase.ps1
- SetupVariables.ps1
- updatecontainerhosts.ps1
Creating container bcserver4 from image mcr.microsoft.com/businesscentral:10.0.20348.2031
ae202d052745af028715b57add1727ccb1d81ef27b7cf77e3dc694bd4df49056
Waiting for container bcserver4 to be ready
Using artifactUrl https://bcartifacts.azureedge.net/sandbox/22.5.59966.60187/au
Using installer from C:\Run\210-new
Installing Business Central
Installing from artifacts
Starting Local SQL Server
Starting Internet Information Server
Copying Service Tier Files
c:\dl\sandbox\22.5.59966.60187\platform\ServiceTier\Program Files
c:\dl\sandbox\22.5.59966.60187\platform\ServiceTier\System64Folder
Copying PowerShell Scripts
c:\dl\sandbox\22.5.59966.60187\platform\WindowsPowerShellScripts\Cloud\NAVAdministration
c:\dl\sandbox\22.5.59966.60187\platform\WindowsPowerShellScripts\WebSearch
Copying Web Client Files
c:\dl\sandbox\22.5.59966.60187\platform\WebClient\Microsoft Dynamics NAV
Copying ModernDev Files
c:\dl\sandbox\22.5.59966.60187\platform
c:\dl\sandbox\22.5.59966.60187\platform\ModernDev\program files\Microsoft Dynamics NAV
Copying additional files
Copying ConfigurationPackages
C:\dl\sandbox\22.5.59966.60187\au\ConfigurationPackages
Copying Test Assemblies
C:\dl\sandbox\22.5.59966.60187\platform\Test Assemblies
Copying Extensions
C:\dl\sandbox\22.5.59966.60187\au\Extensions
Copying Applications
C:\dl\sandbox\22.5.59966.60187\platform\Applications
Copying Applications.AU
C:\dl\sandbox\22.5.59966.60187\au\Applications.AU
Copying dependencies
Copying ReportBuilder
Importing PowerShell Modules
Skipping restore of Cronus database
Modifying Business Central Service Tier Config File for Docker
Creating Business Central Service Tier
Installing SIP crypto provider: 'C:\Windows\System32\NavSip.dll'
Installation took 38 seconds
Installation complete
Initializing...
Setting host.containerhelper.internal to 172.24.16.1 in container hosts file
Starting Container
Hostname is bcserver4
PublicDnsName is bcserver4
Using NavUserPassword Authentication
Waiting for database creation to finish
Success
Import Encryption Key
Cannot establish a connection to the SQL Server/Database.

This could be due to one of the following reasons:

* SQL Server is not started.
* The database does not exist.
* Proper permissions have not been given to the NAV Server Account.

Try again later or contact your system administrator.
at <ScriptBlock>, C:\run\setupDatabase.ps1: line 152
at <ScriptBlock>, C:\Run\my\SetupDatabase.ps1: line 2
at <ScriptBlock>, C:\Run\navstart.ps1: line 138
at <ScriptBlock>, C:\Run\start.ps1: line 384
at <ScriptBlock>, <No file>: line 1Error
Using artifactUrl https://bcartifacts.azureedge.net/sandbox/22.5.59966.60187/au
Using installer from C:\Run\210-new
Installing Business Central
Installing from artifacts
Starting Local SQL Server
Starting Internet Information Server
Copying Service Tier Files
c:\dl\sandbox\22.5.59966.60187\platform\ServiceTier\Program Files
c:\dl\sandbox\22.5.59966.60187\platform\ServiceTier\System64Folder
Copying PowerShell Scripts
c:\dl\sandbox\22.5.59966.60187\platform\WindowsPowerShellScripts\Cloud\NAVAdministration
c:\dl\sandbox\22.5.59966.60187\platform\WindowsPowerShellScripts\WebSearch
Copying Web Client Files
c:\dl\sandbox\22.5.59966.60187\platform\WebClient\Microsoft Dynamics NAV
Copying ModernDev Files
c:\dl\sandbox\22.5.59966.60187\platform
c:\dl\sandbox\22.5.59966.60187\platform\ModernDev\program files\Microsoft Dynamics NAV
Copying additional files
Copying ConfigurationPackages
C:\dl\sandbox\22.5.59966.60187\au\ConfigurationPackages
Copying Test Assemblies
C:\dl\sandbox\22.5.59966.60187\platform\Test Assemblies
Copying Extensions
C:\dl\sandbox\22.5.59966.60187\au\Extensions
Copying Applications
C:\dl\sandbox\22.5.59966.60187\platform\Applications
Copying Applications.AU
C:\dl\sandbox\22.5.59966.60187\au\Applications.AU
Copying dependencies
Copying ReportBuilder
Importing PowerShell Modules
Skipping restore of Cronus database
Modifying Business Central Service Tier Config File for Docker
Creating Business Central Service Tier
Installing SIP crypto provider: 'C:\Windows\System32\NavSip.dll'
Installation took 38 seconds
Installation complete
Initializing...
Setting host.containerhelper.internal to 172.24.16.1 in container hosts file
Starting Container
Hostname is bcserver4
PublicDnsName is bcserver4
Using NavUserPassword Authentication
Waiting for database creation to finish
Success
Import Encryption Key
Cannot establish a connection to the SQL Server/Database.

This could be due to one of the following reasons:

* SQL Server is not started.
* The database does not exist.
* Proper permissions have not been given to the NAV Server Account.

Try again later or contact your system administrator.
at <ScriptBlock>, C:\run\setupDatabase.ps1: line 152
at <ScriptBlock>, C:\Run\my\SetupDatabase.ps1: line 2
at <ScriptBlock>, C:\Run\navstart.ps1: line 138
at <ScriptBlock>, C:\Run\start.ps1: line 384
at <ScriptBlock>, <No file>: line 1
New-BcContainer Telemetry Correlation Id: b7d0b592-3a37-4405-a23a-e046314deb32
Initialization of container bcserver4 failed
At C:\Program Files\WindowsPowerShell\Modules\BcContainerHelper\6.0.0\ContainerHandling\Wait-NavContainerReady.ps1:42 char:17
+ ...             throw "Initialization of container $containerName failed" ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (Initialization ...cserver4 failed:String) [], RuntimeException
    + FullyQualifiedErrorId : Initialization of container bcserver4 failed

Screenshots None

Additional context Database were successfully created and restored on Host. Host is on windows 11 Pro. I have successfully ran dockers before but with SQL server express installed in docker container itself. This is 1st time attempting to create docker with connection to host sql server.

KristofKlein commented 4 months ago

so the Host machines runs the SQL Server DB ? Have you added the users you provide here to the DB Server, mapped to the DB in question, and set the SQL server to allow mixed mode auth? ...oh you wrote that in the top.... check it once more :) not sure you have to map the sa user....

you can use the broken container to test a couple of things: like : can you reach the host ( ping) can you reach the SQL server invoke-sqlcmd ) you might also want to check the SQL Logs to see if the SQL server had a reason to kick the login from the user you provide.

GezerAhmet commented 3 months ago

I've the same issue, thx to @KristofKlein, first step to check some details, ping host.containerhelper.internal.

Pinging host.containerhelper.internal [172.25.240.1] with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out.

Ping statistics for 172.25.240.1: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

so I find out, hosts file in bc-container is written (name host.containerhelper.internal->172.25.240.1). Maybe the network adapter seems to be lost. Is there an idea to check the next gear?

freddydk commented 2 months ago

-updateHosts causes ContainerHelper to set host.containerhelper.internal to the IP number of the gateway inside the container, which should work if you are using the default NAT network.

GezerAhmet commented 2 months ago

-updateHosts causes ContainerHelper to set host.containerhelper.internal to the IP number of the gateway inside the container, which should work if you are using the default NAT network.

Yes, I understood that too. Currently you can only install containers with Hyper-V. Is it possible that this results in an overlap in the IP address? Then that might be an explanation for why it doesn't ping for me.

freddydk commented 2 months ago

If you are running Windows Server 2016, 2019 or 2022 - you can run process or hyperv isolation (with an advantage in perf to process isolation) If you are running Windows 11 - you can run process or hyperv isolation (with an advantage in perf to hyperv isolation on my machine at least) If you are running Windows 10 - you can run hyperv isolation.

The network stack is orthogonal to whether you are running process or hyperv isolation. If you run:

ipconfig /all

on the host and in the container.

then you should on the host have something like: image

Which is the virtual network adapter, which your containers are using as their default gateway to connect to the outside world. Inside the container, you should have a default gateway pointing to that IP, like: image

It is important that your SQL Server listens on ALL IP addresses - not only on 127.0.0.1 or the public IP.

If host.containerhelper.internal points to the default gateway and you can ping 8.8.8.8: image

Then your network stack is working. Whether you can ping the host.containerhelper.internal depends on the firewall on the host. The host firewall also needs to be open for port 1433