search

microsoft / navcontainerhelper

Official Microsoft repository for BcContainerHelper, a PowerShell module, which makes it easier to work with Business Central Containers on Docker.
MIT License
381 stars 243 forks source link

Issue connecting to container when I set process isolation #422

Closed geeknikolai closed 5 years ago

geeknikolai commented 5 years ago

I've recently updated to Windows 1809 so there is probably some windows setting I need to change but I'm hoping you might be able to point me in the right direction - and this will help others who get the same issue.

When I run the following script it all succeeds nicely (Nav container bcdev successfully created), but then I cannot actually connect to BC (Web Client times out, CSide client can't connect, SQL Server Management Studio cannot find bcdev\sqlexpress etc...). If I add -isolation hyperv it all works. 

$containername = 'bcdev'
$navdockerimage = 'microsoft/bcsandbox:au'
$licensefilepath = 'C:\[path].flf'

$credential = get-credential 
New-NavContainer -imageName $navdockerimage `
                 -accept_eula:$true `
                 -containername $containername `
                 -auth NavUserPassword `
                 -Credential $credential `
                 -licenseFile $licensefilepath `
                 -doNotExportObjectsToText `
                 -useBestContainerOS `
                 -alwaysPull `
                 -includeCSide `
                 -usessl:$false `
                 -updateHosts `
                 -assignPremiumPlan `
                 -shortcuts Desktop

So I guess it's something to do with the networking. I can can ping bcdev and I've checked the hosts file is updated correctly.

Some more troubleshooting: I did the following on my local cmd and the bcdev Command Prompt.

Sqlcmd -s bcdev\sqlexpress 
select name from master.dbo.sysdatabases
go

in the bcdev Command Prompt I get the FinancialAU database listed, on my local cmd I get a list of databases from my local SQLEXPRESS instead.

I'm hoping this is obvious to someone - it's way above my head.

freddydk commented 5 years ago

If you can share the output of the new-navcontainer, then it contains a lot of information, which can help the troubleshooting

geeknikolai commented 5 years ago

Here is the output (removing all the image download lines, and changed the containername)

$containername = 'processiso'
$navdockerimage = 'microsoft/bcsandbox:au'
$licensefilepath = 'C:\temp\Empired D365 BC License.flf'

$credential = get-credential 
New-NavContainer -imageName $navdockerimage `
                 -accept_eula:$true `
                 -containername $containername `
                 -auth NavUserPassword `
                 -Credential $credential `
                 -licenseFile $licensefilepath `
                 -doNotExportObjectsToText `
                 -useBestContainerOS `
                 -alwaysPull `
                 -includeCSide `
                 -usessl:$false `
                 -updateHosts `
                 -assignPremiumPlan `
                 -shortcuts Desktop 

cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
NavContainerHelper is version 0.6.0.5
Host is Microsoft Windows 10 Enterprise - ltsc2019
Docker Client Version is 18.09.2
Docker Server Version is 18.09.2
Pulling image microsoft/bcsandbox:au-ltsc2019
au-ltsc2019: Pulling from microsoft/bcsandbox
(... lots of images)
8fce4c145064: Pull complete

Digest: sha256:3acbde40a8cb4c6cb9d4de30543b054568b9abe79f39ed2e9daa68c2c16f98d6
Status: Downloaded newer image for microsoft/bcsandbox:au-ltsc2019
Using image microsoft/bcsandbox:au-ltsc2019
Creating Nav container processiso
Using license file C:\temp\Empired D365 BC License.flf
Version: 14.0.29537.31313-AU
Platform: 14.0.29530.31247
Generic Tag: 0.0.9.3
Container OS Version: 10.0.17763.379 (ltsc2019)
Host OS Version: 10.0.17763.107 (ltsc2019)
Using process isolation
Creating container processiso from image microsoft/bcsandbox:au-ltsc2019
8d42fda59c8545c09622070368f214415f41b4c23bd59bf22f21089d525bcd26
Waiting for container processiso to be ready
Initializing...
Starting Container
Hostname is processiso
PublicDnsName is processiso
Using NavUserPassword Authentication
Starting Local SQL Server
Starting Internet Information Server
Creating Self Signed Certificate
Self Signed Certificate Thumbprint 486FCFF059C8D204D779FD2FE9254970F57900CC
Modifying Service Tier Config File with Instance Specific Settings
Starting Service Tier
Creating DotNetCore Web Server Instance
Enabling Financials User Experience
Using license file 'c:\run\my\license.flf'
Import License
Creating http download site
Creating Windows user sa
Setting SA Password and enabling SA
Creating sa as SQL User and add to sysadmin
WARNING: This license is not compatible with this version of Business Central.
Creating SUPER user
WARNING: This license is not compatible with this version of Business Central.
WARNING: This license is not compatible with this version of Business Central.
WARNING: This license is not compatible with this version of Business Central.
Assign Premium plan for SA
Container IP Address: 172.30.33.164
Container Hostname  : processiso
Container Dns Name  : processiso
Web Client          : http://processiso/NAV/
Dev. Server         : http://processiso
Dev. ServerInstance : NAV

Files:
http://processiso:8080/al-3.0.106655.vsix

Initialization took 111 seconds
Ready for connections!
Reading CustomSettings.config from processiso
Creating Desktop Shortcuts for processiso
Nav container processiso successfully created
freddydk commented 5 years ago

What is the content of c:\windows\system32\drivers\etc\hosts Any difference in that when running process / hyperv isolation? Could you try to run ipconfig /flushdns right after creating the container (to see if this has anything to do with caching)?

geeknikolai commented 5 years ago

My hosts file looks like it is updated fine (I've just run the script again since the other day so it's a different IP than above)

10.33.8.151 host.docker.internal
10.33.8.151 gateway.docker.internal
172.27.53.238 bcdev
172.17.184.129 bchyperv
172.17.184.165 bcprocess

I've compared the output from creating bchyperv and bcprocess and the only difference (apart from id's) is the line "Using hyperv isolation" vs. "Using process isolation", everything else is the same.

ipconfig /flushdns ran ok, but I still have the same issue.

geeknikolai commented 5 years ago

Some more troubleshooting. I just think my computer/corporate network is not allowing me to connect to the container if it is process isolation. I tried following the instructions on this page https://stefanscherer.github.io/how-to-run-lightweight-windows-containers-on-windows-10/ and got the same thing (site can't be reached, ERR_CONNECTION_TIMED_OUT)

freddydk commented 5 years ago

And if you ping bcprocess - can it resolve the IP number correctly? (is this a DNS/Hosts issue)

geeknikolai commented 5 years ago

Yeah ping works, it resolves the IP correctly.

I haven't tried telnet (cos I don't really know what I'm doing with telnet... ping I can do).

thenavguy commented 5 years ago

Hi, I too face exactly same issue. I am on Azure VM[Just created the environment from http://aka.ms/getbc 1 hour ago].

navserver container works file. But 2nd container gives issue.

Can ping the 2nd container with container name and it returns results. Can connect the navserver container web client outside the VM. necessary ports are opened in Windows Defender Firewall as well in Azure VM for 2nd container

Cannot connect the 2nd container web client outside and within the VM

New-NavContainer -containerName bcapp -accept_eula -accept_outdated -alwaysPull -assignPremiumPlan -auth NavUserPassword -ClientServicesPort 5046 -Credential admin -enableSymbolLoading -FileSharePort 8181 -imageName mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019 -includeCSide -includeTestLibrariesOnly -includeTestToolkit -isolation process -licenseFile c:\RUN\my\lic.flf -ManagementServicesPort 5045 -myScripts c:\RUN\my -navDvdCountry W1 -ODataServicesPort 5048 -PublicDnsName bcapp.southeastasia.cloudapp.azure.com -restart unless-stopped -shortcuts Desktop -SoapServicesPort 5047 -updateHosts -useBestContainerOS -useSSL -WebClientPort 5443 NavContainerHelper is version 0.6.0.7 Host is Microsoft Windows Server 2019 Datacenter - ltsc2019 Docker Client Version is 18.09.4 Docker Server Version is 18.09.4 Pulling image mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019 cu3-w1-ltsc2019: Pulling from businesscentral/onprem Digest: sha256:a646c3602ae5524bcc52071fbf120328956951ddf9210eb094105780b09e8502 Status: Image is up to date for mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019 Using image mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019 PublicDnsName is bcapp.southeastasia.cloudapp.azure.com Creating Nav container bcapp Using license file c:\RUN\my\lic.flf Version: 13.3.27233.0-W1 Generic Tag: 0.0.9.3 Container OS Version: 10.0.17763.379 (ltsc2019) Host OS Version: 10.0.17763.437 (ltsc2019) Using process isolation Creating container bcapp from image mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019 41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536 Waiting for container bcapp to be ready Initializing... Starting Container Hostname is bcapp PublicDnsName is bcapp.southeastasia.cloudapp.azure.com Using NavUserPassword Authentication Starting Local SQL Server Starting Internet Information Server Creating Self Signed Certificate Self Signed Certificate Thumbprint F6BA161CACF477FEE6AAD77B1D9E463A735739C9 Modifying Service Tier Config File with Instance Specific Settings Starting Service Tier Creating DotNetCore Web Server Instance Using license file 'c:\run\my\license.flf' Import License Creating http download site Creating Windows user admin Setting SA Password and enabling SA Creating admin as SQL User and add to sysadmin Creating SUPER user Assign Premium plan for admin Container IP Address: 172.21.8.227 Container Hostname : bcapp Container Dns Name : bcapp.southeastasia.cloudapp.azure.com Web Client : https://bcapp.southeastasia.cloudapp.azure.com:5443/NAV/ Dev. Server : https://bcapp.southeastasia.cloudapp.azure.com Dev. ServerInstance : NAV

Files: http://bcapp.southeastasia.cloudapp.azure.com:8181/al-2.1.79379.vsix http://bcapp.southeastasia.cloudapp.azure.com:8181/certificate.cer

Initialization took 77 seconds Ready for connections! Reading CustomSettings.config from bcapp Creating Desktop Shortcuts for bcapp Importing Objects from C:\TestToolKit\CALTestLibraries.W1.fob (container path) TestToolkit successfully imported Export Objects to C:\ProgramData\NavContainerHelper\Extensions\Original-13.3.27233.0-W1\objects.txt (container path) Split C:\ProgramData\NavContainerHelper\Extensions\Original-13.3.27233.0-W1\objects.txt to C:\ProgramData\NavContainerHelper\Exte nsions\Original-13.3.27233.0-W1 (container paths) Export Objects (new syntax) to C:\ProgramData\NavContainerHelper\Extensions\Original-13.3.27233.0-W1-newsyntax\objects.txt (conta iner path) Split C:\ProgramData\NavContainerHelper\Extensions\Original-13.3.27233.0-W1-newsyntax\objects.txt to C:\ProgramData\NavContainerH elper\Extensions\Original-13.3.27233.0-W1-newsyntax (container paths)

docker inspect bcapp [ { "Id": "41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536", "Created": "2019-04-17T03:48:26.8596447Z", "Path": "powershell", "Args": [ "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';", ".\Run\start.ps1" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 8892, "ExitCode": 0, "Error": "", "StartedAt": "2019-04-17T03:48:35.1879853Z", "FinishedAt": "0001-01-01T00:00:00Z", "Health": { "Status": "unhealthy", "FailingStreak": 77, "Log": [ { "Start": "2019-04-17T00:37:12.5853411-04:00", "End": "2019-04-17T00:37:22.5938972-04:00", "ExitCode": -1, "Output": "Health check exceeded timeout (10s)" }, { "Start": "2019-04-17T00:37:52.9900277-04:00", "End": "2019-04-17T00:38:03.0007774-04:00", "ExitCode": -1, "Output": "Health check exceeded timeout (10s)" }, { "Start": "2019-04-17T00:38:33.4872025-04:00", "End": "2019-04-17T00:38:43.4999806-04:00", "ExitCode": -1, "Output": "Health check exceeded timeout (10s)" }, { "Start": "2019-04-17T00:39:13.5603639-04:00", "End": "2019-04-17T00:39:23.5989638-04:00", "ExitCode": -1, "Output": "Health check exceeded timeout (10s)" }, { "Start": "2019-04-17T00:39:53.6987582-04:00", "End": "2019-04-17T00:40:03.7027776-04:00", "ExitCode": -1, "Output": "Health check exceeded timeout (10s)" } ] } }, "Image": "sha256:5e04016648fb618dc9177c287715b96f0a9805358cd2849b1c9fe41018ceaac5", "ResolvConfPath": "", "HostnamePath": "", "HostsPath": "", "LogPath": "C:\ProgramData\docker\containers\41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536\41c629 abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536-json.log", "Name": "/bcapp", "RestartCount": 0, "Driver": "windowsfilter", "Platform": "windows", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "", "ExecIDs": null, "HostConfig": { "Binds": [ "C:\ProgramData\NavContainerHelper\Extensions\bcapp\Program Files:C:\navpfiles", "c:\windows\system32\drivers\etc:C:\driversetc", "C:\ProgramData\NavContainerHelper:C:\ProgramData\NavContainerHelper", "C:\ProgramData\NavContainerHelper\Extensions\bcapp\my:C:\Run\my" ], "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "default", "PortBindings": {}, "RestartPolicy": { "Name": "unless-stopped", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "Dns": [], "DnsOptions": [], "DnsSearch": [], "ExtraHosts": null, "GroupAdd": null, "IpcMode": "", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 0, "ConsoleSize": [ 0, 0 ], "Isolation": "process", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": [], "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": [], "DeviceCgroupRules": null, "DiskQuota": 0, "KernelMemory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": 0, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0, "MaskedPaths": null, "ReadonlyPaths": null }, "GraphDriver": { "Data": { "dir": "C:\ProgramData\docker\windowsfilter\41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536" }, "Name": "windowsfilter" }, "Mounts": [ { "Type": "bind", "Source": "c:\programdata\navcontainerhelper\extensions\bcapp\program files", "Destination": "c:\navpfiles", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "bind", "Source": "c:\windows\system32\drivers\etc", "Destination": "c:\driversetc", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "bind", "Source": "c:\programdata\navcontainerhelper", "Destination": "c:\programdata\navcontainerhelper", "Mode": "", "RW": true, "Propagation": "" }, { "Type": "bind", "Source": "c:\programdata\navcontainerhelper\extensions\bcapp\my", "Destination": "c:\run\my", "Mode": "", "RW": true, "Propagation": "" } ], "Config": { "Hostname": "bcapp", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "1433/tcp": {}, "443/tcp": {}, "7045/tcp": {}, "7046/tcp": {}, "7047/tcp": {}, "7048/tcp": {}, "7049/tcp": {}, "80/tcp": {}, "8080/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "ManagementServicesPort=5045", "ClientServicesPort=5046", "locale=en-US", "useSSL=Y", "securePassword=76492d1116743f0423413b16050a5345MgB8AHkAZQAxAFQAUQA1AFMAdgB1AGwARABUAEkAQgBGADEAbQBNAEwASAA3AFEAP QA9AHwANABjADUAZAAwADIAOQA4ADUANwAxADQAZgBjADkAZQBlADIAOQA3AGYAOABjAGQAOAA3AGYAYwA5ADEANgAxADQAMwA4AGIAYwBmAGIAYgA4AGMAYgBiADMAMg BmAGQANgBmAGMAMAAzADQAYwA0ADYAZAAxADEAZAA3AGUAZAA=", "passwordKeyFile=c:\run\my\aes.key", "accept_outdated=Y", "PublicDnsName=bcapp.southeastasia.cloudapp.azure.com", "auth=NavUserPassword", "licenseFile=c:\run\my\license.flf", "databaseServer=", "ODataServicesPort=5048", "databaseInstance=", "ExitOnError=N", "enableApiServices=Y", "enableSymbolLoading=Y", "removePasswordKeyFile=Y", "WebClientPort=5443", "FileSharePort=8181", "SoapServicesPort=5047", "username=admin", "accept_eula=Y", "DatabaseName=CRONUS", "NAVDVDURL=https://nav2016wswe0.blob.core.windows.net/dvd/8b6d303f-f309-4dc6-b543-b1807635f1e2", "VSIXURL=https://nav2016wswe0.blob.core.windows.net/dvd/al-2.1.79379.vsix", "IsBcSandbox=N" ], "Cmd": [ "powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';", ".\Run\start.ps1" ], "Healthcheck": { "Test": [ "CMD", "powershell", ".\Run\HealthCheck.ps1" ], "Interval": 30000000000, "Timeout": 10000000000 }, "ArgsEscaped": true, "Image": "mcr.microsoft.com/businesscentral/onprem:cu3-w1-ltsc2019", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "country": "W1", "created": "201904020233", "cu": "cu3", "eula": "https://go.microsoft.com/fwlink/?linkid=861843", "legal": "http://go.microsoft.com/fwlink/?LinkId=837447", "maintainer": "Dynamics SMB", "nav": "1810", "osversion": "10.0.17763.379", "tag": "0.0.9.3", "version": "13.3.27233.0" } }, "NetworkSettings": { "Bridge": "", "SandboxID": "41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": { "1433/tcp": null, "443/tcp": null, "7045/tcp": null, "7046/tcp": null, "7047/tcp": null, "7048/tcp": null, "7049/tcp": null, "80/tcp": null, "8080/tcp": null }, "SandboxKey": "41c629abf2c6326602df6248954cc9cc10502b0d9e2818760b635c7bcba0f536", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "", "Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "", "IPPrefixLen": 0, "IPv6Gateway": "", "MacAddress": "", "Networks": { "nat": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "632d0a50dc1d0a01d7e2d134a00e782c3ccd4e816e5e50282d3a9a50b7023961", "EndpointID": "095f063fafb3a1c9afd10f0ad51b4b803346e433594ec8d7cd420f053ac63b50", "Gateway": "172.21.0.1", "IPAddress": "172.21.8.227", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "00:15:5d:fd:1e:b3", "DriverOpts": null } } }

freddydk commented 5 years ago

will try that to get a repro

freddydk commented 5 years ago

@thenavguy - did this ever work for you?

freddydk commented 5 years ago

When you setup a 2nd container like this in a VM, you need to allow the ports in the networksecurity group - but you shouldn't add anything to the firewall - instead you should add this parameter: -publishPorts @(8181,5443,5046,5047,5048) to instruct docker in publishing the ports on the host. btw FYI - You don't need to say isolation process - that is default (if possible) the same with restart and shortcuts. and the NavDvdCountry is only used if you are using the generic image to run a DVD.

freddydk commented 5 years ago

@geeknikolai - if you like, we can setup a screen share session - and see if we can determine what's wrong here. If you are up for that, please email freddyk at microsoft dot com and suggest a time. Thanks

freddydk commented 5 years ago

As I haven't heard back on my questions, I will close this issue.