profile
viewpoint
nodejs vue.js ry ( nodejs Founder ) React Rust tensorflow Spring Boot golang

Ask questionsWindows Server 2019 publish ports in swarm not working

<!-- If you are reporting a new issue, make sure that we do not have any duplicates already open. You can ensure this by searching the issue list for this repository. If there is a duplicate, please close your issue and add a comment to the existing issue instead.

If you suspect your issue is a bug, please edit your issue description to include the BUG REPORT INFORMATION shown below. If you fail to provide this information within 7 days, we cannot debug your issue and will close it. We will, however, reopen it if you later provide the information.

For more information about reporting issues, see https://github.com/moby/moby/blob/master/CONTRIBUTING.md#reporting-other-issues

GENERAL SUPPORT INFORMATION

The GitHub issue tracker is for bug reports and feature requests. General support for docker can be found at the following locations:

  • Docker Support Forums - https://forums.docker.com
  • Slack - community.docker.com #general channel
  • Post a question on StackOverflow, using the Docker tag

General support for moby can be found at the following locations:

  • Moby Project Forums - https://forums.mobyproject.org
  • Slack - community.docker.com #moby-project channel
  • Post a question on StackOverflow, using the Moby tag

BUG REPORT INFORMATION

Use the commands below to provide key information from your environment: You do NOT have to include this information if this is a FEATURE REQUEST -->

Description

When running a container in a single node swarm on Windows Server 2019 you can not access the published ports.

Steps to reproduce the issue:

  1. Create a fresh VM on Azure using the Windows Server 2019 Datacenter with Containers image
  2. Fully patch the VM.
  3. Install latest docker update 18.09.6
  4. Run swarm init
  5. Use the following service yml file
version: '3.5'

services:
  webtest:
    image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
    deploy:
      replicas: 1
      endpoint_mode: dnsrr          
    ports:
      - target: 80
        published: 8000
        protocol: tcp
        mode: host
  1. Run the following to deploy the service

docker stack deploy -c .\service_test.yml service_test

  1. Try and browse to http://localhost:8000 or http://local ip of machine:8000

Describe the results you received:

The browser sits there forever and never makes a connection. If you look in the resource monitor in Windows you see that dockerd.exe is listening on port 8000 on all interfaces.

image

When you point a browser at that port you can see in resource monitor that dockerd has accepted a connection on port 8000 but it just doesn't appear to be doing anything with it.

If you just run the command

docker run -it --rm -p 8000:80 --name aspnetcore_sample mcr.microsoft.com/dotnet/core/samples:aspnetapp

I.E just run is as a container by itself and not on the swarm then everything works fine.

If I do the same steps using the following yml

version: '3.5'

services:
  webtest:
    image: mcr.microsoft.com/dotnet/core/samples:aspnetapp
    deploy:
      replicas: 1      
    ports:
      - target: 80
        published: 8000
        protocol: tcp

It still fails but this time I don't see any listening ports for dockerd in resource monitor.

If I restart the docker service I find that the following events are logged in event viewer

HNSNetwork Request ={"Name":"uzjewd94ge9hi38jqzpseo0zx","Type":"overlay","Subnets":[{"AddressPrefix":"10.255.0.0/16","GatewayAddress":"10.255.0.1","Policies":[{"Type":"VSID","VSID":4096}]}],"AutomaticDNS":true}

followed by

Failed creating ingress network: hnsCall failed in Win32: An adapter was not found. (0x803b0006)

I found some comments online indicating this had something to do with only one physical network adapter being available on the machine so I added another network adapter in Azure and this error disappears but I still can't access the container when it is in a swarm.

Describe the results you expected:

I'd expect to be able to access the website inside the container.

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client: Docker Engine - Enterprise
 Version:           18.09.6
 API version:       1.39
 Go version:        go1.10.8
 Git commit:        1578dcadd2
 Built:             05/04/2019 02:34:11
 OS/Arch:           windows/amd64
 Experimental:      false

Server: Docker Engine - Enterprise
 Engine:
  Version:          18.09.6
  API version:      1.39 (minimum version 1.24)
  Go version:       go1.10.8
  Git commit:       1578dcadd2
  Built:            05/04/2019 02:32:24
  OS/Arch:          windows/amd64
  Experimental:     false

Output of docker info:

Containers: 1
 Running: 1
 Paused: 0
 Stopped: 0
Images: 3
Server Version: 18.09.6
Storage Driver: windowsfilter
 Windows:
Logging Driver: json-file
Plugins:
 Volume: local
 Network: ics l2bridge l2tunnel nat null overlay transparent
 Log: awslogs etwlogs fluentd gelf json-file local logentries splunk syslog
Swarm: active
 NodeID: z59hrmf76s22pnnjo3t8xz7vt
 Is Manager: true
 ClusterID: lp7wuobnabi7rj0eow628k2x5
 Managers: 1
 Nodes: 1
 Default Address Pool: 10.0.0.0/8
 SubnetSize: 24
 Orchestration:
  Task History Retention Limit: 5
 Raft:
  Snapshot Interval: 10000
  Number of Old Snapshots to Retain: 0
  Heartbeat Tick: 1
  Election Tick: 10
 Dispatcher:
  Heartbeat Period: 5 seconds
 CA Configuration:
  Expiry Duration: 3 months
  Force Rotate: 0
 Autolock Managers: false
 Root Rotation In Progress: false
 Node Address: 10.0.5.5
 Manager Addresses:
  10.0.5.5:2377
Default Isolation: process
Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434)
Operating System: Windows Server 2019 Datacenter Version 1809 (OS Build 17763.475)
OSType: windows
Architecture: x86_64
CPUs: 2
Total Memory: 4GiB
Name: docker2019
ID: T6FB:4SLL:ASKC:YHC6:3CP3:N2Q6:ULCQ:GAWL:PSEZ:3REE:GYFM:CJ7X
Docker Root Dir: C:\ProgramData\docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, etc.):

Azure

moby/moby

Answer questions darrensteadman

Looks like this is very similar to #39065

Related questions

start container failed with "failed to umount /var/lib/docker/containers/.../shm: no such file or directory" hot 36
upgrade docker-18.09.2-ce , shim.sock: bind: address already in use: unknown hot 17
start container failed with "failed to umount /var/lib/docker/containers/.../shm: no such file or directory" hot 9
runc regression - EPERM running containers from selinux hot 8
Swarm restarts all containers hot 8
integration: "error reading the kernel parameter" errors during CI hot 7
hcsshim::PrepareLayer failed in Win32: The parameter is incorrect hot 7
OCI runtime exec failed: exec failed: cannot exec a container that has stopped: unknown hot 6
"docker stack deploy">"rpc error: code = 3 desc = name must be valid as a DNS name component" hot 6
write unix /var/run/docker.sock->@: write: broken pipe hot 6
Error response from daemon: rpc error: code = DeadlineExceeded desc = context deadline exceeded
Containers on overlay network cannot reach other containers
windowsRS1 and windowsRS5-process are failing due to "Unable to delete '\gopath\src\github.com\docker\docker" hot 4
no matching manifest for linux/arm64/unknown hot 4
Using healthcheck on swarm disturbs nameservices hot 4
Github User Rank List