Docker and Windows 10 1709 Patch, The End

So if you read my last post on my challenges with Docker containers running on Windows 10 after the 1709 patch, I thought I was close to solving it once I was granted the admin password to disable and uninstall Sophos Endpoint.

Once I uninstalled Sophos, I noted I ended up with a different line number error.  The question was, has the problem shifted from Sophos to a new issue or is it more complex than just the one application?  We’d already seen that it was complicated, including the Hyper-V with the 1709 patch that was part of the problem.

As I researched the network issue farther, noticed that, although I’d uninstalled Docker and Sophos, there were considerable files leftover and registry entries that had roots throughout the system.  I also became aware of how many changes were cross referencing and sharing the same DLLs.

I’m an expert of scouring Oracle from a Windows server, but there’s nothing like a reminder of the ease of management with Linux and power of an “rm -rf” command vs. the challenges of shared files and registry entries.

In the end, it became apparent that I could be shooting myself in the foot trying to find the trip wire that caused the complex problem that I was experiencing, (along with lacking logging from Docker) as well as the time it was taking to get me back up and running my containers.

At 4pm last night, I decided to backup my files to my external SSD and then reformat my Microsoft Surface Pro 4.  All my licensing is stored for my PC in my account when I simply run a erase and reload the same machine.  I chose to erase all of my data and apps.

Once I reloaded, I chose the following:

1.  Locked the Windows updates before the 1709 patch and I’m not letting any patches be applied until a new patch comes out that fixes this.  Trust me, after all this research, I know where to look… 🙂
2. Only enabled Hyper-V and installed Docker.  I left VMWare and Virtualbox off.  I’ve used this machine for quite some time.
3. Kept Sophos Endpoint off and chose a different anti-virus.

Docker started without the issues immediately.  The next was to get my containers going.  That’s when I ran into an issue.  I wasn’t able to do port binding in a container.  To get around this, I did the following:

1. Created a Dockerfile to expose the ports with the following entries:

FROM microsoft/mssql-server-linux:2017-latest
EXPOSE 1403:1433
WORKDIR C:\Projects
ENV ACCEPT_EULA=Y
ENV MSSQL_SA_PASSWORD=<Password>
LABEL maintainer "Kellyn Gorman"

2.  Created my image based off this dockerfile and then start your container from it:

docker build . -t sql1 
docker run -it -d -p 1401:1433 sql1

Back up and running!

C:\WINDOWS\system32>docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
355c08b87b2d microsoft/mssql-server-linux:2017-latest "/bin/sh -c /opt/mss…" 7 hours ago Up 7 hours 0.0.0.0:15777->1433/tcp sql1

So, long story longer-  This was the fix to getting my containers back to use with my demos/workshops.  The problem is so complex between so many applications-  VMWare, Docker, Virtualbox, Hyper-V, VPN clients, anti-virus’ and Windows patch 1709.  Instead of days of me trying to untangle it, it was easier for me to reload and not put the challenges into the new load.