Comments (6)
Please checkout my new repository where I have published a WinRM Windows Docker image accessible via the PowerShell command Enter-PSSession
.
from dockerfiles-windows.
Seems to me that is an unconventional way to work interactively with a running container. You would typically use docker exec -it command for an interactive session. That said, I gave it a try with the mcr.microsoft.com/windows/servercore/iis:latest
image and from the container host I was able to verify connectivity from host-to-container over the default WinRM port:
PS C:\Users\Administrator> (docker container inspect cbe0be0147d1 | ConvertFrom-Json).NetworkSettings.Networks.nat.IPAddress
172.31.124.73
PS C:\Users\Administrator> Test-NetConnection -ComputerName 172.31.124.73 -Port 5985
ComputerName : 172.31.124.73
RemoteAddress : 172.31.124.73
RemotePort : 5985
InterfaceAlias : vEthernet (nat)
SourceAddress : 172.31.112.1
TcpTestSucceeded : True
But when I try to enter a session:
PS C:\Users\Administrator> Enter-PSSession -ComputerName 172.31.124.73
Enter-PSSession : Connecting to remote server 172.31.124.73 failed with the following error message : The WinRM client cannot process
the request. If the authentication scheme is different from Kerberos, or if the client computer is not joined to a domain, then HTTPS
transport must be used or the destination machine must be added to the TrustedHosts configuration setting. Use winrm.cmd to configure
TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. You can get more information about that by
running the following command: winrm help config. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ Enter-PSSession -ComputerName 172.31.124.73
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (172.31.124.73:String) [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed
And this error makes sense because the container is not domain-joined (nor is my test VM in this case). So the auth scheme is definitely not Kerberos and as far as using HTTPS as the transport - perhaps it could work, but WinRM inside the container has not been configured to allow it. Again, I'd recommend using docker exec
if you need to interact with a running container.
from dockerfiles-windows.
You should try other authentication methods, such as Basic and NTLM, which are for not-domain joined machines.
I need to interact via Enter-PSSession
and not via docker exec
because I need to simulate a WinRM connection.
I tried to interact with the
winrm
container available in this repository. The error I get is ACCESS DENIED.
from dockerfiles-windows.
Doesn't work (using any of the available authentication schemes) out-of-the-box. This post looks promising - maybe it can help you: https://tobiasfenster.io/container-to-container-winrm
from dockerfiles-windows.
It is the same link I found. I will give a look.
from dockerfiles-windows.
I was able to use the -ContainerId
parameter (from the container host) to enter into a session. Probably not what you are after, but that did in fact work:
PS C:\Users\Administrator\Documents> hostname
EC2AMAZ-9I75KV2
PS C:\Users\Administrator\Documents> Enter-PSSession -ContainerId cbe0be0147d191136339d86b537189292b8eadb96915114473340ace213fca30
[cbe0be0147d1...]: PS C:\Users\ContainerUser\Documents> hostname
cbe0be0147d1
[cbe0be0147d1...]: PS C:\Users\ContainerUser\Documents> whoami
user manager\containeruser
from dockerfiles-windows.
Related Issues (20)
- Cannot connect to chocolatey.org or any other internet site from within container HOT 2
- Secure and Insecure registry commands are identical? HOT 2
- Can't seem to find NPM install HOT 2
- Consul cluster setup HOT 1
- node-gyp fails to compile headdump package on build-tools image HOT 1
- Apache build does not build HOT 3
- Transparency issues on the windows10-edge vagrant box HOT 1
- npm start issue with node Windows image HOT 3
- Please update the dockertls images to newer baseimages HOT 3
- The docker-cli image uses DockerToolbox which is deprecated HOT 2
- For the Ruby Image, Why don't we use nano server as the base? HOT 2
- g
- push linux containers to stefanscherer/registry-windows? HOT 1
- Docker Compose not working HOT 2
- Outdated busybox README
- Capture packet inside windows container.
- Which dockerfile to run c++ HOT 1
- kubectl image
- donet - 20H2 - Error: The specified package is not applicable to this image. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dockerfiles-windows.