Docker and Windows 10 1709 Patch, The End

So if you read my last post on my challenges with Docker containers running on Windows 10 after the 1709 patch, I thought I was close to solving it once I was granted the admin password to disable and uninstall Sophos Endpoint.

Once I uninstalled Sophos, I noted I ended up with a different line number error. The question was, has the problem shifted from Sophos to a new issue or is it more complex than just the one application? We’d already seen that it was complicated, including the Hyper-V with the 1709 patch that was part of the problem.

As I researched the network issue farther, noticed that, although I’d uninstalled Docker and Sophos, there were considerable files leftover and registry entries that had roots throughout the system. I also became aware of how many changes were cross referencing and sharing the same DLLs.

I’m an expert of scouring Oracle from a Windows server, but there’s nothing like a reminder of the ease of management with Linux and power of an “rm -rf” command vs. the challenges of shared files and registry entries.

In the end, it became apparent that I could be shooting myself in the foot trying to find the trip wire that caused the complex problem that I was experiencing, (along with lacking logging from Docker) as well as the time it was taking to get me back up and running my containers.

At 4pm last night, I decided to backup my files to my external SSD and then reformat my Microsoft Surface Pro 4. All my licensing is stored for my PC in my account when I simply run a erase and reload the same machine. I chose to erase all of my data and apps.

Once I reloaded, I chose the following:

  1. Locked the Windows updates before the 1709 patch and I’m not letting any patches be applied until a new patch comes out that fixes this. Trust me, after all this research, I know where to look… :)
  2. Only enabled Hyper-V and installed Docker. I left VMWare and Virtualbox off. I’ve used this machine for quite some time.
  3. Kept Sophos Endpoint off and chose a different anti-virus.

Docker started without the issues immediately. The next was to get my containers going. That’s when I ran into an issue. I wasn’t able to do port binding in a container. To get around this, I did the following:

1. Created a Dockerfile to expose the ports with the following entries:

FROM microsoft/mssql-server-linux:2017-latest
EXPOSE 1403:1433
WORKDIR C:\Projects
LABEL maintainer "Kellyn Gorman"

2. Created my image based off this dockerfile and then start your container from it:

docker build . -t sql1 
docker run -it -d -p 1401:1433 sql1

Back up and running!

C:\WINDOWS\system32>docker ps -a
355c08b87b2d microsoft/mssql-server-linux:2017-latest "/bin/sh -c /opt/mss…" 7 hours ago Up 7 hours>1433/tcp sql1

So, long story longer- This was the fix to getting my containers back to use with my demos/workshops. The problem is so complex between so many applications- VMWare, Docker, Virtualbox, Hyper-V, VPN clients, anti-virus’ and Windows patch 1709. Instead of days of me trying to untangle it, it was easier for me to reload and not put the challenges into the new load.

Originally published at DBA Kevlar.