Windows Containers Known Limitations
All these limitations apply to Windows Server 2016 Technical Preview 4:
- Docker clients on Max OSX or Linux cannot be used to run docker containers or build docker images on a remote Docker host (because the build process tends to begin but hangs indefinitely after making some progress). Use Docker client from Windows only.
- Starting a container via the ‘docker run’ command sometimes partially fails. What happens is that the container gets created but fails to get started. So a ‘docker ps’ command will return a container ID but ‘docker ps’ will not show the container. If you do a ‘docker ps -a’ you will see the container as “Created” but the “Status” field will be empty.
- Workaround: Wait for a few seconds and use ‘docker start [containerID]’ command. This resolves the problem most times.
- The error message on the Windows host (that doesn’t show up at the Swarm master) is as follows: “HCSShim::CreateComputeSystem - Win32 API call returned error r1=2147746291 err=Invalid class string”.
- Here is a screen shot showing this failure as well as the workaround in action.
- Running a container can also fail with the error:
“docker: Error response from daemon: Cannot start container
HCSShim::CreateComputeSystem - Win32 API call returned error r1=2147943622 err=The network is not present or not started.”
At present there is no way to workaround this issue.
- Deleting a container (almost always) returns an error message saying the container could not be deleted but in fact it does actually delete the containers.
- Error message received:
- It takes a few seconds for the container to be deleted. ‘Docker ps’ will show the container as “UP” for these few seconds after which it will not be listed.
- Windows container images cannot be pushed to Docker hub. However it is possible to pull Windows images from Docker hub and push Windows container images to a private registry.
- A container port cannot be mapped to a random host port or to a host port range. So container ports can only be mapped to a specific host port. For e.g. Use this “-p 8092:80”. The ‘docker ps’ command will not display port mappings as it does for Linux containers. So the customer has to record the host port that the container port is mapped to (e.g. 8092 for the example). This has been resolved in TP5.
- Because of the limitation (4) of allowing only specific port mappings, ContainerX only allows for a maximum of 10 pools on Windows Elastic Clusters.
- Once a container port is mapped to a specific host port, every time a new container wants to use the same host port, we get this error (below).
SMBP:accounting svkl$ docker run -it -p 1433:1433 sqlexpress "powershell ./start"
docker: Error response from daemon: Cannot start container 170d4e427ef6c4548d9d977ed465f85796ad63189a9a81e7857f8e2251e35a73: HCSShim::CreateComputeSystem - Win32 API call returned error r1=2147942452 err=You were not connected because a duplicate name exists on the network. If joining a domain, go to System in Control Panel to change the computer name and try again. If joining a workgroup, choose another workgroup name.
This MSDN link says that this error can be overcome by clearing up static net mappings. When I tried it, it didn't help: https://msdn.microsoft.com/en-us/virtualization/windowscontainers/about/work_in_progress:
The command they recommend:
PS> Get-NetNatStaticMapping | ? ExternalPort -eq 80 | Remove-NetNatStaticMapping
- Pool resource management is not yet available for Windows Elastic Clusters. This means that all pools have 100% CPU and memory limit.
- In ContainerX, for Windows Elastic Clusters, stats or metrics are not yet available. This is because the Docker stats API is not yet integrated with Windows containers. It is expected to be available in TP5.