Reputation: 11254
docker connect to windowsservercore via PowerShell remoting
I want to test PS remoting between two docker containers. I've the following DockerFile:
FROM microsoft/windowsservercore:latest
# Set trusted hosts for PS remoting
RUN winrm s winrm/config/client @{TrustedHosts="*"}
# Set password -> just for testing!
RUN net user Administrator 1234!password5678
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
# Enable PS remoting
RUN Enable-PSRemoting -force; if ($?) {Start-Service winrm}
# Keep container alive if started via docker-compose
CMD start-sleep -seconds 3600
And the following docker-compose.yml:
version: '3.1'
services:
testserver:
image: 172.23.86.48/myPowerShellImage:latest
ports:
- 6985:5985
- 6986:5986
startpowershelltests:
image: 172.23.86.48/myPowerShellImage:latest
ports:
- 7985:5985
- 7986:5986
depends_on:
- testserver
I start the containers via docker-compose up -d and attach me to one container via docker container exec -it powershelltoolsdocker_startpowershelltests_1 powershell.
In the attached container I perform:
PS C:\> $pw = ConvertTo-SecureString "1234!password5678" -AsPlainText -Force
PS C:\> $cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "testserver\Administrator", $pw
PS C:\> $session = new-pssession -computername testserver -credential $cred
$session = new-pssession -computername testserver -credential $cred gives me the following error:
new-pssession : [testserver] Connecting to remote server testserver failed with the following error message : Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.SSessionOpenFailed At line:1 char:12 + $session = new-pssession -computername testserver -credential $cred + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:Re moteRunspace) [New-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
Therefore I checked if the target is pingable:
PS C:\> ping testserver
Pinging testserver [172.21.162.141] with 32 bytes of data:
Reply from 172.21.162.141: bytes=32 time<1ms TTL=128
Reply from 172.21.162.141: bytes=32 time=2ms TTL=128
Reply from 172.21.162.141: bytes=32 time=3ms TTL=128
Reply from 172.21.162.141: bytes=32 time=1ms TTL=128
Ping statistics for 172.21.162.141:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 3ms, Average = 1ms
Can someone give me a hint what am I missing.
Thx
Upvotes: 9
Views: 1614
Answers (1)
Reputation: 11
Test your connectivity between them using
Test-WSMan -ComputerName testserver -Port 7986 -credential $cred
Other things to check would include running winrm quickconfig within your images, checking if the winrm service is running within the image, and checking to make sure the correct value is in the trusted host list of your containers.
Get-Item WSMan:\localhost\Client\TrustedHosts
In a Windows domain, you don't typically need to worry about this trust, but I imagine your containers are stand-alone machines.
Upvotes: 1
Related Questions
- docker: error during connect: In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect
- Run interactive Powershell in Windows Azure Container Instance
- How to execute PowerShell script in Windows-container under Docker?
- Connect to docker container on Windows
- Execute powershell command in running container via Docker API
- Windows Server Core in Docker, Firewall
- Windows service on docker does not start
- No PowerShell help in Docker using WindowServerCore
- RUN Powershell Script in Docker Container From Host Powershell Script
- Docker-Compose error in powershell only: "Couldn't connect to docker daemon...."