1

I have been following this tutorial and I have been using VS2019 to create a Dockerfile. I am using Docker Desktop on Windows 10 and my application 'AccountOwnerServer' is using Linux Containers. When building from the Dockerfile it successfully goes through steps 1 - 20 with no problems but prints the following Security warning in Powershell:

SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.

When I run the container with docker run --rm -it -p 8080:80 codemazeblog/accountowner:build I get the following error in powershell: C:\Program Files\Docker\Docker\Resources\bin\docker.exe: Error response from daemon: driver failed programming external connectivity on endpoint dazzling_chaplygin (e784aeb7f33b182e39d52e0ea37bb035feb6bcefdc53b0d2f4160dba7ec46a99): Error starting userland proxy: listen tcp 0.0.0.0:8080: bind: An attempt was made to access a socket in a way forbidden by its access permissions.

I'm not sure what is wrong exactly or how to fix it as I am a relative novice on Docker.

Dockerfile 

WORKDIR /app
EXPOSE 80

FROM microsoft/aspnetcore-build:2.0-stretch AS build
WORKDIR /src
COPY ["AccountOwnerServer/AccountOwnerServer.csproj", "AccountOwnerServer/"]
COPY ["Contracts/Contracts.csproj", "Contracts/"]
COPY ["Entities/Entities.csproj", "Entities/"]
COPY ["LoggerService/LoggerService.csproj", "LoggerService/"]
COPY ["Repository/Repository.csproj", "Repository/"]
RUN dotnet restore "AccountOwnerServer/AccountOwnerServer.csproj"
COPY . .
WORKDIR "/src/AccountOwnerServer"
RUN dotnet build "AccountOwnerServer.csproj" -c Release -o /app/build

FROM build AS publish
RUN dotnet publish "AccountOwnerServer.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "AccountOwnerServer.dll"]
Stephen Kennedy
  • 16,598
  • 21
  • 82
  • 98
James Chalmers
  • 502
  • 1
  • 10
  • 22

3 Answers3

1

So, here's the thing. I have divided your question in 2 parts, I will answer them one by one:

Part 1: You get a security warning "SECURITY WARNING: You are building a Docker image from Windows against a non-Windows Docker host. All files and directories added to build context will have '-rwxr-xr-x' permissions. It is recommended to double check and reset permissions for sensitive files and directories.":

Answer: Windows and Linux are two different operating systems and have 2 different ways to maintain files, folders and their permissions. What the warning is trying to say is that since your building the docker image that will eventually run on a platform that is non-windows, soo windows has automatically set the file permissions to '-rwxr-xr-x' which means the files have read, write and execute permission for user (-rwxr), execute and read for groups (-xr) and just execute permission for others (-x) ---- See here for more knowledge on permissions. It basically warns you to set the permissions according to your use case.

Part 2: The error you are receiving in the docker run statement:

Answer: Try doing the following

  1. Check if the port is blocked or used by another process. (Refer here for how-to)
  2. If its not, run the powershell or terminal that you are using to run the docker run command as administrator.
billybob
  • 2,597
  • 6
  • 26
  • 50
Gobind Deep Singh
  • 189
  • 8
  • I am running Powershell as admin. I've just tried running `docker run -it -p 8000:8888 codemazeblog/accountowner:runtime` and the application runs fine. – James Chalmers Oct 19 '19 at 15:15
  • changing ports simply means you have a blocked port or an application/service on your system has reserved the port. You need to find and kill the application if the port is absolutely necessary. – Gobind Deep Singh Oct 19 '19 at 15:41
  • It looks like you are right in Pt 2 of your answer. I had initially thought that it wasn't a port issue as`netstat -ano | findstr 80` didn't produce a conclusive result, and the error given doesn't mention 'Address in use'. However changing the ports in the `docker run` command works as desired. – James Chalmers Oct 19 '19 at 15:41
  • yes. I think a service has reserved the port with admin privileges, might be a docker container at fault too. All in all. Its a port issue. – Gobind Deep Singh Oct 19 '19 at 15:43
0

You need to switch to Windows container as mentioned here https://docs.docker.com/docker-for-windows/images/whale-icon-systray-hidden.png

https://docs.docker.com/docker-for-windows/.

Sivakumar
  • 1,069
  • 1
  • 13
  • 21
  • Not true. You can run Linux Containers in this case. If I run `docker run -it -p 8000:8888 codemazeblog/accountowner:runtime` in Powershell, the container runs fine. If I navigate to `http://localhost:8080/swagger/`, I have a running application using Docker – James Chalmers Oct 19 '19 at 15:12
0

This worked for me

Stop-Service docker
Stop-service hns
Start-service hns
Start-Service docker
docker network prune

I had similar issues with Windows containers https://stackoverflow.com/a/58422312/270155

Andy Joiner
  • 5,025
  • 3
  • 39
  • 60