failed to deploy when trying to pull an IP address from router DHCP server issue about windows HOT 5 CLOSED

The error says you have no permission to write to device_cgroup_rules but Im not sure why.

You can try adding privileged: true to the compose file, to run the container with more permissions. But normally that shouldnt be necessary!

from windows.

@kroese
Thank you.

I can try that.

Three things that I've done or changed since I posted this issue.

1. I am no longer trying to deploy the container with Portainer anymore. It would download the Win11 ISO and would go through the process of extracting the installer, but then when it needs to reboot to actually launch the installer, it will fail to stay connected.

2. So, now I am just using the normal "docker run" command.

3. Even outside of the Portainer environment, I tried deploying said Docker container via docker-compose up -d, and that resulted in the same thing as when I was trying to deploy this from within Portainer.

Not really sure why that is.

I also had to add in two additional options to the docker run command:

--security-opt apparmor:unconfined and also --sysctl net.ipv4.ip_forward=1 for it to work properly.

I haven't tried to get this to pick up an IPv4 address from my router's DHCP server, as I am having limited success with getting this to run the way I think that it is supposed to.

Once I solve those pieces, then I can work on getting it to pick up an IPv4 address from my router's DHCP server, but I need the "recipe" to be working in a stable and consistent manner first.

Thank you.

from windows.

Just to add here:
I am running it in an unprivilege LXC container.

My docker-compose.yml file now looks like this:

version: "3"
services:
  win11:
    image: dockurr/windows
    container_name: win11
    devices:
      - /dev/kvm
    environment:
      VERSION: "win11"
      RAM_SIZE: "8G"
      CPU_CORES: "4"
    cap_add:
      - NET_ADMIN
    volumes:
      - ./win11:/storage
    security_opt:
      - apparmor:unconfined
    sysctls:
      net.ipv4.ip_forward: 1
    networks:
      vlan:
        ipv4_address: 10.172.194.142
    ports:
      - 8006:8006
      - 3389:3389/tcp
      - 3389:3389/udp
    stop_grace_period: 2m
    restart: on-failure

networks:
  vlan:
    external: true

from windows.

So the issue is solved now?

In any case you wont be able to use DHCP mode in a unprivileged LXC container, as the macvlan interface can only be created using mknod which wont work within unprivileged LXC.

See vdsm/virtual-dsm#382 for more background on that.

from windows.

Ahh...okay. Gotcha.

Thank you.

I was able to "create" the macvlan (both when I ran it with "standalone Docker/docker compose") and in Portainer, I would create the macvlan configuration, and then deploy the config by calling it vlan.

The driver shows up as null, but I am able to connect to it at the IP that I have assigned in the docker-compose.yml file, so it works enough for me. (DHCP is not 100% necessary/critical. At least not yet.)

from windows.