mirror of https://github.com/docker/docs.git
Add Windows nodes limitations (#98)
This commit is contained in:
parent
ab60d07d41
commit
10b77a9b04
|
@ -154,9 +154,11 @@ PS> netsh advfirewall firewall add rule name="docker_proxy" dir=in action=allow
|
||||||
1. Create the directory `C:\ProgramData\docker\daemoncerts`.
|
1. Create the directory `C:\ProgramData\docker\daemoncerts`.
|
||||||
2. In a PowerShell terminal running as Administrator, run the following command
|
2. In a PowerShell terminal running as Administrator, run the following command
|
||||||
to generate certificates.
|
to generate certificates.
|
||||||
|
|
||||||
```ps
|
```ps
|
||||||
PS> docker run --rm -v C:\ProgramData\docker\daemoncerts:C:\certs dockerorcadev/ucp-agent-win:2.2.0-5213679 generate-certs
|
PS> docker run --rm -v C:\ProgramData\docker\daemoncerts:C:\certs dockerorcadev/ucp-agent-win:2.2.0-5213679 generate-certs
|
||||||
```
|
```
|
||||||
|
|
||||||
3. To set up certificates, run the following commands to stop and unregister the
|
3. To set up certificates, run the following commands to stop and unregister the
|
||||||
`dockerd` service, register the service with the certificates, and restart the service.
|
`dockerd` service, register the service with the certificates, and restart the service.
|
||||||
|
|
||||||
|
@ -175,3 +177,26 @@ The `dockerd` service and the Windows environment are now configured to join a U
|
||||||
```
|
```
|
||||||
Node WIN-NOOQV2PJGTE is a Windows node that cannot connect to its local Docker daemon.
|
Node WIN-NOOQV2PJGTE is a Windows node that cannot connect to its local Docker daemon.
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Windows nodes limitations
|
||||||
|
|
||||||
|
Some features are not yet supported on Windows nodes:
|
||||||
|
|
||||||
|
* Networking
|
||||||
|
* The swarm mode routing mesh can't be used on Windows nodes. You can can expose
|
||||||
|
a port for your service in the host where it is running, and use the HTTP
|
||||||
|
routing mesh to make your service accessible using a domain name.
|
||||||
|
* Encrypted networks are not supported. If you've upgraded from a previous
|
||||||
|
version, you'll also need to recreate the `ucp-hrm` network to make it
|
||||||
|
unencrypted.
|
||||||
|
* Secrets
|
||||||
|
* When using secrets with Windows services, Windows stores temporary secret
|
||||||
|
files on disk. You can use BitLocker on the volume containing the Docker
|
||||||
|
root directory to encrypt the secret data at rest.
|
||||||
|
* When creating a service which uses Windows containers, the options to
|
||||||
|
specify UID, GID, and mode are not supported for secrets. Secrets are
|
||||||
|
currently only accessible by administrators and and users with system access
|
||||||
|
within the container.
|
||||||
|
* Mounts
|
||||||
|
* On Windows, Docker can't listen on a Unix socket. Use TCP or a named pipe
|
||||||
|
instead.
|
||||||
|
|
Loading…
Reference in New Issue