在我的公司,我们正在开发一种产品,最终将通过OpenLDAP和Active Directory支持身份validation。 我们已经configuration了Windows Server 2016,并希望通过Windows容器创build一个独立的环境来testing我们的应用程序。
不幸的是,当在容器中安装/启用ADfunction时,我遇到了困难。 我收到的错误是:
Add-WindowsFeature : The request to add or remove features on the specified server failed. The operation cannot be completed, because the server that you specified requires a restart. At line:1 char:1 + Add-WindowsFeature AD-Domain-Services + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : DeviceError: (@{Vhd=; Credent...Name=localhost}:PSObject) [Install-WindowsFeature], Exception + FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft.Windows.ServerManager.Commands.AddWindowsFeatureCommand 我错过了什么,或者这只是不工作?
这是我的Dockerfile
FROM microsoft/windowsservercore RUN powershell Get-WindowsFeature RUN powershell -Command Add-WindowsFeature AD-Domain-Services
完整的生成日志:
PS C:\windows-ad> docker build --no-cache -t win-test . Sending build context to Docker daemon 2.56kB Step 1/3 : FROM microsoft/windowsservercore ---> be84290c2315 Step 2/3 : RUN powershell Get-WindowsFeature ---> Running in 5e5f83bb2c86 Display Name Name ------------ ---- [ ] Active Directory Certificate Services AD-Certificate [ ] Certification Authority ADCS-Cert-Authority [ ] Certificate Enrollment Policy Web Service ADCS-Enroll-Web-Pol [ ] Certificate Enrollment Web Service ADCS-Enroll-Web-Svc [ ] Certification Authority Web Enrollment ADCS-Web-Enrollment [ ] Network Device Enrollment Service ADCS-Device-Enrollment [ ] Online Responder ADCS-Online-Cert [ ] Active Directory Domain Services AD-Domain-Services [ ] Active Directory Federation Services ADFS-Federation [ ] Active Directory Lightweight Directory Services ADLDS [ ] Active Directory Rights Management Services ADRMS [ ] Active Directory Rights Management Server ADRMS-Server [ ] Identity Federation Support ADRMS-Identity [ ] Device Health Attestation DeviceHealthAttestat... [ ] DHCP Server DHCP [ ] DNS Server DNS [X] File and Storage Services FileAndStorage-Services [ ] File and iSCSI Services File-Services [ ] File Server FS-FileServer [ ] BranchCache for Network Files FS-BranchCache [ ] Data Deduplication FS-Data-Deduplication [ ] DFS Namespaces FS-DFS-Namespace [ ] DFS Replication FS-DFS-Replication [ ] File Server Resource Manager FS-Resource-Manager [ ] File Server VSS Agent Service FS-VSS-Agent [ ] iSCSI Target Server FS-iSCSITarget-Server [ ] iSCSI Target Storage Provider (VDS and V... iSCSITarget-VSS-VDS [ ] Server for NFS FS-NFS-Service [ ] Work Folders FS-SyncShareService [X] Storage Services Storage-Services [ ] Host Guardian Service HostGuardianServiceRole [ ] Hyper-V Hyper-V [ ] Network Controller NetworkController [ ] Print and Document Services Print-Services [ ] Print Server Print-Server [ ] LPD Service Print-LPD-Service [ ] Remote Access RemoteAccess [ ] DirectAccess and VPN (RAS) DirectAccess-VPN [ ] Routing Routing [ ] Web Application Proxy Web-Application-Proxy [ ] Remote Desktop Services Remote-Desktop-Services [ ] Remote Desktop Connection Broker RDS-Connection-Broker [ ] Remote Desktop Licensing RDS-Licensing [ ] Remote Desktop Virtualization Host RDS-Virtualization [ ] Volume Activation Services VolumeActivation [ ] Web Server (IIS) Web-Server [ ] Web Server Web-WebServer [ ] Common HTTP Features Web-Common-Http [ ] Default Document Web-Default-Doc [ ] Directory Browsing Web-Dir-Browsing [ ] HTTP Errors Web-Http-Errors [ ] Static Content Web-Static-Content [ ] HTTP Redirection Web-Http-Redirect [ ] WebDAV Publishing Web-DAV-Publishing [ ] Health and Diagnostics Web-Health [ ] HTTP Logging Web-Http-Logging [ ] Custom Logging Web-Custom-Logging [ ] Logging Tools Web-Log-Libraries [ ] ODBC Logging Web-ODBC-Logging [ ] Request Monitor Web-Request-Monitor [ ] Tracing Web-Http-Tracing [ ] Performance Web-Performance [ ] Static Content Compression Web-Stat-Compression [ ] Dynamic Content Compression Web-Dyn-Compression [ ] Security Web-Security [ ] Request Filtering Web-Filtering [ ] Basic Authentication Web-Basic-Auth [ ] Centralized SSL Certificate Support Web-CertProvider [ ] Client Certificate Mapping Authentic... Web-Client-Auth [ ] Digest Authentication Web-Digest-Auth [ ] IIS Client Certificate Mapping Authe... Web-Cert-Auth [ ] IP and Domain Restrictions Web-IP-Security [ ] URL Authorization Web-Url-Auth [ ] Windows Authentication Web-Windows-Auth [ ] Application Development Web-App-Dev [ ] .NET Extensibility 3.5 Web-Net-Ext [ ] .NET Extensibility 4.6 Web-Net-Ext45 [ ] Application Initialization Web-AppInit [ ] ASP Web-ASP [ ] ASP.NET 3.5 Web-Asp-Net [ ] ASP.NET 4.6 Web-Asp-Net45 [ ] CGI Web-CGI [ ] ISAPI Extensions Web-ISAPI-Ext [ ] ISAPI Filters Web-ISAPI-Filter [ ] Server Side Includes Web-Includes [ ] WebSocket Protocol Web-WebSockets [ ] FTP Server Web-Ftp-Server [ ] FTP Service Web-Ftp-Service [ ] FTP Extensibility Web-Ftp-Ext [ ] Management Tools Web-Mgmt-Tools [ ] IIS 6 Management Compatibility Web-Mgmt-Compat [ ] IIS 6 Metabase Compatibility Web-Metabase [ ] IIS 6 Scripting Tools Web-Lgcy-Scripting [ ] IIS 6 WMI Compatibility Web-WMI [ ] IIS Management Scripts and Tools Web-Scripting-Tools [ ] Management Service Web-Mgmt-Service [ ] Windows Server Essentials Experience ServerEssentialsRole [ ] Windows Server Update Services UpdateServices [ ] WID Connectivity UpdateServices-WidDB [ ] WSUS Services UpdateServices-Services [ ] SQL Server Connectivity UpdateServices-DB [ ] .NET Framework 3.5 Features NET-Framework-Features [ ] .NET Framework 3.5 (includes .NET 2.0 and 3.0) NET-Framework-Core [ ] HTTP Activation NET-HTTP-Activation [ ] Non-HTTP Activation NET-Non-HTTP-Activ [X] .NET Framework 4.6 Features NET-Framework-45-Fea... [X] .NET Framework 4.6 NET-Framework-45-Core [ ] ASP.NET 4.6 NET-Framework-45-ASPNET [X] WCF Services NET-WCF-Services45 [ ] HTTP Activation NET-WCF-HTTP-Activat... [ ] Message Queuing (MSMQ) Activation NET-WCF-MSMQ-Activat... [ ] Named Pipe Activation NET-WCF-Pipe-Activat... [ ] TCP Activation NET-WCF-TCP-Activati... [X] TCP Port Sharing NET-WCF-TCP-PortShar... [ ] Background Intelligent Transfer Service (BITS) BITS [ ] Compact Server BITS-Compact-Server [ ] BitLocker Drive Encryption BitLocker [ ] BranchCache BranchCache [ ] Client for NFS NFS-Client [ ] Containers Containers [ ] Data Center Bridging Data-Center-Bridging [ ] Enhanced Storage EnhancedStorage [ ] Failover Clustering Failover-Clustering [ ] Group Policy Management GPMC [ ] Host Guardian Hyper-V Support HostGuardian [ ] I/O Quality of Service DiskIo-QoS [ ] IIS Hostable Web Core Web-WHC [ ] IP Address Management (IPAM) Server IPAM [ ] iSNS Server service ISNS [ ] Management OData IIS Extension ManagementOdata [ ] Media Foundation Server-Media-Foundation [ ] Message Queuing MSMQ [ ] Message Queuing Services MSMQ-Services [ ] Message Queuing Server MSMQ-Server [ ] Directory Service Integration MSMQ-Directory [ ] HTTP Support MSMQ-HTTP-Support [ ] Message Queuing Triggers MSMQ-Triggers [ ] Routing Service MSMQ-Routing [ ] Message Queuing DCOM Proxy MSMQ-DCOM [ ] Multipath I/O Multipath-IO [ ] MultiPoint Connector MultiPoint-Connector [ ] MultiPoint Connector Services MultiPoint-Connector... [ ] MultiPoint Manager and MultiPoint Dashboard MultiPoint-Tools [ ] Network Load Balancing NLB [ ] Peer Name Resolution Protocol PNRP [ ] Quality Windows Audio Video Experience qWave [ ] Remote Differential Compression RDC [ ] Remote Server Administration Tools RSAT [ ] Feature Administration Tools RSAT-Feature-Tools [ ] BitLocker Drive Encryption Administratio... RSAT-Feature-Tools-B... [ ] DataCenterBridging LLDP Tools RSAT-DataCenterBridg... [ ] Failover Clustering Tools RSAT-Clustering [ ] Failover Cluster Module for Windows ... RSAT-Clustering-Powe... [ ] Failover Cluster Automation Server RSAT-Clustering-Auto... [ ] Failover Cluster Command Interface RSAT-Clustering-CmdI... [ ] IP Address Management (IPAM) Client IPAM-Client-Feature [ ] Shielded VM Tools RSAT-Shielded-VM-Tools [ ] Storage Replica Module for Windows Power... RSAT-Storage-Replica [ ] Role Administration Tools RSAT-Role-Tools [ ] AD DS and AD LDS Tools RSAT-AD-Tools [ ] Active Directory module for Windows ... RSAT-AD-PowerShell [ ] AD DS Tools RSAT-ADDS [ ] Active Directory Administrative ... RSAT-AD-AdminCenter [ ] AD DS Snap-Ins and Command-Line ... RSAT-ADDS-Tools [ ] AD LDS Snap-Ins and Command-Line Tools RSAT-ADLDS [ ] Hyper-V Management Tools RSAT-Hyper-V-Tools [ ] Hyper-V Module for Windows PowerShell Hyper-V-PowerShell [ ] Windows Server Update Services Tools UpdateServices-RSAT [ ] API and PowerShell cmdlets UpdateServices-API [ ] DHCP Server Tools RSAT-DHCP [ ] DNS Server Tools RSAT-DNS-Server [ ] Network Controller Management Tools RSAT-NetworkController [ ] Remote Access Management Tools RSAT-RemoteAccess [ ] Remote Access module for Windows Pow... RSAT-RemoteAccess-Po... [ ] RPC over HTTP Proxy RPC-over-HTTP-Proxy [ ] Setup and Boot Event Collection Setup-and-Boot-Event... [ ] Simple TCP/IP Services Simple-TCPIP [X] SMB 1.0/CIFS File Sharing Support FS-SMB1 [ ] SMB Bandwidth Limit FS-SMBBW [ ] SNMP Service SNMP-Service [ ] SNMP WMI Provider SNMP-WMI-Provider [ ] Software Load Balancer SoftwareLoadBalancer [ ] Storage Replica Storage-Replica [ ] Telnet Client Telnet-Client [ ] VM Shielding Tools for Fabric Management FabricShieldedTools [X] Windows Defender Features Windows-Defender-Fea... [X] Windows Defender Windows-Defender [ ] Windows Internal Database Windows-Internal-Dat... [X] Windows PowerShell PowerShellRoot [X] Windows PowerShell 5.1 PowerShell [ ] Windows PowerShell 2.0 Engine PowerShell-V2 [ ] Windows PowerShell Desired State Configurati... DSC-Service [ ] Windows PowerShell Web Access WindowsPowerShellWeb... [ ] Windows Process Activation Service WAS [ ] Process Model WAS-Process-Model [ ] .NET Environment 3.5 WAS-NET-Environment [ ] Configuration APIs WAS-Config-APIs [ ] Windows Server Backup Windows-Server-Backup [ ] Windows Server Migration Tools Migration [ ] Windows Standards-Based Storage Management WindowsStorageManage... [ ] WinRM IIS Extension WinRM-IIS-Ext [ ] WINS Server WINS [X] WoW64 Support WoW64-Support ---> b891a0f5b277 Removing intermediate container 5e5f83bb2c86 Step 3/3 : RUN powershell -Command Add-WindowsFeature AD-Domain-Services ---> Running in 22724bfb2ee4 Add-WindowsFeature : The request to add or remove features on the specified server failed. The operation cannot be completed, because the server that you specified requires a restart. At line:1 char:1 + Add-WindowsFeature AD-Domain-Services + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : DeviceError: (@{Vhd=; Credent...Name=localhost}: PSObject) [Install-WindowsFeature], Exception + FullyQualifiedErrorId : DISMAPI_Error__Failed_Reboot_Required,Microsoft. Windows.ServerManager.Commands.AddWindowsFeatureCommand Success Restart Needed Exit Code Feature Result ------- -------------- --------- -------------- False No Failed {} The command 'cmd /S /C powershell -Command Add-WindowsFeature AD-Domain-Services' returned a non-zero code: 1
Windows Containers不提供Active Directory支持,并且由于其本质不能充当成熟的域join对象,但是可以通过使用全局pipe理服务帐户来支持特定级别的Active Directoryfunction简版)。