Windows – use windows inside a docker container

containersdockerwindowswindows-server-2016

I'm wondering, is it possible to configure a docker container to run Windows and then connect to it via RDP or parsec and use it as my main machine?

Best Answer

is it possible to configure a docker container to run Windows

Yes, you can Run native Windows Server Containers

connect to it via RDP

Nope.

According to an answer, Windows Containers does not support RDP. To quote an article from 2019:

But notice you still cannot RDP into such Windows containers.

See What's new for Docker on Windows Server 2019?

Related Solutions

Nginx – How to Use Environment Variables in Nginx.conf

From the official Nginx docker file:

Using environment variables in nginx configuration:

Out-of-the-box, Nginx doesn't support using environment variables inside most configuration blocks.

But envsubst may be used as a workaround if you need to generate your nginx configuration dynamically before nginx starts.

Here is an example using docker-compose.yml:

image: nginx
volumes:
 - ./mysite.template:/etc/nginx/conf.d/mysite.template
ports:
 - "8080:80"
environment:
 - NGINX_HOST=foobar.com
 - NGINX_PORT=80
command: /bin/bash -c "envsubst < /etc/nginx/conf.d/mysite.template > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'"

The mysite.template file may then contain variable references like this :

listen ${NGINX_PORT};

Update:

But you know this caused to its Nginx variables like this:

proxy_set_header        X-Forwarded-Host $host;

damaged to:

proxy_set_header        X-Forwarded-Host ;

So, to prevent that, i use this trick:

I have a script to run Nginx, that used on the docker-compose file as command option for Nginx server, i named it run_nginx.sh:

#!/usr/bin/env bash
export DOLLAR='$'
envsubst < nginx.conf.template > /etc/nginx/nginx.conf
nginx -g "daemon off;"

And because of defined new DOLLAR variable on run_nginx.sh script, now content of my nginx.conf.template file for Nginx itself variable is like this:

proxy_set_header        X-Forwarded-Host ${DOLLAR}host;

And for my defined variable is like this:

server_name  ${WEB_DOMAIN} www.${WEB_DOMAIN};

Also here, there is my real use case for that.

Iptables – Transparent proxying a single docker container to another docker container

Thank you all for your time to answer. Basically what I'm trying to do is to proxy the outgoing/originated traffic of the 2nd container (NOTE: I'm NOT trying to proxy the incoming traffic, so cannot use the Apache mod_proxy or Nginx proxy_pass. These modules works for incoming traffic). 1st container runs a proxy service on port 8080.

As Thierno suggested I can use http_proxy and https_proxy ENV variables to proxy the outgoing traffic, but unfortunately NOT all the applications/services running in your operating system respects these http_proxy and https_proxy ENV variables. There are applications that force skip the proxy settings. That is the reason why I wanted to use iptables to enforce the traffic rules. Thus none of the application/service can skip the proxy.

The mistake I did in the previous settings on the question is, I was trying to route the incoming traffic to port 80 to 8080 of proxy server. Since the 1st container doesn't have any incoming traffic it won't work and it is logically wrong to PREROUTE/POSTROUTE the traffic to achieve what I was looking for. To route the originated/outgoing traffic, we need to use OUTPUT chain of the iptables.

My Solution:

I have used RedSocks with iptables combination to enforce the proxy for the complete outgoing traffic from the server. Here is the iptables configuration I've used:

# Create new chain for RedSocks

root# iptables -t nat -N REDSOCKS

# Ignore LANs and some other reserved addresses

root# iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
root# iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
root# iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
root# iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
root# iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
root# iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
root# iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
root# iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN

# Redirect all the http to redsocks local port

root# sudo iptables -t nat -A REDSOCKS -p tcp --dport 80 -j REDIRECT --to-ports 12345

# for https traffic just replace port 80 with 443

# Use all REDSOCKS chain for all the outgoing traffic at eth0

root# sudo iptables -t nat -A OUTPUT -p tcp -o eth0 -j REDSOCKS

Now, configure redsocks to listen to the local port 12345 for the incoming traffic and forward it to the proxy server's IP and port. To do this edit redsocks.conf as like this,

redsocks {
local_ip = 127.0.0.1;
local_port = 12345;
ip = 172.17.0.4;
port = 8080;
type = http-relay;
}

just save the conf and restart the redsocks service. Now all the outgoing traffic originated from the 1st container will be enforced to use the proxy. (NOTE: I've used iptables-persistent to persist the rules over server reboots) Actually I have implemented the same for both http and https traffic by adding another line to the iptables configuration. Although it's not a transparent proxy, it does the job for me.

If anyone have any other alternative solutions to this please suggest.