Please check your version of Docker!

Posted on by

Update 2021/2/10: Microsoft stopped creating images for Docker in the summer of 2020. We now publish artifacts, which can be used to spin up containers and BcContainerHelper has replaced NavContainerHelper. This blog post reflects the old way of using NAV/BC on Docker and references NavContainerHelper, which is outdated.

In Microsoft, we are constantly in search of ways to improve security for our customers. Customers must feel safe when using our services and leaving their precious data in our hands. Sometimes this requires our customers and partners to update client software and this blog post is a warning about just that.

Transport Layer Security (TLS v1.2)

Within the next month…

Before December 31st 2019…

Microsoft will harden security on our docker registries (both mcr.microsoft.com and bcinsider.azurecr.io) and set the required transport level security to v1.2.

This means that all computers running a version of Docker, which doesn’t support TLS v1.2, no longer will be able to pull any Microsoft official images from Microsoft registries.

Only docker 18.03.0 or above

Open a command prompt and run docker version.

Client: Docker Engine - Community
 Version: 19.03.5
 API version: 1.40
 Go version: go1.12.12
 Git commit: 633a0ea
 Built: Wed Nov 13 07:22:37 2019
 OS/Arch: windows/amd64
 Experimental: false

Server: Docker Engine - Community
 Engine:
  Version: 19.03.5
  API version: 1.40 (minimum version 1.24)
  Go version: go1.12.12
  Git commit: 633a0ea
  Built: Wed Nov 13 07:36:50 2019
  OS/Arch: windows/amd64
  Experimental: false

if the docker client or server version is lower than 18.03.0you need to update.

Warning

NavContainerHelper also displays the docker version when creating containers:

NavContainerHelper is version 0.6.4.20
NavContainerHelper is running as administrator
Host is Microsoft Windows 10 Pro - ltsc2019
Docker Client Version is 19.03.5
Docker Server Version is 19.03.5

You should be able to see this in the build output of the agents used by your CI/CD pipelines. With the next version of NavContainerHelper, you will also see a warning if your version of docker is prior to 18.03.0:

WARNING: Microsoft container registries will switch to TLS v1.2 very soon and your version of Docker does not support this. You should install a new version of docker asap (version 18.03.0 or later)

This will be visible in the output of your build agent in CI/CD scenarios when using NavContainerHelper.

Enjoy

Freddy Kristiansen
Technical Evangelist

2 thoughts on “Please check your version of Docker!

  1. Hello, currently (2+ years later)
    I am running / creating BC containers succesfully in this docker environment:
    Client:
    Version: master-dockerproject-2022-03-26
    API version: 1.41 (downgraded from 1.42)
    Go version: go1.17.8
    Git commit: dd7397342a
    Built: Sun Mar 27 00:09:40 2022
    OS/Arch: windows/amd64
    Context: default
    Experimental: true

    Server: Mirantis Container Runtime
    Engine:
    Version: 20.10.12
    API version: 1.41 (minimum version 1.24)
    Go version: go1.17.11m1
    Git commit: 9a41cc13e5
    Built: 06/21/2022 14:46:18
    OS/Arch: windows/amd64
    Experimental: false

    Windows server 2022 standard.
    I have used mirantis install
    Invoke-WebRequest -Uri https://get.mirantis.com/install.ps1 -o install.ps1
    to set this up.

    however the warning is present :

    Host is Microsoft Windows Server 2022 Standard – ltsc2022
    Docker Client Version is master-dockerproject-2022-03-26
    WARNING: Microsoft container registries will switch to TLS v1.2 very soon and your version of Docker does not support this. You should install a new version of docker asa
    p (version 18.03.0 or later)
    Docker Server Version is 20.10.12

    Like

    Reply

Leave a comment