windows icon indicating copy to clipboard operation
windows copied to clipboard
verified publisher icon dockur

ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)

Open alpha754293 opened this issue 1 year ago • 5 comments

Trying to install this on my OASLOA Mini PC now (Intel N95 Processor, 16 GB LPDDR5 RAM, 512 GB NVMe SSD).

This is the error message that I get:

Attaching to win11
win11    | ❯ Starting Windows for Docker v2.07...
win11    | ❯ For support visit https://github.com/dockur/windows
win11    | 
win11    | ❯ Extracting local ISO image...
win11    | ❯ Detecting Windows version from ISO image...
win11    | ❯ Detected: Windows 11
win11    | ❯ Adding XML file for automatic installation...
win11    | ❯ Building Windows 11 image...
win11    | ❯ Creating a 32G growable disk image in raw format...
win11    | ❯ Installing Intel GPU drivers...
win11    | ❯ Installing OpenGL module...
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1

Here is my docker-compose.yml file:

version: "3"
services:
  win11:
    image: dockurr/windows
    container_name: win11
    devices:
      - /dev/kvm
      - /dev/dri
    environment:
      VERSION: "win11"
      RAM_SIZE: "8G"
      CPU_CORES: "4"
      DISK_SIZE: "32G"
      GPU: "Y"
    cap_add:
      - NET_ADMIN
    volumes:
      - ./win11:/storage
    security_opt:
      - apparmor:unconfined
    sysctls:
      net.ipv4.ip_forward: 1
    networks:
      vlan:
        ipv4_address: 172.168.0.143
    ports:
      - 8006:8006
      - 3389:3389/tcp
      - 3389:3389/udp
    stop_grace_period: 2m
    restart: on-failure

networks:
  vlan:
    external: true

Not really sure why this doesn't work on my Intel N95 mini PC, but it seems to work just fine with my 5950X system.

(The setup is effectively identical between the two system, other than the fact that my Mini PC doesn't have a 3090 being that it's a 0.34L Mini PC. Both systems are running Proxmox as the hypervisor. Both systems are running an Ubuntu 20.04 LTS LXC container as the basis for the test platform. And I can also confirm with intel_gpu_top on the host system that the Intel UHD Graphics has been passed through to said Ubuntu 20.04 LXC container successfully.)

Thanks.

alpha754293 avatar Mar 16 '24 13:03 alpha754293

I am running this container on a Intel N100 (almost identical to N95) without problems (on Ubuntu bare-metal, not inside LXC).

Maybe add the privileged flag to the compose file, as seen here https://github.com/dockur/windows/issues/240#issuecomment-1988454499

kroese avatar Mar 16 '24 13:03 kroese

@kroese Sorry - forgot to add -- I am running in an _un_privileged LXC container, so I don't think that should be an issue.

(I haven't tried hardware passthrough with a privileged container yet. So far, all of my tests with hardware passthrough have been with unprivileged containers.)

Thank you.

alpha754293 avatar Mar 16 '24 13:03 alpha754293

Yes but it says operation not permitted so it sounds like a permission issue, thats why I suggest to try with privileged: true inside the compose file.

kroese avatar Mar 16 '24 13:03 kroese

@kroese Added privileged: true to the docker-compose.yml file and it still reports the same error.

<<snip>>
    ports:
      - 8006:8006
      - 3389:3389/tcp
      - 3389:3389/udp
    stop_grace_period: 2m
    restart: on-failure
    privileged: true

networks:
  vlan:
    external: true

Error message:

Creating win11 ... done
Attaching to win11
win11    | ❯ Starting Windows for Docker v2.07...
win11    | ❯ For support visit https://github.com/dockur/windows
win11    | 
win11    | ❯ Extracting local ISO image...
win11    | ❯ Detecting Windows version from ISO image...
win11    | ❯ Detected: Windows 11
win11    | ❯ Adding XML file for automatic installation...
win11    | ❯ Building Windows 11 image...
win11    | ❯ Creating a 32G growable disk image in raw format...
win11    | ❯ Installing Intel GPU drivers...
win11    | ❯ Installing OpenGL module...
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1
win11    | open: Operation not permitted
win11    | ❯ ERROR: Status 1 while: ip tuntap add dev "$VM_NET_TAP" mode tap (line 170/311)
win11 exited with code 1

Thank you.

alpha754293 avatar Mar 16 '24 13:03 alpha754293

Can you try adding this to the compose file:

    devices:
      - /dev/net/tun

kroese avatar Mar 24 '24 23:03 kroese