If you’re a Windows Server container developer who uses Docker Swarm, relies on security features like FIPS 140-2 support, or simply runs in production, you may find yourself needing to migrate to Mirantis Container Runtime.
Sound like you? We’ve got you covered.
In this walkthrough, we’ll show you how to get started with Mirantis Container Runtime (MCR) in a matter of minutes, so you can focus on development. We’ll also help you set up the FIPS 140-2 cryptographic module and update the runtime.
MCR runs on Windows Server 2019 or later. Refer to the most up-to-date system requirements for Windows Server.
For Windows Server 2022, your physical or virtual machine will need at least 512 RAM for the Server Core (or 2 GB for the Server with Desktop Experience) and at least 32 GB of storage. Of course, your deployments may require resources over and above these minimum system requirements.
Installing Mirantis Container Runtime
From PowerShell, run the following installation helper script:
Invoke-WebRequest -Uri https://get.mirantis.com/install.ps1 -o install.ps1
Run the install script:
At this point, you’ll need to restart the machine:
In order to test your installation, you can run the hello-world container:
docker run hello-world:nanoserver
If everything is working properly, you should see the
Note: if you need to make an air-gapped installation, use the helper script as above and then run the installer with the
Then, simply copy the install.ps1 file to your air-gapped machine and run the installer in offline mode:
Enabling FIPS 140-2 Support for Mirantis Container Runtime
The Federal Information Processing Standards (FIPS) Publication 140-2 specifies security requirements for cryptographic modules. To enable FIPS 140-2 support in MCR, simply run the following command once your MCR installation is up and running:
[System.Environment]::SetEnvironmentVariable("DOCKER_FIPS", "1", "Machine")
Restart the Docker service to apply the changes, then run
docker info to ensure that FIPS 140-2 support is enabled.
Stop-Service docker Start-Service docker docker info
You should see the following in the
docker info readout:
Enabling or Disabling Telemetry
By default, MCR monitors data in your installation in order to help us understand operational patterns and improve service for our users. If you would like to disable this data collection, it only takes a modification of the daemon.json file in your Docker config folder.
On Windows Server, the default root directory is
C:\ProgramData\docker\config — if you don’t already have a
daemon.json file in this directory, you may need to create one. In this file, simply enter or change the following setting:
If you wish to re-enable telemetry, you can change the setting back to
Updating Mirantis Container Runtime
Updates are made from the
install.ps1 installer file. Just download and run the latest version of the installer as above to update your installation.
Invoke-WebRequest -Uri https://get.mirantis.com/install.ps1 -o install.ps1 .\install.ps1
For further information, including installer parameters for customizing your configuration, see the documentation for Mirantis Container Runtime on Windows Server. Now that you’re up and running, you’re ready to explore the full range of MCR’s features and capabilities.