Home > Blog > Getting Started with Mirantis Container Runtime on Windows Server

Getting Started with Mirantis Container Runtime on Windows Server

Eric Gregory - September 28, 2021 - | | | |

If you’re a Windows Server container developer who uses Docker Swarm, relies on security features like FIPS 140-2 support, or simply runs in production, you may find yourself needing to migrate to Mirantis Container Runtime. 

Sound like you? We’ve got you covered. 

In this walkthrough, we’ll show you how to get started with Mirantis Container Runtime (MCR) in a matter of minutes, so you can focus on development. We’ll also help you set up the FIPS 140-2 cryptographic module and update the runtime.

System Requirements

MCR runs on Windows Server 2019 or later. Refer to the most up-to-date system requirements for Windows Server. 

For Windows Server 2022, your physical or virtual machine will need at least 512 RAM for the Server Core (or 2 GB for the Server with Desktop Experience)  and at least 32 GB of storage. Of course, your deployments may require resources over and above these minimum system requirements.

Installing Mirantis Container Runtime

From PowerShell, run the following installation helper script:

Invoke-WebRequest -Uri https://get.mirantis.com/install.ps1 -o install.ps1

Run the install script:

.\install.ps1

screenshot of install script in Windows server terminal

At this point, you’ll need to restart the machine:

Restart-Computer

In order to test your installation, you can run the hello-world container:

docker run hello-world:nanoserver

If everything is working properly, you should see the hello-world readout:

screenshot of hello-world readout within a Windows server terminal

Note: if you need to make an air-gapped installation, use the helper script as above and then run the installer with the -DownloadOnly flag:

.\install.ps1 -DownloadOnly

Then, simply copy the install.ps1 file to your air-gapped machine and run the installer in offline mode:

.\install.ps1 -Offline

Enabling FIPS 140-2 Support for Mirantis Container Runtime

The Federal Information Processing Standards (FIPS) Publication 140-2 specifies security requirements for cryptographic modules. To enable FIPS 140-2 support in MCR, simply run the following command once your MCR installation is up and running:

[System.Environment]::SetEnvironmentVariable("DOCKER_FIPS", "1", "Machine")

Restart the Docker service to apply the changes, then run docker info to ensure that FIPS 140-2 support is enabled.

Stop-Service docker

Start-Service docker

docker info

You should see the following in the docker info readout:

Labels:

 com.docker.security.fips=enabled

screenshot of docker info readout with arrow pointing to FIPS=enabled in the Windows server terminal

Enabling or Disabling Telemetry

By default, MCR monitors data in your installation in order to help us understand operational patterns and improve service for our users. If you would like to disable this data collection, it only takes a modification of the daemon.json file in your Docker config folder. 

On Windows Server, the default root directory is C:\ProgramData\docker\config — if you don’t already have a daemon.json file in this directory, you may need to create one. In this file, simply enter or change the following setting:

{"features":{"telemetry": false}}

If you wish to re-enable telemetry, you can change the setting back to true.

Updating Mirantis Container Runtime

Updates are made from the install.ps1 installer file. Just download and run the latest version of the installer as above to update your installation. 

Invoke-WebRequest -Uri https://get.mirantis.com/install.ps1 -o install.ps1

.\install.ps1

For further information, including installer parameters for customizing your configuration, see the documentation for Mirantis Container Runtime on Windows Server. Now that you’re up and running, you’re ready to explore the full range of MCR’s features and capabilities.

Subscribe to Mirantis Newsletter

Get blogs and other content delivered straight to your inbox.

FREE EBOOK!
Service Mesh for Mere Mortals
by Bruce Basil Mathews
DOWNLOAD
LIVE WEBINAR
Docker Swarm is Dead! Long Live Docker Swarm

Thursday, October 28 at 10:00am PDT
SAVE SEAT
LIVE WEBINAR
You've Got Kubernetes. Now You Need App-Focused Security Using Istio

Presented with Aspen Mesh
SAVE SEAT
LIVE WEBINAR
Defining a Kubernetes that just works, anywhere

Thursday, November 11 at 8:00am PST
SAVE SEAT
Mirantis Webstore
Purchase Kubernetes support
SHOP NOW

Eric Gregory

Eric Gregory is a Senior Technical Writer at Mirantis, based out of North Carolina.

Subscribe to Mirantis Newsletter

Get blogs and other content delivered straight to your inbox.

FREE EBOOK!
Service Mesh for Mere Mortals
by Bruce Basil Mathews
DOWNLOAD
LIVE WEBINAR
Docker Swarm is Dead! Long Live Docker Swarm

Thursday, October 28 at 10:00am PDT
SAVE SEAT
LIVE WEBINAR
You've Got Kubernetes. Now You Need App-Focused Security Using Istio

Presented with Aspen Mesh
SAVE SEAT
LIVE WEBINAR
Defining a Kubernetes that just works, anywhere

Thursday, November 11 at 8:00am PST
SAVE SEAT
Mirantis Webstore
Purchase Kubernetes support
SHOP NOW