- Install and configure Ubuntu WSL
- Install application
- Docker in Windows without Docker Desktop
- Docker/Kubernetes Clients
- Git tricks
See items marked with ❤️🔥 to use winning variants
-
Download necessary version of docker binaries from https://docs.docker.com/engine/install/binaries/ and extract archive to
c:/Program Files, for example, using script in powershell. Run powershell as Administrator and call:Expand-Archive .\docker-20.10.9.zip -DestianationPath $Env:ProgramFiles
Files
docker.exeanddockerd.exewill be herec:/Program Files/docker/.We need only docker.exe and do not need
dockerd.exebecause it can start only Windows containers. To check it you can try to call as Admindockerd.exeand thendocker.exe pull ubuntu. Expected result:no matching manifest for windows/amd64 10.0.19043 in the manifest list entries -
Add path
c:/Program Files/dockerto environment variable PATH. It could be done with this powershell script:[Environment]::SetEnvironmentVariable("Path",$env:Path + ";c:/Program Files/docker", "Machine")
-
Install docker under Ubuntu WSL using these instructions https://docs.docker.com/engine/install/ubuntu/
-
To provide ability to call
dockerin WSL withoutsudoadd current user todockergroupsudo groupadd docker sudo usermod -aG docker $USER -
Configure dockerd to run (one of)...
👉 over http with access from Windows
⤵️ Edit/etc/profilefunction rundocker(){ ## Use this variant in case when `localhostForwarding` in `/etc/wsl.conf` is unset or equal to `false` #DOCKER_HOST=`ifconfig eth0 | grep -E "inet ([0-9]{1,3}.){3}[0-9]{1,3}" | head -1 | awk '{ print $2 }'` DOCKER_HOST=localhost WIN_CLIENT="/mnt/c/Program Files/docker/docker.exe" "$WIN_CLIENT" context rm -f wsl > /dev/null "$WIN_CLIENT" context create wsl --description "dockerd in WSL" --docker "host=tcp://$DOCKER_HOST:2375" "$WIN_CLIENT" context use wsl sudo dockerd -H $DOCKER_HOST -H "unix:///var/run/docker.sock" --tls=false } export -f rundocker
Details...
⚠️ Be aware of this warnings:Binding to IP address without --tlsverify is insecure and gives root access on this machine to everyone who has access to your network. host="tcp://172.27.117.140:2375" Binding to an IP address, even on localhost, can also give access to scripts run in a browser. Be safe out there! host="tcp://172.27.117.140:2375"⤵️ ❤️🔥 Run docker daemon on Windows startup using Task Scheduler (taskschd.msc)$task = New-ScheduledTaskAction -Execute "C:\Windows\System32\wsl.exe" -Argument '-u root bash -c "(source /etc/profile && rundocker &) && sleep 10"' $trigger = New-ScheduledTaskTrigger -AtLogon $settings = New-ScheduledTaskSettingsSet -DontStopIfGoingOnBatteries -AllowStartIfOnBatteries Register-ScheduledTask RunDocker -Action $task -Trigger $trigger -Settings $settings
⤵️ Run docker daemon on Windows startup using Startup folderOpen Startup folder
Win+R -> shell:common startup(usuallyC:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp) and create .bat script with contentC:\Windows\System32\wsl.exe g -u root bash -c "(source /etc/profile && rundocker &) && sleep 10"⤵️ To stop docker daemon manuallysudo kill $(ps faux | grep 'dockerd' | grep -vw grep | awk '{ print $2 }')
⤵️ To run docker daemon manuallyrundocker &👉 without access from Windows, using systemd
⚠️ this method raises questions. Firstly, I do not know how to get access from Windows, e.g. cmd.exe. Secondly,systemdis a kind of overhead.⚠️ TBD try to enable systemd: https://youtu.be/DmfuJzX6vJQ?t=459⤵️ Add systemd support (about script, about Linux Software Repository for Microsoft Products)wget --content-disposition \ "https://gist.githubusercontent.com/djfdyuruiry/6720faa3f9fc59bfdf6284ee1f41f950/raw/952347f805045ba0e6ef7868b18f4a9a8dd2e47a/install-sg.sh" chmod +x ./install-sg.sh # use here appropriate version from https://packages.microsoft.com/ubuntu/ sed -i -E 's/(UBUNTU_VERSION)=".+"/\1=21.04/g' ./install-sg.sh ./install-sg.sh
Then Exit the WSL terminal and shutdown the WSL env:
wsl --shutdown
To open a new WSL terminal with systemd enabled, run:
wsl genie -s
Details...
⚠️ In you have an error like$ wsl genie -s Timed out waiting for systemd to enter running state. This may indicate a systemd configuration error. Attempting to continue. Failed units will now be displayed (systemctl list-units --failed): UNIT LOAD ACTIVE SUB DESCRIPTION ● systemd-remount-fs.service loaded failed failed Remount Root and Kernel File Systems LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 1 loaded units listed.then disable this service
sudo systemctl mask systemd-remount-fs.service
then
wsl --shutdownand retrywsl genie -s⚠️ In you have an error (reproduced in Ubuntu 21.10) likeWARN[2021-11-05T17:20:57.078243654+04:00] grpc: addrConn.createTransport failed to connect to {unix:///var/run/docker/containerd/containerd.sock 0 }. Err :connection error: desc = "transport: Error while dialing dial unix:///var/run/docker/containerd/containerd.sock: timeout". Reconnecting... module=grpc failed to start daemon: Error initializing network controller: error obtaining controller instance: unable to add return rule in DOCKER-ISOLATION-STAGE-1 chain: (iptables failed: iptables --wait -A DOCKER-ISOLATION-STAGE-1 -j RETURN: iptables v1.8.7 (nf_tables): RULE_APPEND failed (No such file or directory): rule in chain DOCKER-ISOLATION-STAGE-1 (exit status 4))then switch from
nf_tablestoip_tables(see link1, link2):$sudo rm -rd /var/run/docker* # Ubuntu 21.10 uses nf_tables intead of ip_tables $/sbin/iptables --version $/usr/sbin/iptables-legacy --version $ sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
⤵️ Run docker daemon on Windows startup using Task Scheduler (taskschd.msc)$task = New-ScheduledTaskAction -Execute "C:\Windows\System32\wsl.exe" -Argument 'genie -s' $trigger = New-ScheduledTaskTrigger -AtLogon $settings = New-ScheduledTaskSettingsSet -DontStopIfGoingOnBatteries -AllowStartIfOnBatteries Register-ScheduledTask RunDocker -Action $task -Trigger $trigger -Settings $settings
⤵️ Run docker daemon on Windows startup using Startup folderOpen Startup folder
Win+R -> shell:common startup(usuallyC:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp) and create .bat script with contentC:\Windows\System32\wsl.exe genie -s
⤵️ How to run docker daemon manuallyC:\Windows\System32\wsl.exe genie -s👉 over https with access from Windows too
TBD
👉 over channels?
TBD
Way 2. Using nerdctl from Rancher Desktop instead of docker
docker available everywhere - not only in bash under WSL. Secondly, nerdctl is not docker, so it could bring unexpected problems (e.g. nerdctl does not have --ip param for nerdctl run, who knows what else difference exist). But Rancher Desktop can be used as separate container orchestrator.
nerdctl -n docker run -p 3000:3000 grafana/grafana, checked and then stopped container via ctrl+c or stop. After it, I cannot run it again until rebooting.
- Install
Rancher Desktop - Run and choose some version of Kubernetes
- Tick
WSL Integration -> Ubuntu. Link/home/<wsl-user>/.kube/config -> /mnt/c/Users/<win-user>/.kube/configwill be created. - This step is required if you are using appendWindowsPath=false
Thereby
mkdir -p ~/.local/bin WIN_USER=<type-him> ln -s /mnt/c/Users/$WIN_USER/AppData/Local/Programs/Rancher\ Desktop/resources/resources/win32/bin/nerdctl.exe /home/$USER/.local/bin/nerdctl #ln -s /mnt/c/Users/$WIN_USER/AppData/Local/Programs/Rancher\ Desktop/resources/resources/win32/bin/kubectl.exe /home/$USER/.local/bin/kubectl #ln -s /mnt/c/Users/$WIN_USER/AppData/Local/Programs/Rancher\ Desktop/resources/resources/win32/bin/helm.exe /home/$USER/.local/bin/helm #ln -s /mnt/c/Users/$WIN_USER/AppData/Local/Programs/Rancher\ Desktop/resources/resources/win32/bin/kuberlr.exe /home/$USER/.local/bin/kuberlr #ln -s /mnt/c/Users/$WIN_USER/AppData/Local/Programs/Rancher\ Desktop/resources/resources/win32/bin/kim.exe /home/$USER/.local/bin/kim source ~/.bashrc
nerdctlwill be available in WSL for current user. Also you can link programs to/usr/bin/nerdctlto share it for all users. - Lets create alias
docker -> nerdctlwith hardcoded namespace name (inRancher Desktop) where all images will be pull in. Add to~/.bash_aliasesor/etc/aliases:Thereby#nerdctl as docker alias docker='nerdctl -n docker'
nerdctlcan be used asdockerbut this is possible only in bash under WSL (think about how to make link or script to fix parameter).
sudo apt-get install -y python3 python3-pip
pip3 install --user docker-compose
~/.bashrc if it has not still done.
export DOCKER_HOST=tcp://localhost:2375
TypeError: load_config() got an unexpected keyword argument 'config_dict' try to call scripts:
pip3 uninstall docker-compose
pip3 uninstall docker-py docker
pip3 install --user -U docker-compose
See Setting Up Docker for Windows and WSL to Work Flawlessly
I caught error
Error: net::ERR_CONNECTION_REFUSED at http://host.docker.internal:6006?path=...withdocker-chromiumhaving run underjet-puppeteer-dockerin Jetbrains Idea (only there). The only way to fix it was found:
- Install Docker Desktop and clone folder
c:\Program Files\Dockerasc:\Program Files\Docker_. After that Docker Desktop can be removed. - Then make steps above to unpack binaries. Then copy with a replace files
docker.exeandcom.docker.cli.exefromc:\Program Files\Docker_\Docker\resources\bin\toc:\Program Files\Docker. - I do not know why it is so. Despite
docker.exeis just client todockerdin WSL, but it makes some difference. When we use not-patched version ofdocker.exethen/etc/hostsdoes not contains needed alias. But when we use patched version ofdocker.exefrom Docker Desktop (with requiredcom.docker.cli.exe) then it gets OK. I suggested that a problem is hidden in difference of versions and checked it. Probably, Nope.Docker 20.10.10, build b485636from Docker DesktopDocker 20.10.9, build c2ea9bcfrom binariesDocker 20.10.10, build b485636from binaries
- At the same time do not touch
docker-compose.exe, leave original version