By Al Crowley, TCG Principal Engineer
Docker is the #1 most wanted and #2 most loved developer tool, and helps millions of developers build, share and run any app, anywhere - on-prem or in the cloud. Accelerate how you build, share, and run modern applications.
Running Docker containers on a Windows 10 PC has been difficult for the last few years. It’s even more difficult if you want to run VirtualBox virtual machines (VM) at the same time. A casual Google search will turn up droves of postings saying that you absolutely can not do both at once.
- Docker for Windows supports 64-bit Pro and Enterprise editions of Windows 10 only. Download and Install Docker For Windows The first step is to download and install Docker for Windows.
- If you’ve ever tried to install Docker for Windows, you’ve probably came to realize that the installer won’t run on Windows 10 Home. Only Windows Pro, Enterprise or Education support Docker.
The problem is that Docker on Windows required you to enable the Hyper‑V hypervisor but VirtualBox 5.x will not run while Hype‑V is active. The docker+VM on Windows OS question has been asked and answered so many times over the years that search results are flooded with the same outdated answer: No, you can’t have both. For some of us, this gets further complicated by people saying you can’t even use Hyper‑V at all on the Windows 10 Home version. Well, things are changing — but you have to really dig deep on the web to get the info you need to make it happen.
Two recent changes have turned things around. First, VirtualBox 6 has an ‘experimental’ support for Hyper‑V. Second, the upcoming Windows Subsystem for Linux version 2 fully supports docker using Hyper‑V, even on Windows Home edition.
Windows Subsystem for Linux (WSL) is really great for developers who want to install Windows on their PC. It allows you to install a Linux as a peer operating system to Windows that you can easily access through a Linux terminal. WSL version 1 did have some limitations though. A big one for me is that the system call emulation layer Microsoft provides could not support Docker.
WSL2 is big update—faster file system, support for directly running the Linux kernel on Hyper‑V. It is scheduled for the “20H1” update that will be released in the spring of 2020—but you can get it now if you join the Windows Insider program. Instructions for that are found in the Windows Insider Program User Guide. Once you have an updated version of Windows, install of WSL2 is easy enough if you follow the instructions on Microsoft’s website.
Installing VirtualBox 6 is simple and you can find the install on the VirtualBox download page. It can be a little tricky to get some VMs running now that you have Hyper‑V enabled. For me, when I tried to restart an old VM, or create a new one using the defaults, I would get an error right away.
To get your VMs working, you will need to go into the VM settings, choose the System section, go into the Acceleration tab, and select Hyper‑V as the Paravirtualization Interface. You may also have to disable the I/O APC checkbox on the Motherboard tab. I’ve found some guest OS crash with it checked, but if it works for you, then leave it as is. THEN, you need to add an obscure setting to the .vbox file associated with your VM image:
I found that tip about the UseRing0Runloop setting on a forum posting that I was lucky enough to stumble upon.
This is working for my setup. Running with these beta test level features does have a few downsides. The VirtualBox VM performance is noticeably slower running this way. It is also a little unstable and you will get intermittent guest OS crashing that you didn’t have before. That’s ok for me since I’m using this for development work so it’s easy enough to restart the VM when it happens. On the WSL side, version 2 is a big improvement. Anything that touches the filesystem is much, much faster. Then we have Docker support, of course, which is why I went through all this in the first place. Unfortunately, I am seeing that some base container images will crash on Docker. I’ve found Centos to be problematic, but Ubuntu works without a problem. Microsoft is still working on WSL2 and judging by the forums, container support is getting better.
This is most definitely not a good fit for most people, but for me, this is an improvement over my old setup. The instability is a little annoying at times. As of right now, January 2020, every component is still in development: Fast ring Insider version of Windows 10, beta version of WSL2, and experimental support for Hyper‑V in VirtualBox. With that said, I’ve been able to do things with Docker containers and WSL that were just not possible a few months ago—and I really like that.
When you follow my blog for a while you probably know that running Windows Containers on Windows 10 had some disadvantages compared to a Windows Server. On Windows 10 every Windows Containers has to be run in Hyper-V isolation mode.
With the latest release of Docker Desktop on Windows 10 1809 you now can run Windows Containers in process isolation mode. What's the benefit you might think.
In the past process isolation was only possible with Windows Server. The Windows 10 operating system uses the same kernel, but with different settings. With this pull request https://github.com/moby/moby/pull/38000 that got merged into Docker 18.09.1 it is now possible to use it on Windows 10 as well.
- You can start more Windows Containers on your machine as they consume less resources
- Containers normally start faster than in hyperv isolation mode
- You can 'see' the isolated processes and what they are doing
Visible container processes
Especially for developers this is a great enhancement, because you now can use tools like Task Manager, Process Monitor and others to inspect your container processes from the host. I've blogged How to find dependencies of containerized Windows apps about a year ago. Now you do not longer need to spin up a Windows Server VM to do that, your Windows 10 machine is all you need.
Let's try this out with a small web server I have created for the Chocolatey Fest conference last October that's running in a Windows Nanoserver 2019 container.
Open up a PowerShell terminal and start a Windows container with this command
Run Docker Windows 10
The command will pull the Docker image from Docker Hub, starts the web server as a container and forwards port 8080 to it.
Now you can access the web server with your browser or by typing this command
The web server should show you a sweet photo and the name of the container stamped on it.
As you can see in the screen shot you can see the
node.exe process in the Task Manager. If you have the Sysinternals Process Monitor installed you also can see what the containerized process is doing. This is great when you create an own Docker image from your or a 3rd-party app and something doesn't work as expected or the exe file just doesn't want to start inside the container.
Windows image version must match kernel version
The only caveat using the process isolation mode is that the Windows base image that is used for a Docker image must match the kernel of your Windows 10 machine.
I've tried process isolation on a Windows Insider 18xxx machine, but here you are out of luck and you have to run the 1809 images in default Hyper-V isolation mode.
Can I run Windows Containers in VirtualBox?
I run all these tests in VMware Fusion on my Mac, spinning up a Windows 10 1809 VM with Vagrant. You can try it yourself with the given
Vagrantfile in the repo.
For a full Docker Desktop experience you need VMware Fusion as it provides nested virtualization. This is needed to activate Hyper-V in the Windows 10 VM. Docker Desktop runs fine in that VMware VM and you can try out Linux and Windows containers in it.
From time to time I get asked if people can also use VirtualBox. In the past I had to say 'no' you can't use a Windows 10 VM and then run Windows Containers in it. But with process isolation there is a first breakthrough.
Danger zone for early adopters
I've tried that with VirtualBox to see what happens. The installation of Docker Desktop works without a problem. When you start Docker Desktop for the first time the following error will appear
Sure, Hyper-V does not work in a VirtualBox VM, that's why the MobyLinuxVM could not be started. But now you can switch to Windows containers in the context menu.
After a few seconds the Windows Docker engine is up and running. Open a PowerShell terminal and run the appetizer app as described above.
Voila! It works.
Try something different with an interactive nanoserver container with a CMD shell
Beginning with Windows 10 1809 and Docker 18.09.1 you can use the more lightweight process isolation mode for Windows Containers. Linux Containers still need Hyper-V installed to run them in Docker Desktop.
If you liked this blog post please share it with your friends. You can follow me on Twitter @stefscherer.