NOTE: This applies to WSL1 not WSL2
For WSL2, this is all completely unnecessary. You have a secure connection to the Docker daemon provided you're using the WSL2 backend (switchable in Docker settings).
No Port forwarding is required, and should you run
docker run --rm -p 80:80 nginx
within the WSL2 instance, you can just go to http://localhost
to access that nginx instance.
BUT there are many valid reasons to remain on WSL1, so this may still be useful to some.
Since I do a lot of web development, Docker is a must-have tool. This is a simple guide to using Docker on Windows– the supported Hyper-V enabled release. This will not cover the Docker Toolbox, which uses Virtualbox for the base image. The intent of this is to provide a kind-of-not-really native configuration for using the Windows Docker host from the WSL environment.
Since the Docker host is on Windows, some considerations must be made if you intend to mount local volumes in your images. The following steps will reference paths as if this is the desired outcome. The first thing that must be done to facilitate this is configure WSL to mount drives in the root /
directory. This is what Docker on Windows normally expects; i.e. to see your Windows home dir as /c/Users/coolguy
.
To do this, edit /etc/wsl.conf
, creating this file if not present:
$ sudo vim /etc/wsl.conf
With the contents (at least, other options are available):
Assuming you're WSL distro is Ubuntu 18.04 , run the following to terminate the process so the next time you run it, it spins up with the new settings:
PS C:\Users\coolguy> wsl -t "Ubuntu-18.04"
THE INSECURE WAY TO CONNECT TO DOCKER HOST
One option is to check this box in the your Docker settings:
And then throw the following lines into your .bashrc
, .bash_profile
, .zshrc
, or what-have-you.
export DOCKER_HOST=tcp://127.0.0.1:2375
export DOCKER_TLS_VERIFY=0
THE BETTER WAY, WITH NPIPERELAY
Thanks to John Starks over at MS, we can set up a secure connection to our Docker on Windows host. Enter npiperelay, "[w]ith it, you can use Windows named pipes from the Windows Subsystem for Linux (WSL)."
First, we need Go. We can cross-compile from WSL to a Windows binary, so let's grab it in Ubuntu and go from there. (The following is pretty much lifted wholesale from the repo's README).
$ sudo apt update && sudo apt install golang
Get the Go source and build the npiperelay.exe
binary.
$ go get -d github.com/jstarks/npiperelay
$ GOOS=windows go build -o /c/Users/coolguy/go/bin/npiperelay.exe github.com/jstarks/npiperelay
Symlink the new binary to your WSL path. This is just one of many ways to do so:
$ sudo ln -s /c/Users/coolguy/go/bin/npiperelay.exe /usr/local/bin/npiperelay.exe
Now we we need to write a script to facilitate the Docker engine connection. First, install socat
.
$ sudo apt install socat
Create a script to run the relay:
$ vim docker-relay.sh
with contents,
#!/bin/sh
exec socat UNIX-LISTEN:/var/run/docker.sock,fork,group=docker,umask=007 EXEC:"npiperelay.exe -ep -s //./pipe/docker_engine",nofork
And give it executable permissions,
$ chmod +x docker-relay.sh
RUNNING THE RELAY
# Trailing & to throw the process it in the background.
$ sudo ./docker-relay.sh &
No modifications have to be made to the default docker config on the WSL side, so let's just verify we're able to talk to it:
$ docker info
Which should present the same output as if you ran the command from a PS or CMD prompt.
Volumes
For mounted volumes, you won't be able to mount a path within WSL. You can mount directories within Windows. For example,
Top comments (0)