Docker/Windows: Difference between revisions
< Docker
(→Config) |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 10: | Line 10: | ||
Docker Community Edition (CE) provides a standard runtime environment for containers with a common API and command-line interface (CLI). It is managed by the open source community as part of the Moby Project. | Docker Community Edition (CE) provides a standard runtime environment for containers with a common API and command-line interface (CLI). It is managed by the open source community as part of the Moby Project. | ||
Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1" -o install-docker-ce.ps1 | |||
.\install-docker-ce.ps1 | |||
src: | |||
https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1 | https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1 | ||
--- | |||
Get started: Prep Windows for containers | Get started: Prep Windows for containers | ||
| Line 21: | Line 24: | ||
https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon | https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon | ||
== | Install Docker Community Edition (CE) reference: | ||
Prepare Windows operating system containers | Microsoft Learn | |||
https://learn.microsoft.com/en-us/virtualization/windowscontainers/quick-start/set-up-environment?tabs=dockerce#windows-server-1 | |||
== Install Docker Server Edition == | |||
Just like Community Edition, but allows for Linux containers | |||
Enable containers: | |||
Enable-WindowsOptionalFeature -Online -FeatureName Containers | |||
Reboot: | |||
Restart-Computer -Force | |||
Install Docker: | |||
Install-Module -Name DockerMsftProvider -Repository PSGallery -Force | |||
Install-Package -Name docker -ProviderName DockerMsftProvider | |||
Restart: | |||
Restart-Computer -Force | |||
Start service: | |||
Start-Service Docker | |||
Stop-Service Docker | |||
Get-Service docker | |||
Server core: | |||
# 2022 | |||
docker pull mcr.microsoft.com/windows/servercore:ltsc2022 | |||
# 2019 | |||
docker pull mcr.microsoft.com/windows/servercore:ltsc2019 | |||
Run Linux Containers (Nested): | |||
Get-VM WinContainerHost | Set-VMProcessor -ExposeVirtualizationExtensions $true | |||
[Environment]::SetEnvironmentVariable("LCOW_SUPPORTED", "1", "Machine") | |||
Restart-Service docker | |||
daemon.conf: | |||
<pre> | |||
$configfile = @” | |||
{ | |||
“experimental”: true | |||
} | |||
“@ | |||
</pre> | |||
$configfile|Out-File -FilePath C:\ProgramData\docker\config\daemon.json -Encoding ascii -Force | |||
LCOW: | |||
Invoke-WebRequest -Uri "https://github.com/linuxkit/lcow/releases/download/v4.14.35-v0.3.9/release.zip" -UseBasicParsing -OutFile release.zip | |||
Expand-Archive release.zip -DestinationPath "$Env:ProgramFiles\Linux Containers\." | |||
Run ubuntu: | |||
docker run -it --rm ubuntu /bin/bash | |||
Switch back to Windows Containers: | |||
[Environment]::SetEnvironmentVariable("LCOW_SUPPORTED", "$null", "Machine") | |||
refs: | |||
Docker: Ejecutar containers Linux en Windows Server 2022 - Blog Virtualizacion | |||
https://www.maquinasvirtuales.eu/docker-ejecutar-containers-linux-en-windows-server-2022/ | |||
Run Docker on Windows Server 2019 / 2022 | ComputingForGeeks | |||
https://computingforgeeks.com/how-to-run-docker-containers-on-windows-server/ | |||
== Windows Test Image == | |||
Hello World: | Hello World: | ||
docker run hello-world:nanoserver | docker run hello-world:nanoserver | ||
Something more ambition - try run powershell: | |||
docker run -it mcr.microsoft.com/windows/servercore:ltsc2022 powershell | docker run -it mcr.microsoft.com/windows/servercore:ltsc2022 powershell | ||
| Line 32: | Line 106: | ||
C:\programdata\docker\config\daemon.json | C:\programdata\docker\config\daemon.json | ||
dockerd | Docker Docs | |||
https://docs.docker.com/reference/cli/dockerd/#/windows-configuration-file | |||
ref: | |||
* Configure Docker in Windows | Microsoft Learn - https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon | |||
== Isolation == | |||
Configure container isolation technology (Windows) | |||
https://docs.docker.com/reference/cli/dockerd/#configure-container-isolation-technology-windows | |||
For Windows containers, you can specify the default container isolation technology to use, using the '''--exec-opt isolation''' flag. | |||
The following example makes '''hyperv''' the default isolation technology: | |||
dockerd --exec-opt isolation=hyperv | |||
dockerd --exec-opt isolation=process | |||
If no isolation value is specified on daemon start, on Windows client, the default is '''hyperv''', and on Windows server, the default is '''process'''. | |||
== Isolation == | == Isolation == | ||
| Line 56: | Line 150: | ||
Update service to use docker-users group: | Update service to use docker-users group: | ||
# -G, --group string Group for the unix socket (default "docker") | |||
sc config docker binPath="C:\WINDOWS\system32\dockerd.exe --run-service --service-name docker -G docker-users" | sc config docker binPath="C:\WINDOWS\system32\dockerd.exe --run-service --service-name docker -G docker-users" | ||
sc config docker binPath="C:\Windows\System32\dockerd.exe --run-service --config-file=C:\ProgramData\docker\config\daemon.json" | |||
Restart service: | Restart service: | ||
| Line 77: | Line 174: | ||
DEPENDENCIES : | DEPENDENCIES : | ||
SERVICE_START_NAME : LocalSystem | SERVICE_START_NAME : LocalSystem | ||
</pre> | |||
daemon.json option: | |||
C:\ProgramData\docker\config\daemon.json | |||
<pre> | |||
{ | |||
"registry-mirrors": ["https://internal-docker-mirror:6609"], | |||
"group": "docker-users", | |||
"debug": true, | |||
"hosts": ["npipe://", "tcp://0.0.0.0:2375"], | |||
"experimental": false, | |||
"exec-opts": ["isolation=process"], | |||
"max-concurrent-downloads": 100, | |||
"max-concurrent-uploads": 100, | |||
"data-root": "C:\\docker_data", | |||
"storage-opts" : [ "size=200G" ] | |||
} | |||
</pre> | </pre> | ||
| Line 90: | Line 204: | ||
See https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon | See https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon | ||
== Docker in WSL == | |||
See [[Docker/Docker in WSL]] | |||
== keywords == | == keywords == | ||
Latest revision as of 07:10, 2 October 2024
Windows
Windows Containers GitHub
Github microsoft/Windows-Containers https://github.com/microsoft/Windows-Containers
Install Docker Community Edition
Docker Community Edition (CE) provides a standard runtime environment for containers with a common API and command-line interface (CLI). It is managed by the open source community as part of the Moby Project.
Invoke-WebRequest -UseBasicParsing "https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1" -o install-docker-ce.ps1 .\install-docker-ce.ps1
src:
https://raw.githubusercontent.com/microsoft/Windows-Containers/Main/helpful_tools/Install-DockerCE/install-docker-ce.ps1
---
Get started: Prep Windows for containers https://learn.microsoft.com/en-us/virtualization/windowscontainers/quick-start/set-up-environment?tabs=dockerce
Docker Engine on Windows https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon
Install Docker Community Edition (CE) reference:
Prepare Windows operating system containers | Microsoft Learn https://learn.microsoft.com/en-us/virtualization/windowscontainers/quick-start/set-up-environment?tabs=dockerce#windows-server-1
Install Docker Server Edition
Just like Community Edition, but allows for Linux containers
Enable containers:
Enable-WindowsOptionalFeature -Online -FeatureName Containers
Reboot:
Restart-Computer -Force
Install Docker:
Install-Module -Name DockerMsftProvider -Repository PSGallery -Force
Install-Package -Name docker -ProviderName DockerMsftProvider
Restart:
Restart-Computer -Force
Start service:
Start-Service Docker
Stop-Service Docker
Get-Service docker
Server core:
# 2022 docker pull mcr.microsoft.com/windows/servercore:ltsc2022
# 2019 docker pull mcr.microsoft.com/windows/servercore:ltsc2019
Run Linux Containers (Nested):
Get-VM WinContainerHost | Set-VMProcessor -ExposeVirtualizationExtensions $true
[Environment]::SetEnvironmentVariable("LCOW_SUPPORTED", "1", "Machine")
Restart-Service docker
daemon.conf:
$configfile = @”
{
“experimental”: true
}
“@
$configfile|Out-File -FilePath C:\ProgramData\docker\config\daemon.json -Encoding ascii -Force
LCOW:
Invoke-WebRequest -Uri "https://github.com/linuxkit/lcow/releases/download/v4.14.35-v0.3.9/release.zip" -UseBasicParsing -OutFile release.zip Expand-Archive release.zip -DestinationPath "$Env:ProgramFiles\Linux Containers\."
Run ubuntu:
docker run -it --rm ubuntu /bin/bash
Switch back to Windows Containers:
[Environment]::SetEnvironmentVariable("LCOW_SUPPORTED", "$null", "Machine")
refs:
Docker: Ejecutar containers Linux en Windows Server 2022 - Blog Virtualizacion https://www.maquinasvirtuales.eu/docker-ejecutar-containers-linux-en-windows-server-2022/
Run Docker on Windows Server 2019 / 2022 | ComputingForGeeks https://computingforgeeks.com/how-to-run-docker-containers-on-windows-server/
Windows Test Image
Hello World:
docker run hello-world:nanoserver
Something more ambition - try run powershell:
docker run -it mcr.microsoft.com/windows/servercore:ltsc2022 powershell
Config
C:\programdata\docker\config\daemon.json
dockerd | Docker Docs https://docs.docker.com/reference/cli/dockerd/#/windows-configuration-file
ref:
- Configure Docker in Windows | Microsoft Learn - https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-docker/configure-docker-daemon
Isolation
Configure container isolation technology (Windows) https://docs.docker.com/reference/cli/dockerd/#configure-container-isolation-technology-windows
For Windows containers, you can specify the default container isolation technology to use, using the --exec-opt isolation flag.
The following example makes hyperv the default isolation technology:
dockerd --exec-opt isolation=hyperv dockerd --exec-opt isolation=process
If no isolation value is specified on daemon start, on Windows client, the default is hyperv, and on Windows server, the default is process.
Isolation
Windows Server Containers use Hyper-V isolation by default on Windows 10 and 11 to provide developers with the same kernel version and configuration that will be used in production.
Switch to Windows Containers
& $Env:ProgramFiles\Docker\Docker\DockerCli.exe -SwitchDaemon .
Service
See service:
sc qc docker
Service is running as: docker
C:\WINDOWS\system32\dockerd.exe --run-service --service-name docker
Add a Docker Group to allow normal users to manage docker: (run as administrator)
net localgroup docker-users /add
Add user to group:
net localgroup docker-users [USER] /add
Update service to use docker-users group:
# -G, --group string Group for the unix socket (default "docker") sc config docker binPath="C:\WINDOWS\system32\dockerd.exe --run-service --service-name docker -G docker-users"
sc config docker binPath="C:\Windows\System32\dockerd.exe --run-service --config-file=C:\ProgramData\docker\config\daemon.json"
Restart service:
net stop docker net start docker
See updated service:
C:\> sc qc docker
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: docker
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\WINDOWS\system32\dockerd.exe --run-service --service-name docker -G docker-users
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Docker Engine
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
daemon.json option:
C:\ProgramData\docker\config\daemon.json
{
"registry-mirrors": ["https://internal-docker-mirror:6609"],
"group": "docker-users",
"debug": true,
"hosts": ["npipe://", "tcp://0.0.0.0:2375"],
"experimental": false,
"exec-opts": ["isolation=process"],
"max-concurrent-downloads": 100,
"max-concurrent-uploads": 100,
"data-root": "C:\\docker_data",
"storage-opts" : [ "size=200G" ]
}
Moby Project
Moby Project https://mobyproject.org/
What is Moby? Moby is an open framework created by Docker to assemble specialized container systems without reinventing the wheel. It provides a “lego set” of dozens of standard components and a framework for assembling them into custom platforms.