Installing and Configuring Docker on Windows Subsystem Linux (WSL)


Before you begin, make sure your system has approximately the following configuration:

  • Windows 10 Version 1803 Build 1734 and later
  • Ubuntu for WSL 16.0.4 LTS or something like that (your version may be slightly different)

It is important that the version and build of Windows is not lower than what is indicated here. The fact is that, starting with these numbers, fundamental changes have been made to the Windows WSL kernel that allow the use of cgroups (control groups – added to the Linux kernel in 2008). And they are necessary for Docker’s to manage the resources of your system in containers.

Install Docker-CE 09.17.0

We will install Docker Community Edition 17.09.0 (because at the time of this writing, more recent versions were falling when installing on WSL).

The first thing we will do is get rid of all previous Docker installations (if any). To do this, run the bash terminal and write the following:

$ sudo apt-get remove docker docker-engine containerd runc

Now install the repository for Docker CE. Through apt-get, we can install the desired version without having to build it from the sources ourselves. Following recommendations on the official Docker website, we write the following commands:

# Обновляем список пакетов
$ sudo apt-get update
# Устанавливаем необходимые пакеты, которые позволяют apt получить доступ по HTTPS
$ sudo apt-get install apt-transport-https ca-certificates curl gnupg2 software-properties-common

# Добавляем в свою систему ключ GPG официального репозитория Docker
$ curl -fsSL | sudo apt-key add -
#Добавляем репозиторий Docker в список пакетов:
$ sudo add-apt-repository "deb [arch=amd64] $(lsb_release -cs) stable"

# Обновляем данные о пакетах с учетом пакетов Docker из вновь добавленного репозитория
$ sudo apt-get update

If you’ve ever added a new repository using apt, all of this is familiar to you as a whole. If not, I hope you still stayed with me 🙂
Next, install Docker:

$ sudo apt-get install docker-ce=17.09.0~ce-0~ubuntu

If you are not using Ubuntu-style WSL, the list of available versions can be viewed like this:

$ apt list -a docker-ce

… or use a similar command from some other library if you abandoned APT

In the end, you need to add your current user to the ‘docker’ group in order to be able to correctly use the Docker Engine (“engine”), which must be run on your system with root privileges.

sudo usermod -aG docker $USER

Running Docker on Windows

Now that Docker is installed, we need to use a rather tricky method to start it as a service in WSL every time we boot Windows. This is not as easy as it may seem. We need to act on behalf of the superuser and run a command shell with elevated privileges, which complicates the task a bit.

To simplify the process a bit, create / usr / local / sbin / new file – a script that contains the appropriate commands to start the Docker service:

$ sudo nano /usr/local/sbin/

with the following contents:

#!/usr/bin/env bash
sudo cgroups-mount
sudo service docker start

The first sudo command is to mount cgroups (it will be executed at reboot), and the second gives the docker service to systemd (this is the Ubuntu subsystem for initializing and managing services).

Now let the script run and run it:

$ sudo chmod +x /usr/local/sbin/
# Запрещаем запись
$ sudo chmod 755 /usr/local/sbin/
$ /bin/sh /usr/local/sbin/

However, the Docker service will not start for two reasons:

  1. The script makes calls as the superuser, so the script itself must be run with superuser privileges in order to work as intended. In theory, doing this is as simple as writing any sudo command, but for this, the user must enter their data after each download, which is very annoying.
  2. The first command to mount cgroups must be run in bash with elevated privileges. To run it without user input, we have to use the Windows Task Scheduler.

All clear? Then to the point …

Running a script with root privileges without user input

On a Linux family OS file / etc / sudoers determines who and what can run with superuser privileges. Let’s modify it so that your user can call the script without having to constantly enter the root password. (But be very careful with this file! It is very easy to cut yourself out of the system if you don’t know what you are doing!)

$ sudo nano /etc/sudoers

Add a new line to the end of the file. In this case, you must know your user name exactly (run echo $ USER, if you are not sure):

 ALL=(ALL:ALL) NOPASSWD: /bin/sh /usr/local/sbin/

Now we can start the Docker service as root without user input:

$ sudo /bin/sh /usr/local/sbin/ 

Hooray, comrades!

Proper Docker Startup on Windows Boot

Now, when the system boots, we will be able to launch Docker as an administrator using a separate command that does not require user interaction.

Launch Windows Task Scheduler and select Task Scheduler Library in the left pane. Then select Create Task in the right pane.

Next, you will be prompted to edit the basic settings of the task. Give your task a clear name and make sure that the rest of the settings match mine. It is important that you choose Run with highest privileges.

In the tab Triggers add a new trigger that will start the task as soon as the local user logs in.

Switching to the tab Actions, create a new action that will run bash and immediately execute our script with with key:

-c "sudo /bin/sh /usr/local/sbin/"

Please note that this must be done with elevated privileges, so check the box Run with highest privileges on the tab General.

The rest of the parameters mainly depend on individual preferences, but I will show my settings. If you want, you can copy them. Some power settings may not appear if you are sitting on a stationary machine. Personally, I use a laptop.

Well, everything goes as we intended. If you didn’t start Docker in the previous stages using commands with elevated privileges, simply right-click on the task that we created in the Task Scheduler and select “Run”! That’s all!

Check that everything works

If you want to play it safe, reboot your car (yes, for this you’ll have to close your browser tabs for some time)run bash and type:

$ docker run --rm hello-world

If all goes well, you’ll see Docker’s standard greeting. The service will start automatically and directly in WSL! My congratulations!

Round off

You just installed and launched Docker in WSL. This means that your containers can now share Ubuntu already running on your system. Thus, there is no need to deploy a new (virtualized) OS, as a regular Docker for Windows does.

WSL Docker Performance So far [на момент написания оригинальной статьи] leaves much to be desired, but as the platform develops and Windows updates are released, it will only improve.

Used sources

  1. onomatopellan from github:
  2. Official Docker Documentation:
  3. cgroupfs-mount:
  4. Bash Command Line Interface:

Similar Posts

Leave a Reply Cancel reply