-
Notifications
You must be signed in to change notification settings - Fork 294
Windows Docker Daemon on Fusion VM
Allow a MacOS workstation to run a local Docker for Windows daemon in a VMware Fusion¹ Virtual Machine that is accessible by setting DOCKER_HOST
.
-
Download and Install VMware Fusion
- Use the free preview of Nautilus if possible: http://bit.ly/getnautilus
- Otherwise, if you have a Fusion license license: https://www.vmware.com/products/fusion/fusion-evaluation.html
- Choose Fusion Pro during install
- Otherwise, if you have a Fusion license license: https://www.vmware.com/products/fusion/fusion-evaluation.html
- Accept/enable all "Accessibility" helpers (
- if missed, Preferences -> Security -> Click "Allow" for VMWare extension
- Use the free preview of Nautilus if possible: http://bit.ly/getnautilus
-
Create a new Fusion Network Interface
- Open Fusion
- VMWare Fusion Menu -> Preferences -> Network tab -> Unlock -> + (Add Network)
- Default name is
vmnet2
- Default name is
- New network adapter:
- Enable NAT: Allow virtual machines ... (using NAT)
- Subnet IP: 192.168.2.0
- Click Apply
-
Download Windows 10 ISO Image
- https://www.microsoft.com/en-us/software-download/windows10ISO
- English, 64-bit
-
Install Windows 10 VM
- File -> New -> Pick Windows 10 iso
- Choose a password
- Choose: Windows 10 Pro
- Customize Settings:
- Save to default location
- Change Network Adapter to use your new network adapter (ex: vmnet2)
- Change RAM to at least 8192: Customized Settings -> Processors...
- Enabled nested virtualization: Customize Settings -> Processors... -> Advanced Options -> Enable hypervisor applications...
-
Start Windows 10 VM
-
Optional: Shutdown, Create Snapshot, Restart, Login
-
Perform First-time VM setup
- Log-off/Restart VM if prompted by dialogs
- Install Updates (Start Menu -> Type "Updates" -> Check for Updates -> Install Now)
-
Open this page on VM in Edge browser
-
Download Docker for Windows
-
Install Docker for Windows
- Check "Use Windows Containers instead of Linux Containers..."
- Choose "Close and Logout" at the end
-
Log in again after machine reboots
- Wait for Docker to start
- Note: some versions require an extra reboot to enable Hyper-V
-
Enable Docker Daemon TCP listening
- Docker Tray Icon -> Menu -> Settings -> Expose daemon on tcp://localhost:2375...
- Click Apply
- Manually restart: Right-click docker tray icon -> Restart (to ensure setting applies restarts)
-
Optional: Enable Insecure registries for VM IP
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
- Add:
"192.168.2.0/24"
to"insecure-registries":[],
- This allows registry containers to be run and pushed to and from the Host
- Add:
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
-
Optional: Set default container isolation to fastest
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
- Add:
"exec-opts": ["isolation=process"]
- Note: this means you can only run
:1809
images on Windows 10 version 1809
- Add:
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
-
Open Administrator Powershell
- Right-click Windows Icon -> Windows Powershell (Admin)
-
In Admin Powershell, add public port forward port, pointing to local docker port
netsh interface portproxy add v4tov4 listenport=23750 connectport=2375 connectaddress=127.0.0.1
- Warning: this allows anyone with access to your
192.168.2.0/24
network to reach your VM's daemon
- Warning: this allows anyone with access to your
-
In Admin Powershell, add firewall rule
New-NetFirewallRule -DisplayName DockerPublic -LocalPort 23750 -Protocol TCP
- Warning: this allows anyone with access to your
192.168.2.0/24
network to reach your VM's daemon
- Warning: this allows anyone with access to your
-
Optional: Shutdown, Create Snapshot, Restart, Login
-
In Admin Powershell, get IP address
"DOCKER_HOST=tcp://"+(Get-NetIPAddress -InterfaceAlias Ethernet0 -AddressFamily IPv4).IPAddress+":23750"
-
Open Terminal
-
In Terminal, set DOCKER_HOST
export DOCKER_HOST="tcp://<vm ip address>:23750"
-
In Terminal, test Docker
docker info # Expected output Client: Debug Mode: false Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 1 Server Version: 19.03.2 Storage Driver: windowsfilter Windows: Logging Driver: json-file Plugins: Volume: local Network: ics l2bridge l2tunnel nat null overlay transparent Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog Swarm: inactive Default Isolation: hyperv Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434) Operating System: Windows 10 Enterprise Evaluation Version 1809 (OS Build 17763.379) OSType: windows Architecture: x86_64 CPUs: 1 Total Memory: 4GiB Name: MSEDGEWIN10 ID: 5MKL:VDT7:YM72:IFOB:YTIC:2NTH:5YUO:VNN6:VMII:SUR7:DNQI:REVH Docker Root Dir: C:\ProgramData\Docker Debug Mode: true File Descriptors: -1 Goroutines: 27 System Time: 2019-10-09T09:04:13.5781811-07:00 EventsListeners: 1 Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine
If you can connect to the Docker Daemon but can't connect to any published container port, it may be related to this. I tried several workarounds but the only re-creating VM from scratch worked.
If you can't connect to your VM, your new Adapter (vmnet2) may be conflicting with your default adapter (vmnet8) IP address range. Your best option is to set your default network to a different IP range: https://spin.atomicobject.com/2017/04/03/vmware-fusion-custom-virtual-networks/
¹ Fusion is used for its VT-x (nested hypervisor) support, which is required to run Docker for Windows. There appears to be no open-source hypervisor for MacOS currently with this feature.