-
Notifications
You must be signed in to change notification settings - Fork 293
Windows Docker Daemon on Fusion VM
Allow a MacOS workstation to run a local Docker for Windows daemon in a VMware Fusion¹ Virtual Machine that is accessible by setting DOCKER_HOST
.
- Download and Install VMware Fusion
- Use the free preview of Nautilus if possible: http://bit.ly/getnautilus
- Otherwise, if you have a Fusion license license: https://www.vmware.com/products/fusion/fusion-evaluation.html
- Choose Fusion Pro during install
- Otherwise, if you have a Fusion license license: https://www.vmware.com/products/fusion/fusion-evaluation.html
- Accept/enable all "Accessibility" helpers
- if missed, Preferences -> Security -> Click "Allow" for VMWare extension
- Use the free preview of Nautilus if possible: http://bit.ly/getnautilus
- Create a new Fusion Network Interface
- Open Fusion
- VMWare Fusion Menu -> Preferences -> Network tab -> Unlock -> + (Add Network)
- Default name is
vmnet2
- Default name is
- New network adapter:
- Enable NAT: Allow virtual machines ... (using NAT)
- Subnet IP: 192.168.2.0
- Click Apply
- Download Windows 10 ISO Image
- https://www.microsoft.com/en-us/software-download/windows10ISO
- English, 64-bit
- Install Windows 10 VM
- File -> New -> Pick Windows 10 iso
- Choose a password
- Choose: Windows 10 Pro
- Customize Settings:
- Save to default location
- Change Network Adapter to use your new network adapter (ex: vmnet2)
- Change RAM to at least 8192: Customized Settings -> Processors...
- Enabled nested virtualization: Customize Settings -> Processors... -> Advanced Options -> Enable hypervisor applications...
- Start Windows 10 VM
- Optional: Shutdown, Create Snapshot, Restart, Login
- Perform First-time VM setup
- Log-off/Restart VM if prompted by dialogs
- Install Updates (Start Menu -> Type "Updates" -> Check for Updates -> Install Now)
- Download Docker for Windows
- Install Docker for Windows
- Check "Enable Hyper-V Windows Features..."
- Click "Close and Restart" at the end
- Log in again after machine reboots
- Wait for Docker to start
- Note: some versions require an extra reboot to enable Hyper-V
- Enable Docker Daemon TCP listening
- Docker Tray Icon -> Menu -> Settings -> Check
Expose daemon on tcp://localhost:2375
- Click
Apply & Restart
- Docker Tray Icon -> Menu -> Settings -> Check
- Optional: Enable Insecure registries for VM IP
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
- Edit the JSON config in the text box
- Add
"192.168.2.0/24"
to"insecure-registries"
, such as:{ "insecure-registries":["192.168.2.0/24"] }
- This allows registry containers to be run and pushed to and from the Host
- Click
Apply & Restart
- Optional: Set default container isolation to fastest
- Docker Tray Icon -> Menu -> Settings -> Docker Engine
- Edit the JSON config in the text box
- Add anywhere:
"exec-opts": ["isolation=process"],
- Note: this means you can only run
:1809
images on Windows 10 version 1809 for some images (servercore
andwindows
) - Click
Apply & Restart
- Open Administrator Powershell
- Right-click Windows Icon -> Windows Powershell (Admin)
- In Admin Powershell, add public port forward port, pointing to local docker port
netsh interface portproxy add v4tov4 listenport=23750 connectport=2375 connectaddress=127.0.0.1
- Warning: this allows anyone with access to your
192.168.2.0/24
network to reach your VM's daemon
- Warning: this allows anyone with access to your
- In Admin Powershell, add firewall rule
New-NetFirewallRule -DisplayName DockerPublic -LocalPort 23750 -Protocol TCP
- Warning: this allows anyone with access to your
192.168.2.0/24
network to reach your VM's daemon
- Warning: this allows anyone with access to your
- Optional: Shutdown, Create Snapshot, Restart, Login
- In Admin Powershell, get IP address
Get-NetIPAddress -InterfaceAlias Ethernet0 -AddressFamily IPv4
- Open Terminal
- In Terminal, set DOCKER_HOST
export DOCKER_HOST="tcp://<vm ip address>:23750"
- In Terminal, test Docker
docker info # Expected output Client: Debug Mode: false Server: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 1 Server Version: 19.03.2 Storage Driver: windowsfilter Windows: Logging Driver: json-file Plugins: Volume: local Network: ics l2bridge l2tunnel nat null overlay transparent Log: awslogs etwlogs fluentd gcplogs gelf json-file local logentries splunk syslog Swarm: inactive Default Isolation: hyperv Kernel Version: 10.0 17763 (17763.1.amd64fre.rs5_release.180914-1434) Operating System: Windows 10 Enterprise Evaluation Version 1809 (OS Build 17763.379) OSType: windows Architecture: x86_64 CPUs: 1 Total Memory: 4GiB Name: MSEDGEWIN10 ID: 5MKL:VDT7:YM72:IFOB:YTIC:2NTH:5YUO:VNN6:VMII:SUR7:DNQI:REVH Docker Root Dir: C:\ProgramData\Docker Debug Mode: true File Descriptors: -1 Goroutines: 27 System Time: 2019-10-09T09:04:13.5781811-07:00 EventsListeners: 1 Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine
If you can connect to the Docker Daemon but can't connect to any published container port, it may be related to this. I tried several workarounds but the only re-creating VM from scratch worked.
If you can't connect to your VM, your new Adapter (vmnet2) may be conflicting with your default adapter (vmnet8) IP address range. Your best option is to set your default network to a different IP range: https://spin.atomicobject.com/2017/04/03/vmware-fusion-custom-virtual-networks/
¹ Fusion is used for its VT-x (nested hypervisor) support, which is required to run Docker for Windows. There appears to be no open-source hypervisor for MacOS currently with this feature.