-
-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Everything that changed in my fork of this repo #56
Conversation
…running wsl --import
I've had a read through and this looks really good, I'd be interested in adding an option for enabling full docker within NixOS with I'd be happy to raise a PR to extend on the above to let someone choose, native docker or Docker for Windows. |
I have actually used native docker in NixOS-WSL for quite a while. That is until the docker daemon did not start anymore (probably after a nixpkgs update). If you find a way to fix it, that'd be great! |
It's because in 21.11 we switched from using iptables to nftables through a compatibility layer. You can set an extraOptions and do I was going to try and pin docker, systemd & iptables/nftables to 21.05 nixpkgs in my flake.nix but this feels janky and not the solution. Edit: NixOS/nixpkgs#81172 |
The interesting thing is, that I have multiple hosts (with NixOS on hardware) on 21.11, which run docker just fine. They are using the exact same revision of nixpkgs as my WSL host |
Same, I’m using 21.11 in production with zero issues with docker. There’s something funky around it running in WSL. |
I'm using 21.11 in WSL and with docker but I had to recompile the WSL kernel by enabling all nftables modules |
How did you do this @elebeaup - Do you have some example nix for the modules needed? |
$ git clone --depth 1 https://github.com/microsoft/WSL2-Linux-Kernel.git
$ cat <<EOT >> Microsoft/config-wsl
CONFIG_NFT_CT=y
CONFIG_NFT_COUNTER=y
CONFIG_NFT_CONNLIMIT=y
CONFIG_NFT_LOG=y
CONFIG_NFT_LIMIT=y
CONFIG_NFT_MASQ=y
CONFIG_NFT_REDIR=y
CONFIG_NFT_NAT=y
CONFIG_NFT_TUNNEL=y
CONFIG_NFT_OBJREF=y
CONFIG_NFT_QUEUE=y
CONFIG_NFT_QUOTA=y
CONFIG_NFT_REJECT=y
CONFIG_NFT_REJECT_INET=y
CONFIG_NFT_COMPAT=y
CONFIG_NFT_HASH=y
CONFIG_NF_SOCKET_IPV4=y
CONFIG_NF_TPROXY_IPV4=y
CONFIG_NFT_REJECT_IPV4=y
CONFIG_NF_SOCKET_IPV6=y
CONFIG_NF_TPROXY_IPV6=y
CONFIG_NFT_REJECT_IPV6=y
# CONFIG_KCSAN is not set
EOT
$ make KCONFIG_CONFIG=Microsoft/config-wsl
|
In case it's of interest, here's an alternative way to work around the hard linking issue (it worked when I wrote it; I haven't confirmed that it still works): TeofilC@cccb4e9 |
Thank you @TeofilC! I used the workaround to imporove upon the installer. I don't really want to modify the final system's derivations by replacing hardlinks with symlinks there. It should't be a problem for the installer tarball though, because none of those files remain in the installed system anyway |
Nice! I'm glad you found it helpful |
The changes that I have implemented in my fork of this repo can't be separated easily anymore, so I have put all of them in one PR.
#53, #45 and #39 are integrated in this pull request
wsl --import
instead. Importing the system tarball can fail with an "Unspecified Error". One of the causes for this error (at least in my testing) is any hard-link being present in the tarball. The installer mitigates this issue by including only a statically-compiled version of busybox, that is used to unpack the system tarball when starting the system for the first timeFixes #30
Fixes #32
Fixes #34
Fixes #35
Fixes #50
Fixes #51
Fixes #57