0

I installed Docker Engine on WSL 2. I use the containerd binary as the default runtime. When I start the dockerd binary the /etc/docker/deamon.json and /etc/containerd/config.toml files are not taken into account.

I solved the problem with the /etc/docker/daemon.json file by creating an alias:

alias dockerd='sudo dockerd --config-file=/etc/docker/deamon.json'

When I execute dockerd, the alias configures the deamon to use the deamon.json configuration. Unfortunately, I cannot find a way to request the deamon to pass the configuration file to the containerd process.

My deamon.json file:

{
  "default-runtime": "containerd",
  "hosts": ["unix:///var/run/docker.sock"],
  "runtimes": {
    "containerd": {
      "path": "/usr/bin/containerd"
    }
  }
}

I tried to add runtimeArgs, but it didn't help:

"containerd": {
  "path": "/usr/bin/containerd",
  "runtimeArgs": [
    "-c=/etc/containerd/config.toml"
  ]
}

I think my configuration doesn't work becasue containerd requires setting parameters in a specific order:

containerd [GLOBAL OPTIONS] command [COMMAND OPTIONS] [ARGUMENTS...]

The --config (-c) option is a global option, so if the docker engine passes it at the end then the file is ignored.

A great solution to the problem would be to figure out why the default configuration files are not taken automatically. I couldn't find any valid reason, so I started looking how to pass those files manually.

Environment:

$ docker version
Client: Docker Engine - Community
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:02:46 2022
 OS/Arch:           linux/amd64
 Context:           linux
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:00:51 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.6
  GitCommit:        10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

$ containerd --version
containerd containerd.io 1.6.6 10c12954828e7c7c9b6e0ea9b0c02b01407d3ae1

$ uname -a
Linux DESKTOP-A9K3QEG 5.10.102.1-microsoft-standard-WSL2 #1 SMP Wed Mar 2 00:30:59 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
DISTRIB_CODENAME=jammy
DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS"
agabrys
  • 8,728
  • 3
  • 35
  • 73
  • This doesn't seem like a programming question; is there any application source code involved with this? I'll note that the setting to allow the Docker socket to listen on the network `tcp://0.0.0.0:2376` is a _major_ security risk, giving network-accessible unauthenticated root-level access to your system, and you really don't want to do that. – David Maze Jun 15 '22 at 10:03
  • Many of the Docker and K8s questions on StackOverflow are not related with programming (e.g. `kubectl` usage: https://stackoverflow.com/q/51468491/4944847). The unauthenticated tcp port is dangerous only if anyone has access to it. I removed it from the question because I don't want anybody to focus on it. – agabrys Jun 15 '22 at 10:14

0 Answers0