Join our Discord Server
Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).

How Docker Desktop for Windows works under the Hood?

4 min read

Docker Desktop for Windows is a version of the Docker platform that is designed to work on Windows operating systems. It allows developers to create, deploy, and run containerised applications on their Windows development machine. To run Windows containers, you need Windows 10 or Windows 11 Professional or Enterprise edition. Windows Home or Education editions will only allow you to run Linux containers.

Docker Desktop uses Hyper-V

Internally, Docker Desktop for Windows uses the Hyper-V technology built into Windows to create a lightweight virtual machine (VM) that runs the Docker Engine. This VM runs a minimal Linux distribution, such as Moby Linux, which is specifically designed to support the Docker Engine.

When you run a container on Docker Desktop for Windows, the Docker Engine in the VM creates a new container process and isolates it from the host operating system using the Linux kernel’s built-in containerization features. The container process runs inside the VM, but it can access the host’s filesystem, network, and other resources through a set of virtualized interfaces provided by the Docker Engine.

Components of Docker Desktop for Windows

Image1

In Docker Desktop for Windows, the various components you mentioned are part of the overall architecture that provides an easy-to-use environment for building, shipping, and running Docker containers. Here’s a brief description of each component:

1. Bootstrapper

The bootstrapper is the component responsible for setting up and starting the Docker engine in Windows. It performs tasks such as installing the Docker engine and configuring the necessary environment variables.

2. Life Cycle Controller

The life cycle controller is responsible for managing the lifecycle of containers, such as starting and stopping containers, and managing the resources allocated to containers.

The Windows native symlinks are visible within the containers as symlinks, whereas symlinks created inside a container are represented as mfsymlinks. These are regular Windows files with a special metadata. Therefore the symlinks created inside a container appear as symlinks inside the container, but not on the host.

3.Docker Proxy

The Docker proxy is a component that provides a secure, encrypted connection between the Docker client and the Docker engine. It acts as a bridge between the client and the engine, and helps to ensure that sensitive information, such as authentication credentials, are transmitted securely.

4. DockerD (Windows)

DockerD (Windows) is the Docker daemon that runs in the background on Windows. It communicates with the Docker client and provides the necessary resources to run containers.

5. CLI Plugins

CLI plugins are components that extend the functionality of the Docker client by adding new commands and options. They can be installed to add support for new technologies or to provide additional functionality beyond what is provided by the base Docker client.

These components work together to provide an easy-to-use environment for building, shipping, and running Docker containers on Windows. They allow users to manage containers, interact with Docker Hub, and access the Docker engine, all from a single, user-friendly interface.

6. Docker Integrated Package

In Docker Desktop for Windows, the Docker Integrated package is a feature that allows you to run the Docker daemon and client directly inside the Windows Subsystem for Linux 2 (WSL 2) virtual machine (VM) that Docker Desktop creates. This allows you to run Linux containers natively on the Windows host, without the need for a separate virtual machine (VM) to run the Docker Engine.

When you enable the Docker Integrated package in WSL 2, the Docker daemon and client are installed inside the WSL 2 VM, and the Docker Engine runs natively on the Linux kernel that WSL 2 uses. This means that you can use the Docker command line and API directly inside the WSL 2 VM, just as you would on a Linux machine.

The Docker Integrated package also allows you to access the host’s filesystem, network, and other resources from inside the WSL 2 VM. This is done by mapping the host’s resources to the WSL 2 file system and network interfaces, which makes them available to the Docker daemon and client running inside the WSL 2 VM.

The Docker Integrated package also includes an integration with the Windows Docker client, which allows you to use the Docker command line and API from the Windows host, while the actual container runs on the WSL 2 VM.

With the Docker Integrated package, you can use the same Docker commands and configuration files that you use on Linux, and you can run the same Linux containers that you would run on a Linux machine. This makes it easy to switch between Windows and Linux development environments without having to learn new tools or workflows.

Please note that the Docker Integrated package is an experimental feature and it’s still in development.

7. Docker Proxy

The Docker Proxy is a feature of Docker Desktop for Windows that allows you to run Linux containers on the Windows host, by routing the container’s network traffic through a proxy that runs inside the Windows Subsystem for Linux 2 (WSL 2) virtual machine (VM).

When you run a Linux container on Docker Desktop for Windows, the Docker Engine creates a new container process and isolates it from the host operating system using the Linux kernel’s built-in containerization features. However, the container process runs inside the WSL 2 VM, which is isolated from the host network and cannot access the host’s network resources directly.

The Docker Proxy feature allows the container to access the host’s network resources by routing the container’s network traffic through a proxy that runs inside the WSL 2 VM. The proxy listens for incoming traffic on the host’s loopback interface and forwards it to the container running inside the WSL 2 VM. This allows the container to access the host’s network resources, such as the host’s IP address and ports, as if it were running directly on the host.

The Docker Proxy feature also allows you to access the container’s network resources from the host, by routing the host’s network traffic to the container through the proxy. This allows you to access the container’s services, such as web servers or databases, using the host’s IP address and ports.

The Docker Proxy feature is enabled by default when you run Linux containers on Docker Desktop for Windows, and it’s transparent to the user.

Additionally, Docker Desktop for Windows allows you to run both Linux and Windows container at the same time by leveraging Windows Subsystem for Linux (WSL) 2. With this setup, you can run Linux containers on the WSL 2 virtualized Linux kernel, while still having access to the host’s resources.

Docker Desktop for Windows also includes a built-in Kubernetes engine, which allows you to deploy, scale and manage containerized applications using Kubernetes.

8. Containerd

In Docker Desktop for Windows, containerd is a core component that runs on the Windows host and provides the container runtime for the Docker Engine. It works in conjunction with the Windows Subsystem for Linux 2 (WSL 2) to enable running Linux containers on Windows.

When you run a Linux container, the Docker Engine sends a request to containerd to start the container. containerd then uses WSL 2 to launch a lightweight virtual machine (VM) that runs the container process inside. This VM runs a minimal Linux distribution, such as Alpine Linux, that is specifically designed to support the container runtime.

The container process runs inside the WSL 2 VM, but it can access the host’s filesystem, network, and other resources through a set of virtualized interfaces provided by containerd. These interfaces are implemented using the 9P protocol and are mapped to the host’s resources using the WSL 2 file system and network interfaces.

containerd also provides the container runtime, which is responsible for starting and stopping container processes, and managing their lifecycle. This runtime is based on the OCI (Open Container Initiative) runtime specification, which is an open standard for container runtimes.

In summary, Docker Desktop for Windows uses containerd to run Linux containers on Windows by leveraging the WSL 2 technology. containerd provides the container runtime and handles the communication between the host and the WSL 2 VM, while WSL 2 provides the virtualization and isolation of the container process from the host.

Please follow and like us:

Have Queries? Join https://launchpass.com/collabnix

Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).

This website uses cookies. By continuing to use this site, you accept our use of cookies. 

Join our Discord Server