Skip to main content

Posts

Showing posts from February, 2018

Secure nested LCOW: Part 3

Part 3: Getting all together After the configuration of the Docker daemon on the Nested Hyper-V VM (part 2), it's now finally time to configure the Docker client that will connect to it.

Once again, I will be using WSL as the main shell. However, if you choose to go with Powershell, it's OK too (simply I won't explain it here :).
Setup: Window 10 Docker Client first of all, the docker client needs to be installed in the WSL environment.
And this will be as easy as one command line, thanks to the Docker install script:
client:~$ curl -sSL https://get.docker.com/ | sudo sh
As the end of the log suggests, add your user to the docker group. This will require you to logoff in order to apply the change.
You can either close the WSL console window and open a new one (logoff / login), or a small trick is to "login again" using the "su" command:
client:~$ sudo usermod -aG docker $LOGNAME client:~$ sudo su - $LOGNAME Generate Docker client certification As the Do…

Secure nested LCOW: Part 2

What's in Part 2?After the configuration of the Host VM hypervisor (part 1), we will get the following components configured: Windows 2016 with nested Hyper-V, Containers and WSL rolesDocker daemon installed (no SSL)Docker daemon configured with SSL Setup: Windows 2016 Serverthis one will be longer, even if I will only list the commands and reference the guides I followed to have my Docker host configured inside the Hyper-V VM. Which means it will not contain any output and, more importantly, I won't put the explanations that the guides provide.
I strongly recommend that you click on the "source" links and look at their great content.

Also, I won't explain how to install the OS, just note that you should choose the Windows 2016 Server 1709 version (I picked the Standard version).
Adding the roles Add Hyper-V and the Containers rolesPS> Enable-WindowsOptionalFeature -Online -FeatureName containers -All -NoRestart PS> Enable-WindowsOptionalFeature -Online -Featur…

Secure nested LCOW: Part 1

The dreamMicrosoft Windows and Linux working together is a today reality! And while, my beloved, WSL is pretty much a work-in-progress, Docker and Containers are Production ready. That's why, when Docker and Microsoft announced the public availability of Linux Containers on Windows (LCOW), the next question from the community was: what if both "platforms" could run with only one daemon. Well, wait no more, the technology is here. Now!

Yet another guide? true, but believe me when I say that I followed very carefully the guides done by Docker and another by one of "my" captain, I ended several times in getting errors and no LCOW at all.
The frustration was so big that I decided to build a "new" environment step by step.
I'm nowhere near their level (I support an LMS cloud application in my day to day work), which means my setup is certainly less complex and at the same time more complicated, due to the fact I'm missing certain technical aspects here…

VSCode + WSL: the SSH way

The initial ideaearly 2017, Rich Turner made a demo where Visual Studio was used to develop C++ code, however the debugging environment targeted was WSL!
With some magic, he showed something that he had forbidden from the initial release of WSL: writting directly to the WSL filesystem (still a big no-no actually).

Of course, this triggered a lot of curiosity and the WSL Corsair had to loot from it too!
SSH to save the daythe biggest challenge was to find a way that not only could be easy to setup on both ends, and also would be approved by the WSL team. 
TLDR: if you use the Windows Path, You Die! #ThereBeDragons
Another way, more Linux-oriented, needed to be used and hopefully a solution already existed and was simply waiting on being used: SSH🔐
The setupthe setup is done in 2 distinct parts:
Setup the SSH server on WSLSetup the SSH client on VSCode While the SSH server is a standard procedure in Linux, finding the right plugin for VSCode was a bit more challenging.

Still I’m glad to say th…