About Docker, NFS and WSL2

Hello, I’ve been dealing with a situation that I don’t know if it is a bug, a limitation or a missconfiguration on my side.

The thing is that I’ve been testing mountinf NFS shares on volumes in a container. There is a folder shared from a Ubuntu 18.04.5 and I have been able to mount it directly on my WSL2 Debian, but if I try to mount it in a ubuntu:22.04 container as a NFS volume it doesn’t work:

docker run --rm -it --mount ‘type=volume,src=nfs_test,volume-driver=local,dst=/nfs,volume-opt=type=nfs,volume-opt=device=:/mnt/nfs_test,“volume-opt=o=addr=,nfsvers=3”’ ubuntu:18.04
docker: Error response from daemon: error while mounting volume ‘/var/lib/docker/volumes/nfs_test/_data’: failed to mount local volume: mount :/mnt/nfs_test:/var/lib/docker/volumes/nfs_test/_data, data: addr=,nfsvers=3: permission denied.

If I take a look at /var/log/syslog at NFS server it sais something like:

rpc.mountd[35131]: refused mount request from for /mnt/nfs_test (/mnt/nfs_test): illegal port 64723

Forcing nfsvers=4 just says “operation not permited” instead and nothing on the server side.

Curiosly if I try the same operation directly from Windows powershell it works okay. Same thing from a ubuntu desktop of a co-worker. So it looks like WSL2 and Docker daemon thing.

edit.: Docker Desktop 4.10.1 (82475), Engine: 20.10.17, Compose: v2.6.1

Where is that Ubuntu running? Is it in a virtual machine or on a remote server on your LAN network?
Docker Desktop runs Docker in a virtual machine so the IP address that you need to allow can be different if you runthe NFS and Docker Desktop on the same physical machine or if you have multiple networks and Docker Desktop is using an other interface for outgoing traffic.

The ubuntu machine (not a vm) of my co-worker is on the same network, so the Ubuntu server which serves that NFS shared folder. My workstation is a laptop with Windows 11 and WSL2-Debian11, also on the same network.

I managed to ignore this part of your previous message… So it looks like you have a problem similar to this:

I don’t remember if I ever tried NFS volumes with Docker Desktop, so I just hope this helps. Read the answer below the acccepted one too, because that explains why it is a problem in a virtual machine and Docker Desktops runs Docker in a virtual machine. Not the same WSL distribution in which you probably managed to mount the NFS share.

Try that “insecure” setting on the server. If that works, you can still try to figure out if there is a more secure way to solve this.

Yes! I already got to that same thread and have tested with insecure param in the server and works, but of course that’s not an acceptable solution.
Thing is that I already changed WSL2s virtual network interface to bridge for other stuff to work and I though that would also affect Docker Desktops internal vm. Is that vm also using HyperV? Is there a way, maybe in Docker Desktop configuration file, to change adapter from NAT to bridge?

I didn’'t know it was possible. Docker Desktop has its own network. I don’t know any way to change more then the IP range, but that didn’t work for me either when I tried… If you can’t find a better solution, you cans till install Docker in a WSL distribution directly. You would not have a graphical interface, built-in Kubernetes and Docker extensions, but if you don’t need those, it is an option.

It depends. Since you have WSL, it is probably using the WSL backend, which is not HyperV. It uses the Virtualization Platform.

That’s a plausible solution.


1 Like