mcc
Last year I had Docker briefly running on my Win10 machine, just long enough to verify it was working, then today I ran it and it said it can't run because of my BIOS settings. Is this surprising? Does this imply I changed my BIOS, possibly by accident, sometime in the last nine months? If I changed out my boot disk, might that have reset some BIOS settings?
Aug 5, 2023 at 9:30pmWeb
Show threadmccAug 5, 2023
Follow up question: In my testing, it appeared that Docker Desktop for Windows reserved 2GB of RAM for each of its virtual machines (seemingly due to something about how WSL works). It was not 100% clear to me if this reserved RAM block could be swapped out but I assume not. Do Docker Desktop on Mac and Linux have a similar issue (IE that each VM hardwire-reserves a fixed amount of RAM regardless of how much it is using at any one moment?)
Show threadTylerReidAug 5, 2023
@mcc On Mac and windows it has to run a Linux vm that the containers end up running in, which means it has to reserve memory for the vm. On Linux the containers are just fancy processes running in different namespaces, so there should be none of that overhead on Linux.
Show threadнабAug 5, 2023
@treid @mcc (strictly, it doesn't /need/ to reserve any significant amount of memory, since a correctly-configured hypervisor/linux-guest pair can allocate and free host memory on demand, as demonstrated in https://hocus.dev/blog/qemu-vs-firecracker/#qemu-is-not-perfect-though. of course, this would require docker/win32 to configure the hypervisor and guest correctly, which it clearly isn't)
Why We Replaced Firecracker with QEMU | Hocus Blog

Firecracker is not the best choice for all kinds of workloads.

Show threadTylerReidAug 6, 2023
@nabijaczleweli @mcc You can configure docker desktop to use wsl2 vms on windows, and those have a better time cooperating with resources instead of just taking out a slab of memory on start in my experience. I think Mac just does the big vm to stuff things in thing though.
Show threadFilipi LimiAug 5, 2023
@treid @mcc can confirm this excellent short version
Show threadGlyphAug 5, 2023
@mcc I think that windows is the only platform that runs the containers in separate VMs by default, so on most other configurations you get a single VM whose memory you can tune how you like; per-container resource constraints are tunable at `docker run` time https://docs.docker.com/config/containers/resource_constraints/
"Runtime options with Memory, CPUs, and GPUs"

"Specify the runtime options for a container"

Docker Documentation
Show threadAlistair YoungAug 5, 2023

@mcc

Unless something has gone very sideways, there should be only one not-quite-VM involved in running Linux containers using Docker Desktop for Windows; the one which runs WSL. Docker runs every container as a Linux namespace (like regular docker) inside a specialized WSL 2 distro, each of which also runs as a Linux namespace inside a single Linux root.

Show threadAlistair YoungAug 5, 2023

@mcc

This memory it uses is mostly swappable. You can check this with Process Explorer or the like - look at the "vmmemWSL" process when it's idle and you can see the working set drop back.

It usually doesn't shrink much below 2GB because it doesn't free the Linux page cache until the Linux kernel frees it, but you can poke this manually with `echo 1 > /proc/sys/vm/drop_caches`

Here for more details: https://devblogs.microsoft.com/commandline/memory-reclaim-in-the-windows-subsystem-for-linux-2/

Memory Reclaim in the Windows Subsystem for Linux 2

We’ve added a new Windows Subsystem for Linux (WSL) feature in Windows Insider Preview Build 19013: Memory Reclamation for WSL 2! Previously, when the memory needs of the WSL2 Virtual Machine (VM) would grow, either from your workflow or by the Linux kernel,

Windows Command Line
Show threadspinningmonkeyAug 5, 2023

@mcc WSL2 will use up to 50% of your memory with it's default settings. Docker seems to escalate maxing out wsl memory usage.

You can limit this by creating a .wslconfig file in your user directory. Nice write up here by @willem_meints https://fizzylogic.nl/2023/01/05/how-to-configure-memory-limits-in-wsl2

How to configure memory limits in WSL2

One of the downsides to building machine learning models is that you need quite a bit of power in your machine. I've just upgraded my home desktop that I use for side projects and experiments to 64GB of memory because it was clearly no longer up to the task. However, when I booted up my WSL linux distro, it couldn't get more than 32GB of memory. Time to figure out how to fix that! In this quick post I'm showing you how you can limit or increase the memory available to your WSL2 distributions. Let's go!

Willem's Fizzy Logic
Show threadSgeoAug 5, 2023

@mcc Is Core Isolation Memory Protection on? Can Hyper-V or WSL2 run?

I sometimes disable those to get VirtualBox and VMware to run more smoothly. Although recently discovered on Windows 11, memory integrity causes the OS to be virtualized, even if I tried to turn that off. Although that sounds like the opposite of your problem, where the VM stuff is disabled when you want it enabled.

Show threadmccAug 5, 2023
@sgeo I don't know, unless I can check that without going into BIOS. I use WSL1 because it has faster disk access so I don't know if WSL2 can run.
Show threadChristopher SnowhillAug 5, 2023
@mcc @sgeo A fun thing is that until about July of this year, my motherboard's BIOS defaulted to disabling hardware virtualization, and cleared its settings on every BIOS upgrade. And then I learned recently that Windows Update is now capable of performing BIOS updates on some motherboards, even desktop machines, and may not ask permission to do this. In the case I'm aware of, it even downgraded the user to a version that didn't fully support the CPU they were using.
Show threadmccAug 5, 2023
@chris @sgeo D:
Show threadckfiniteAug 6, 2023
@chris @mcc @sgeo This is exactly what happened to me. One day, WSL2/Docker worked, WUpdate ran, the next WSL2/Docker didn't work. I had to go back and reenable the various virtualization flags in the BIOS to make them work again.
Show threadSgeoAug 5, 2023
@mcc I think, but am not sure, that if you don't have the hypervisor stuff running needed for Hyper-V and WSL2, you can't turn memory integrity on. Also there are multiple versions of Docker Desktop, one based on Hyper-V and one based on WSL2, I'm not sure what the difference is, I'd assume they both have the same requirement.
Show threadmccAug 5, 2023
@sgeo I think I was using the WSL2 one last year.
Show threadFor whom the Taco Bell tollsAug 5, 2023
@mcc I thought it was possible to enable/disable DEP within windows itself hmm.
Show threadutzer [Friendica]Aug 5, 2023
@mcc I think some settings of the BIOS can be changed by Windows.
Show threadJo ShieldsAug 5, 2023
@mcc it's pretty common for a) firmware updates to blow away all settings and b) default settings to disable hardware virtualization. Have you updated firmware since last year?
Show threadmccAug 5, 2023
@directhex ohh… yeah I think I did actually
Show threadmccAug 5, 2023
@directhex I should have written down what I upgraded and when lol
Show threadJo ShieldsAug 6, 2023
@mcc it'll be called something like "VT-x" or "Intel Virtualization Technology" on Intel, or "SVM" on Ryzen
Show threadJo ShieldsAug 6, 2023
@mcc
Show threadmccAug 6, 2023
@directhex I don't think it will be hard to find if I go looking. But thanks
Show threadSgeoAug 5, 2023
@mcc https://stackoverflow.com/questions/49005791/how-to-check-if-intel-virtualization-is-enabled-without-going-to-bios-in-windows
How to check if Intel Virtualization is enabled without going to BIOS in Windows 10

I want to check if Intel virtualization is enabled in my laptop or not (Lenovo Thinkpad, Win 10 64 bit). Is there any way available to check it without going to BIOS?

Stack Overflow
Show threadJernej Simončič �Aug 5, 2023
@mcc Open Task Manager, go to the Performance tab, and check the text under CPU – one of the lines is Virtualisation, it should show as Enabled; if it isn't, go to your BIOS setup, and enable it (depending on your BIOS and CPU, it could be called "Virtualization", "VT-x", "SVM" or something similar; keep in mind that unless you use a big OEM machine [HP, Lenovo, Dell, …], BIOS upgrades will reset these settings, and most BIOSes [still] default to virtualisation disabled for whatever reason).
Show threadClifton RoystonAug 6, 2023

@mcc

IME some Wintel motherboards seem to just lose or change their BIOS settings randomly at intervals for no apparent reason.

For example one of my previous desktop systems at work (a brand X build) changed its settings to maximum overclocking, several times. It ran nice and fast at 4+ GHz except when it would overheat and crash. Then I'd check, find out it had turned on extreme overclocking, and turn it off again until the next time.

Kind of disturbing, really.

Show threadStevoisiakAug 6, 2023
@mcc I've had that message when trying to run android apps on Windows. It had some odd inconsistent behavior where I could have sworn the message didn't match my BIOS settings.
Show threadmccAug 6, 2023
@Stevoisiak Apparently there are a lot of events that can silently reset BIOS settings including firmware upgrades and allegedly sometimes even Windows updates