Improve WSL2 Docker daemon sharing and diagnostics

Author: intisy

src/main/java/io/github/intisy/docker/WindowsDockerProvider.java

@@ -439,10 +439,21 @@ private void startNativeDocker() throws IOException, InterruptedException {
     }
 
     private int dockerPort;
+    private boolean usingExistingDaemon = false;
+    private static final Object EXISTING_DAEMON_LOCK = new Object();
+    private static volatile boolean existingDaemonSetup = false;
+    private static volatile int sharedDaemonPort = 0;
+    private static volatile String sharedWslIp = null;
 
     private void startWsl2Docker() throws IOException, InterruptedException {
         ensureInstalled();
 
+        if (tryConnectToExistingDaemon()) {
+            log.info("Connected to existing Docker daemon in WSL2");
+            usingExistingDaemon = true;
+            return;
+        }
+        
         dockerPort = 2375 + Math.abs(instanceId.hashCode() % 1000);
         wslSocketPath = "tcp://0.0.0.0:" + dockerPort;
         String wslLogFile = "/tmp/docker-java-" + instanceId + ".log";
@@ -492,7 +503,7 @@ private void startWsl2Docker() throws IOException, InterruptedException {
         String isolationFlags = "";
         if (otherDockerdRunning) {
             log.info("Another Docker daemon detected, using isolation flags to avoid conflicts");
-            isolationFlags = " --iptables=false --bridge=none";
+            isolationFlags = " --iptables=false";
         }
 
         log.debug("Starting dockerd directly...");
@@ -582,6 +593,147 @@ private void startWsl2Docker() throws IOException, InterruptedException {
         log.info("Docker daemon started in WSL2 (instance: {}, port: {})", instanceId, dockerPort);
     }
 
+    /**
+     * Try to connect to an existing Docker daemon running in WSL2.
+     * This checks if Docker is running, starts it if needed, and exposes it on TCP.
+     * Uses synchronization to prevent race conditions when multiple threads call this.
+     */
+    private boolean tryConnectToExistingDaemon() {
+        synchronized (EXISTING_DAEMON_LOCK) {
+            if (existingDaemonSetup && sharedDaemonPort > 0 && sharedWslIp != null) {
+                dockerPort = sharedDaemonPort;
+                wslIpAddress = sharedWslIp;
+                log.info("Using existing Docker daemon connection on port {}", dockerPort);
+                return true;
+            }
+            
+            try {
+                String socketCheck = runWslCommand("test -S /var/run/docker.sock && echo yes || echo no", false, 5);
+                if (!"yes".equals(socketCheck.trim())) {
+                    log.debug("Docker socket /var/run/docker.sock does not exist");
+                    
+                    log.info("Docker daemon not running, attempting to start it...");
+                    String startResult = runWslCommand("sudo service docker start 2>&1", false, 30);
+                    log.debug("Docker service start result: {}", startResult);
+                    
+                    Thread.sleep(3000);
+                    
+                    socketCheck = runWslCommand("test -S /var/run/docker.sock && echo yes || echo no", false, 5);
+                    if (!"yes".equals(socketCheck.trim())) {
+                        log.debug("Docker socket still doesn't exist after service start");
+                        return false;
+                    }
+                }
+                
+                log.info("Found Docker daemon in WSL2, setting up TCP forwarding...");
+                
+                String wslIp = runWslCommand("hostname -I | awk '{print $1}'", false, 5).trim();
+                if (wslIp.isEmpty()) {
+                    log.info("Could not get WSL2 IP address, will use isolated daemon");
+                    return false;
+                }
+                wslIpAddress = wslIp;
+                log.info("WSL2 IP: {}", wslIp);
+                
+                String socatPath = runWslCommand("command -v socat 2>/dev/null || echo ''", false, 5).trim();
+                if (socatPath.isEmpty()) {
+                    log.info("Installing socat for TCP forwarding...");
+                    runWslCommand("sudo apt-get update -qq && sudo apt-get install -y -qq socat 2>&1", false, 120);
+                    socatPath = runWslCommand("command -v socat 2>/dev/null || echo ''", false, 5).trim();
+                    if (socatPath.isEmpty()) {
+                        log.info("Failed to install socat, will use isolated daemon");
+                        return false;
+                    }
+                }
+                
+                dockerPort = 2375;
+                
+                runWslCommand("sudo pkill -9 -f 'socat.*:" + dockerPort + "' 2>/dev/null; sleep 1", false, 10);
+                
+                String socketPerms = runWslCommand("ls -la /var/run/docker.sock 2>&1", false, 5);
+                log.info("Docker socket: {}", socketPerms.trim());
+                
+                String socatCmd = String.format(
+                    "sudo nohup socat TCP-LISTEN:%d,bind=0.0.0.0,reuseaddr,fork UNIX-CONNECT:/var/run/docker.sock </dev/null >/tmp/socat-%d.log 2>&1 &",
+                    dockerPort, dockerPort);
+                runWslCommand(socatCmd, false, 5);
+                
+                Thread.sleep(2000);
+                
+                String socatPid = runWslCommand("pgrep -f 'socat.*:" + dockerPort + "' 2>/dev/null | head -1 || echo ''", false, 5).trim();
+                if (socatPid.isEmpty()) {
+                    String socatLog = runWslCommand("cat /tmp/socat-" + dockerPort + ".log 2>/dev/null | head -20 || echo '(no log)'", false, 5);
+                    log.info("socat failed to start. Log: {}", socatLog);
+                    return false;
+                }
+                log.info("socat running with PID: {}", socatPid);
+                
+                String listenCheck = runWslCommand("ss -tlnp 2>/dev/null | grep ':" + dockerPort + " ' || echo 'not listening'", false, 5);
+                log.info("Port {} status: {}", dockerPort, listenCheck.trim());
+                
+                boolean connected = testDockerConnection(wslIp, dockerPort);
+                if (!connected) {
+                    connected = testDockerConnection("localhost", dockerPort);
+                    if (connected) {
+                        wslIpAddress = "localhost";
+                    }
+                }
+                
+                if (connected) {
+                    sharedDaemonPort = dockerPort;
+                    sharedWslIp = wslIpAddress;
+                    existingDaemonSetup = true;
+                    log.info("Connected to Docker daemon via TCP at {}:{}", wslIpAddress, dockerPort);
+                    return true;
+                }
+                
+                String socatLog = runWslCommand("cat /tmp/socat-" + dockerPort + ".log 2>/dev/null | tail -10 || echo '(no log)'", false, 5);
+                log.info("Connection failed, socat log: {}", socatLog);
+                return false;
+            } catch (Exception e) {
+                log.info("Failed to connect to existing daemon: {}", e.getMessage());
+                return false;
+            }
+        }
+    }
+    
+    /**
+     * Test Docker connection from Windows by attempting a TCP socket connection and HTTP request.
+     */
+    private boolean testDockerConnection(String host, int port) {
+        try {
+            log.info("Testing Docker connection to {}:{}...", host, port);
+            
+            java.net.Socket socket = new java.net.Socket();
+            socket.connect(new java.net.InetSocketAddress(host, port), 3000);
+            socket.close();
+            log.info("TCP socket connection successful to {}:{}", host, port);
+            
+            java.net.URL url = new java.net.URL("http://" + host + ":" + port + "/version");
+            java.net.HttpURLConnection conn = (java.net.HttpURLConnection) url.openConnection();
+            conn.setConnectTimeout(3000);
+            conn.setReadTimeout(3000);
+            int responseCode = conn.getResponseCode();
+            conn.disconnect();
+            
+            if (responseCode == 200) {
+                log.info("Docker API responding at {}:{}", host, port);
+                return true;
+            }
+            log.info("Docker API returned HTTP {} at {}:{}", responseCode, host, port);
+            return false;
+        } catch (java.net.ConnectException e) {
+            log.info("Connection refused to {}:{} - socat may not be forwarding correctly", host, port);
+            return false;
+        } catch (java.net.SocketTimeoutException e) {
+            log.info("Connection timeout to {}:{}", host, port);
+            return false;
+        } catch (IOException e) {
+            log.info("Connection test failed for {}:{} - {}: {}", host, port, e.getClass().getSimpleName(), e.getMessage());
+            return false;
+        }
+    }
+    
     /**
      * Check if passwordless sudo is available for dockerd.
      */
@@ -771,6 +923,18 @@ public DockerClient getClient() {
     public void stop() {
         log.info("Stopping Docker daemon (instance: {})...", instanceId);
 
+        if (usingExistingDaemon && usingWsl2 && wslDistro != null) {
+            try {
+                ProcessBuilder pb = new ProcessBuilder("wsl", "-d", wslDistro, "-e", "bash", "-c",
+                        "sudo -n pkill -f 'socat.*:" + dockerPort + "' 2>/dev/null || true");
+                pb.start().waitFor(5, TimeUnit.SECONDS);
+                log.info("Stopped socat TCP forwarder");
+            } catch (IOException | InterruptedException e) {
+                log.debug("Failed to stop socat: {}", e.getMessage());
+            }
+            return;
+        }
+        
         if (dockerProcess != null) {
             if (usingWsl2 && wslDistro != null) {
                 try {

src/main/java/io/github/intisy/docker/transport/DockerHttpClient.java

@@ -68,6 +68,9 @@ public DockerResponse post(String path) throws IOException {
     public DockerResponse post(String path, Map<String, String> queryParams, Object body) throws IOException {
         String fullPath = buildPathWithQuery(path, queryParams);
         String jsonBody = body != null ? gson.toJson(body) : null;
+        if (jsonBody != null && path.contains("/containers/create")) {
+            log.info("Creating container with JSON: {}", jsonBody);
+        }
         return request("POST", fullPath, jsonBody);
     }
 

src/test/java/io/github/intisy/docker/NvidiaToolkitTest.java

@@ -36,7 +36,6 @@ static void setup() throws IOException, InterruptedException {
         log.info("=== NVIDIA Container Toolkit Test Setup ===");
         provider = new WindowsDockerProvider();
 
-        // Try to start the provider to initialize WSL2
         try {
             provider.start();
             hasWsl2 = true;
@@ -66,7 +65,6 @@ void testIsWindows() {
         log.info("OS: {}", System.getProperty("os.name"));
         log.info("Is Windows: {}", isWindows);
 
-        // This test just logs info, doesn't fail
         assertTrue(true);
     }
 
@@ -100,7 +98,6 @@ void testNvidiaGpuDetection() {
             log.info("No NVIDIA GPU detected. This is expected if you don't have an NVIDIA GPU.");
         }
 
-        // Test passes regardless - we're just checking detection works
         assertTrue(true);
     }
 
@@ -121,7 +118,6 @@ void testNvidiaToolkitInstallationStatus() {
             log.info("It will be installed automatically when ensureNvidiaContainerToolkit() is called.");
         }
 
-        // Test passes regardless - we're just checking detection works
         assertTrue(true);
     }
 
@@ -142,7 +138,6 @@ void testEnsureNvidiaContainerToolkit() {
         if (!gpuAvailable) {
             log.info("No NVIDIA GPU detected. ensureNvidiaContainerToolkit() will do nothing.");
 
-            // Should not throw, just return silently
             assertDoesNotThrow(() -> provider.ensureNvidiaContainerToolkit());
             log.info("ensureNvidiaContainerToolkit() completed (no-op, no GPU)");
             return;
@@ -151,13 +146,11 @@ void testEnsureNvidiaContainerToolkit() {
         if (toolkitInstalledBefore) {
             log.info("Toolkit already installed. ensureNvidiaContainerToolkit() will do nothing.");
 
-            // Should not throw, just return silently
             assertDoesNotThrow(() -> provider.ensureNvidiaContainerToolkit());
             log.info("ensureNvidiaContainerToolkit() completed (no-op, already installed)");
             return;
         }
 
-        // GPU available but toolkit not installed - will attempt installation
         log.info("GPU available but toolkit not installed. Will attempt automatic installation...");
         log.info("This may take a few minutes...");
 
@@ -174,7 +167,6 @@ void testEnsureNvidiaContainerToolkit() {
         } catch (IOException e) {
             String message = e.getMessage();
 
-            // If it's a prerequisite issue (passwordless sudo not set up), skip the test with instructions
             if (message != null && message.contains("Passwordless sudo")) {
                 log.warn("=== ONE-TIME SETUP REQUIRED ===");
                 log.warn("Run these commands in WSL to enable automatic NVIDIA toolkit installation:");
@@ -187,11 +179,9 @@ void testEnsureNvidiaContainerToolkit() {
                 log.warn("Then run this test again.");
                 log.warn("================================");
 
-                // Skip the test instead of failing - prerequisite not met
                 assumeTrue(false, "Skipping: Passwordless sudo not configured. See instructions above.");
             }
 
-            // For other errors, fail the test
             log.error("Failed to install NVIDIA Container Toolkit: {}", message);
             log.error("This might be due to network issues.");
             log.error("You can install manually by running the commands shown in the error message.");
@@ -212,7 +202,6 @@ void testGpuContainerCreation() {
 
         DockerClient client = provider.getClient();
 
-        // Try to pull and run nvidia-smi in a container
         try {
             log.info("Pulling nvidia/cuda:12.0.0-base-ubuntu22.04 image...");
             client.pullImage("nvidia/cuda:12.0.0-base-ubuntu22.04").exec(10, java.util.concurrent.TimeUnit.MINUTES);
@@ -228,26 +217,21 @@ void testGpuContainerCreation() {
             String containerId = response.getId();
             log.info("Container created: {}", containerId);
 
-            // Start the container
             client.startContainer(containerId).exec();
             log.info("Container started");
 
-            // Wait for it to finish
             client.waitContainer(containerId).exec();
 
-            // Get logs
             String logs = client.logs(containerId)
                     .withStdout(true)
                     .withStderr(true)
                     .exec();
 
             log.info("Container output:\n{}", logs);
 
-            // Cleanup
             client.removeContainer(containerId).exec();
             log.info("Container removed");
 
-            // Check if nvidia-smi output looks valid
             assertTrue(logs.contains("NVIDIA") || logs.contains("GPU"),
                     "nvidia-smi output should contain GPU information");