Docker Desktop crashing after on fresh build

[vpzed]

Describe the bug and expected behavior
Docker Desktop crashes after startup on fresh build with An error occured, "The Virtual Machine Management Service failed to start the virtual machine 'DockerDesktopVM' because one of the Hyper-V components is not running...

To Reproduce
Steps to reproduce the behavior:

VirtualBox > VM - Settings > System > Acceleration
Paravirtualization Interface Default
Hardware Virtualization: Enable VT-x/AMD-V checked
Enable Nested Paging checked
Perform fresh install using install.ps1
Boot VM
Wai for large white error box to appear (~1 min after login)

Screenshots
See attached

Version
Windows 10 Pro1903 HOST
Virtualbox 6.0.10
Windows 10 Pro 1903 GUEST
NOTE: Did NOT install Guest Additions in GUEST
All updates installed on both systems.

Additional context
The also didn't install, probably due to dependencies with failed Docker Desktop:
amass.docker.fireeye
spiderfoot.docker.fireeye

[pollev]

I can confirm the same issue is happening to me

[zin1x]

Same. Getting this error too

[vpzed]

Researching this issue on my own, I see in the VirtualBox documentation

--Under 3.5.2, Processor Tab:

Enable Nested VT-x/AMD-V: Enables nested virtualization, with passthrough of hardware virtualization functions to the guest VM.

This feature is available on host systems that use an AMD CPU. For Intel CPUs, the option is grayed out.

--Then under 3.5.3, Acceleration tab:

Hardware Virtualization: You can select for each virtual machine individually whether Oracle VM VirtualBox should use software or hardware virtualization.

• Enable VT-x/AMD-V: Enables Intel VT-x and AMD-V hardware extensions if the host CPU supports them.
• Enable Nested Paging: If the host CPU supports the nested paging (AMD-V) or EPT (Intel VT-x) features, then you can expect a significant performance increase by enabling nested paging in addition to hardware virtualization.

======
Question 1: In the README Recommended "Enable Virtualization support for VM" bullet item, which of the listed VT-x options is this? Since Docker Desktop is virtualization, I think it's the "Enable Nested VT-x" one on the Processor tab. If that is the case, then Docker Desktop will not work for people using Intel CPU's, Windows HOSTS, and VirtualBox 6.

Question 2: What Commando VM features/packages will not work without nested virtualization? Are there packages that should/can be removed because they aren't needed without nested virtualization?

[htnhan]

Folks, this is an issue with nested virtualization support. Please follow the following URL to see if you meet all the hardware, OS, and VM requirement for nested virtualization: https://docs.docker.com/docker-for-windows/install/. However, docker themselves do not guarantee support for nested virtualization. A quick way to test is to start a fresh VM and see if you can successfully install and run docker before performing the full commando VM install.

@vpzed, to answer your questions:

1. "Enable virtualization support for VM" refers to VT-x/AMD-V option, and not Nested Paging
2. All packages that use docker should end with *.docker.fireeye. Currently, we have the following packages that use docker:

• docker.fireeye
• amass.docker.fireeye
• spiderfoot.docker.fireeye

[vpzed]

Per https://docs.docker.com/docker-for-windows/troubleshoot/#hyper-v-must-be-enabled they make it clear that "Docker Desktop for Windows is not supported for nested virtualization scenarios." Period. Since this is Commando VM (Virtual Machine), no Comando VM users should expect this to work reliably. And as I stated above it doesn't appear to work with Windows Hosts, Virtualbox 6 and Intel CPU's since the "Enable Nested VT-x/AMD-V" option is disabled (as of VirtualBox 6.0.10).

I recommend updating the README.md to state clearly state that nested virtualization is not supported by Docker and the Docker link to keep others from creating similar Issues. The current README is unclear and I thought I was OK with the settings I had configured.

Since "choco uninstall docker.fireeye" fails with an error about the Desktop lnk which seems to be a problem from one of the other issues, I think I'll revert my snapshot and try a custom install.

[tonykarre]

I'm using VMWare Fusion 10.1.6 on my Mac. It offers the ability to enable Intel VTx-EPT.

When this is NOT enabled, I get the same error described above. When I DO enable it, as seen in the screenshot, then I don't get that failure.

Installing amass.docker.fireeye and spiderfoot.docker.fireeye is successful.

[chppppp]

If anyone lands here and is running ESXi/VCSA this is the setting you must check for this to work:

[elreydetoda]

I'm using VMWare Fusion 10.1.6 on my Mac. It offers the ability to enable Intel VTx-EPT.

When this is NOT enabled, I get the same error described above. When I DO enable it, as seen in the screenshot, then I don't get that failure.

Installing amass.docker.fireeye and spiderfoot.docker.fireeye is successful.

since this is proved out to be a problem when you don't have EPT enabled (as not every CPU supports this feature, but it definitely has become more prevalent now a days). Is there anyway to mention in on a FAQ under the README.md on the main page.

Found this because I was going to reinstall this project on a new win10 host (used this to build before for some tests and it was awesome!), and saw that it said Hyper-V was enabled for docker desktop. I then thought there would/should be a problem if the CPU doesn't support EPT, so searched for EPT and landed here.

We can tell people to look up their cpus on the intel ark page if they have an intel chip, but I don't know how to look it up for AMD chips (mainly I have no idea how to look it up). Which is kind of sad since I have an 2700X amd chip, and it is supposed to support it but I haven't had it work for me in almost all situations. This is where I found it is supposed to support it: https://www.reddit.com/r/Amd/comments/65fne2/would_ryzen_support_this_nested_visualization/

I am more than willing to make a pull request, but just wanted to discuss it here first.

[day1player]

Please also see #92