This system works by launching an official Windows image in Docker and then making an RDP connection to it. There are a couple of others too now like WinBoat
What all of them avoid mentioning is that the images were intended by Microsoft for test and development purposes on Windows and the license clearly states you need a valid Windows license to use them: https://hub.docker.com/r/microsoft/windows#license
I wonder if Microsoft will take some action to enforce this if these projects become popular.
Edit: This comment is incorrect, see below comment from
doctorpangloss
I don't get it. Is it a VM in a container? Skimming https://hub.docker.com/r/microsoft/windows I would have interpreted that as a native Windows container, which I vaguely recall being a thing, but that would require an NT host, not Linux.
I remember Windows containers have two modes of operation as a Hyper-V VM and some sort of container-like isolation. I think the reason is that they had to quickly ship "containers" initially and that Windows does not have a kernel backwards compatibility the same way Linux does
It is a container in a VM. I'm not even sure what, if anything, the container achieves. But their installation instructions are pretty clear that you start by creating a Windows VM.
The container is a Linux container running a virtual machine inside.
WinApps needs a Windows RDP server to work. Most of the functionality doesn't care where that Windows RDP server is actually running as long as its FreeRDP client can connect to it. The container or libvirt VM options are just ways to accomplish that via virtualization.
I imagine the container part makes it easier to automate QEMU virtualization using bash scripting without worrying about distribution specific differences in the environment. These kinds of scripts become fairly ossified to their environment. Making them run consistently on different Linux distributions is its own adventure unrelated to installing and running Windows, so the containerization eliminates the need for a lot more bash scripting to account for those differences.
The container's bash scripts download the Windows installer ISOs and run them in an unattended mode inside a QEMU VM. The unattended installation is configured to skip activation:
Once the container is running, WinApps configures RDP via some scripts and registry settings exposed into the container via a volume so the container's scripts can copy and run them in the Windows VM:
I haven't seen any of this before, but I think it's a pretty clever use of scripting and containers on top of some fairly mature but hard to use pieces of software.
> By accepting this
agreement and using the software you agree that Microsoft may collect, use, and disclose
the information as described in the Microsoft Privacy Statement [...]
There's a couple of terms in contract law, like fairness of obligations, unconscionability, disproportionate penalty, excessive advantage, etc. that the US seems to have forgotten. In the EU and other countries such... aberrations are struck down and unenforceable. People are still scared silly, but the ones that protest are usually left alone.
Those aspects of contract law mean that if MS included "you owe us your first born child" or "if you have not uninstalled this operating system within 2 weeks of installation, you owe Microsoft an additional one million dollars" then that clause wouldn't be valid.
They don't however mean that MS choosing to put adverts all over Windows is illegal, or a breach of the contract, just because users would prefer the OS be ad-free. The EU could legislate in various ways that would mean MS had to stop doing so, but they haven't yet and there's no aspect of general contracts law currently that prevents it.
If you bought and paid something (not a subscription) that was ad-free and then all of a sudden in a mandatory update you start to get ads, well, maybe someone already tried and failed to sue MS but personally seems pretty predatory.
Umm actually, you did. You also waived off the right to name your firstborn, and if you disagree, you’ve waived off your right to anything except arbitration. Sorry, I didn’t make the rules.
(Friendly reminder that legality, once again, ≠ morality. Victimless crimes can be illegal, and Enron fucking shit up and filing bankruptcy can be legal.)
no, this system does not work by launching the windows containers on windows mcr.microsoft.com/windows images
it works by using dockurr, which is a great project but a worse way to distribute windows in the sense that it gets installed instead of downloaded and executed
It's funny because I remember in 2014 before WSL, certain hypervisors like VMWare Player had the ability to run Linux apps in Windows using "unity" mode allowing Linux apps to be seamlessly blended in as regular Windows windows, complete with window decorations, alt tab, shortcuts, etc.. It worked well for what it did, I ran Sublime Text 2 back then in that way and other tools.
This looks like an evolution of that, but in reverse.
I wonder what the performance is like. Has anyone tried it on CPU / GPU intensive apps like video editing tools?
I'm pretty sure you can do the same with Windows apps in Linux, since you can basically do the same with VirtualBox seamless mode too. It only requires installing the "guest additions" drivers - there's no container involved. The only major issues I see there are precisely with alt-tab - you cycle through your host windows, then suddenly ALL guest ones (and you're stuck in the guest until you press right Ctrl) - why is it so difficult to make alt-tab flow inside and outside the VM - at least in seamless mode?
Yep, VirtualBox had it too with guest additions. Once VMWare Player stopped receiving updates I switched over to it.
Since WSL became a thing I stopped using this method since getting a "native" Linux terminal through Windows was enough for me for most things.
Although now that Windows 10 is not receiving updates and my hardware can't run Windows 11, and RAM prices alone cost almost as much as my entire computer did 10 years ago I'm going to be switching to native Linux and not look back, even if it means losing certain video editing capabilities and certain games.
The idea of blending applications is as old as X Windows servers on Windows like Hummingbird, although it wasn't virtualization, the remote X Windows applications would blend on the desktop.
I see it's time for the bimonthly reinvention of VirtualBox and VMWare's seamless modes from a few faceless techies on GitHub and designed for people who can't be bothered to use WINE or VirtualBox.
And unfortunately it has become the norm in open-source to push out shiny-looking projects with pretty logos and UX but shoddy underlying technology and deceptive/overstated claims (looking at you Tauri).
Thing thing uses RDP for communication which was designed for remotely administering servers over low speed networks.
VirtualBox in contrast integrates at the driver level, and allows you to share the underlying GPU buffers, giving you a native experience that works for things like games or heavy apps. It integrates the Linux filesystem on a driver level as well.
Nit: RDP’s roots are more in multi-user windows like Citrix Metaframe than in remote administration. I’ve found it to perform better than the alternatives (remote X11, VNC, Chrome Remote Desktop) for remote GUIs. Nomachine is the only alternative that was close to its performance.
(And before somebody jumps in to correct me - in ancient times X11 performed quite well over the network but modern Linux GUI apps are no longer designed to minimise X11 network traffic)
Windows implementation of RDP is actually very good. You get a degree of responsiveness that is unachievable with neither Linux RDP implementation or any other product (maybe barring Parsec, that also doesn’t allow for Linux hosts).
I know that RDP doesn’t work for gaming, but for anything else (even for CAD), it’s the best thing barring direct access to the machine (or, Parsec).
Why don't they just write a thin layer that interfaces Windows library calls to native Linux calls, possibly with a thin wrapper to shim it where nothing else quite fits? You could re-implement maybe some of the Windows libs as a "clean room project", given the functional description, that then hands off to an equivalent in Linux.
There's probably a cool and snappy acroynm you could use, like Virtual Interface (with nearly) No Overheard, or "Vino".
Just anecdata, but the few things I use via Wine have all worked fine. I use yabridge so I can use windows VSTs in my Linux DAW.
Games (if they don't use kernel level anti cheat systems) are all flawless with Proton.
But, I honestly don't have a need to use much other windows only software. Almost everything I need to use has Linux versions, or alternatives that fit my needs.
Bit of a mixed bag for me. There are a lot of things that work remarkably well, but I have some issues with GPU performance (Cyberpunk 2077 just doesn't run well on Linux for me, despite running great on Windows on the same PC, and GPU-heavy apps like Insta360 Studio and Topaz Denoise run excruciatingly slow or not at all) and some things just don't work (my audio VST plugins work alright, albeit with some bugs about window position handling, but I can't get some of the licensing apps to work under WINE).
What do you use in Windows? It's probably easier starting there and then working out what you can do about it.
Games work great in Proton. Valve has gone all-in on Linux and I suspect before terribly long we'll see more stuff that's SteamOS native, with a compatibility layer for the people who are still using Windows.
I would suspect now that most people either play games which will mostly work okay from Steam, or use stuff that just works in a browser (and I'm kind of lumping Electron apps in with that). Then there are things that are never going to work all that well in Wine or have a native Linux port but which might be worth looking into something else for, like switching from Premiere to Resolve for video editing.
SteamVR works ok, but last I checked it still performs worse than on Windows. If you are feeling adventurous, you can try a FOSS VR stack [1]. It works for Steam games running Proton and when it works it provides better performance. I had some troubles with it, sometimes you need to switch versions or you get some artifacts in games, or some games just don't work at all. Good thing is, switching between FOSS and SteamVR is as simple as launching either first before starting the VR game in Steam.
I guess the Linux VR stack might get a bit of love from Valve for the Steam Frame, so things might improve in the near future.
Except these seamless modes have been broken for many years. Also using a containerized Windows means one doesn't have to fiddle with the insane Windows 11 setup process and TPM issues.
How good is it in practice? I've found windows VMs under a Linux host to be frustrating to use, and get poor performances no matter how much resources I throw at it. The clock keeps getting messed up all the time. UI is sluggish.
I now use a dedicated windows laptop in RDP and it is such a better experience better than a VM.
You absolutely need to pass through a GPU so that DWM.exe is properly accelerated; otherwise, it falls back to the software-accelerated WARP and the performance tanks to ~15 FPS.
It doesn't need to be anything powerful; if you have an idle integrated card that you aren't using on the Linux host because you only interact with it through a Web server or SSH (for instance, Proxmox), then pass that through. It's what I do on my home lab which runs a 9950X.
Before people raise pitchforks against Linux, this applies there, too, for the record: at work I have a Linux instance just to myself that by any other metric is ridiculously powerful: 64-core Epyc, 96 GB memory, but no iGPU, so remote desktop works very poorly.
You have minimal to zero leverage of the native Windows debugging, logging, or instrumentation. At best an opaque box with one knob and hopefully it doesn't fail or you will be roaming the countryside learning how to perform correlated packet captures at various levels of crappy obtuse networking. Could be useful for concealing non compliant vulnerable applications from pesky security vulnerability assessment teams. Combine that with the price is right and it is a solid 97% win exceeding performance metrics bonus pool refreshed.
It's definitely the way to go. Been using this setup for years now. Windows rdp server almost never goes down. The occasional "please wait" error when starting a session can be fixed remotely by logging into a 2nd backup user account to unstuck the main account. Gives you windows on mac and linux, lets you choose whatever type hardware for your remote host. Connection outside LAN always wrapped in a tunnel or tailscale
It's pretty good. They use XfreeRDP to remote into the container and display individual windows. This somehow performs a lot better than the GPU emulations of VirtualBox or VMware. I guess Microsoft put some effort into optimizing RDP for Terminal Server applications.
Thought "isn't that just Wine" but no! They are virtualizing it! And integrating them seamlessly with Linux desktop somehow!
Looks pretty cool. I remember playing with something similar in Virtualbox, it had a seamless mode too. It was a bit janky, and I think they removed it recently.
I used it in the old days, to have MSN messenger on Ubuntu :)
A form of virtualization was first demonstrated with IBM's CP-40 research system in 1967, then distributed via open source in CP/CMS in 1967–1972, and re-implemented in IBM's VM family from 1972 to the present. Each CP/CMS user was provided a simulated, stand-alone computer.
Then my kids can stop complaining and I can stop worrying about supporting Windows. They are happy as clams with Roblox and Minecraft on Ubuntu, and that makes me happy.
I don't see anything mentioned in the issues/discussions nor on the upstream project.
I tried using Office on the web for a bit, for some reason there's absolutely no way to disable auto-capitalization on the web, luckily I almost never need to use it anyway, and have LibreOffice and Google Workspace instead.
She only uses that laptop for MS Office. She did actually use the browser version for a few months, but even that is a significant downgrade compared to native apps.
MS Office and most popular multiplayer games are the 2 biggest hurdles for Linux adoption at the moment.
Does anyone know if its possible to get shell integration working?
The sole app keeping me on windows is tortoisegit: you right click, and get a bunch of git commands on your context menu. If there was any way to get this running in linux, I'd swap
I don't know how similar it is, but KDE's Dolphin file manager has git integration, I don't know how similar it is to TortoiseGit, it might be worth checking out
Clicking the files brings up a diff, which makes pre commit reviews extremely easy. Its a lot faster to add files via an interface like this, rather than using a cli
2. The graphical log feature is pretty indispensable for complex projects. Eg check out this:
This is much nicer than trying to do grok this through the cli for me. Reverting commits, cherrypicking, merges, splicing the history, seeing all the available branches, keeping track of orphaned commits etc, is all super easy
3. If I have to pick between not remembering the CLI commands off the top of my head, and having to memorise and alias a whole bunch of commands to be able to use git fully, I'll pick the former every day. Its the same reason I use an IDE
I wouldn't object to it being a standalone tool, but the nice thing about it being on the context menu is that it doesn't intrude when you don't need it
I'm kind of surprised you can "run Windows" in a Docker container at all. Isn't the fundamental restriction of Docker that all containers share the same (linux) kernel? Is there a way for docker to inject a "translation layer" somehow that makes it look like an NT kernel for the Windows processes?
>You can't re-create an icon to circumvent trademark law.
That's not what's happening here. According to wikipedia it's public domain because:
>This logo image consists only of simple geometric shapes or text. It does not meet the threshold of originality needed for copyright protection, and is therefore in the public domain. Although it is free of copyright restrictions, this image may still be subject to other restrictions. See WP:PD § Fonts and typefaces or Template talk:PD-textlogo for more information.
This is cool, When i looked at this i thought it was just WinBoat, Turn's out, it's not
But of course there isn't a way to run it at the same performance as if windows was installed as the main OS. You would always need some kind of virtualization. Anyways, This is a very cool project. Good luck!
Trying to pull mcr.microsoft.com/windows:ltsc2019...
Error: choosing an image from manifest list docker://mcr.microsoft.com/windows:ltsc2019: no image found in manifest list for architecture amd64, variant "", OS linux
Probably works the same as any other container that needs such acceleration (plex, CUDA) just pass the device over and the CAPs. There are guides online. Whether or not the windows in a container will use it idk.
I would be looking for a solution to run Minecraft official launcher in Linux. It is heavily integrated with Windows extras such as the Microsoft Store.
This is the last holdout to get my children on Linux.
The OS matters, because if it belongs to a mega-corporation, it serves its goals, not yours. Examples: Windows spying on users, iOS not allowing 3rd-party apps without you providing all your private data to Apple.
I've had mixed results with this, recent versions of Adobe in particular gave me trouble.
I've been meaning to try WinBoat, but it's based on the same underlying technology (docker+RDP) so I'm guessing I'll hit the same bugs. I was thinking maybe i could alter the code to launch a different RDP client instead of the default.
Still, if you just need Office, it's a much more integrated setup than you can easily achieve with VMs.
What all of them avoid mentioning is that the images were intended by Microsoft for test and development purposes on Windows and the license clearly states you need a valid Windows license to use them: https://hub.docker.com/r/microsoft/windows#license
I wonder if Microsoft will take some action to enforce this if these projects become popular.
Edit: This comment is incorrect, see below comment from doctorpangloss
reply