Read more of this story at Slashdot.
Windows 11 can now build, run, and manage Linux containers on its own, without Docker Desktop in the background. Microsoft calls this WSL Containers, and after installing the preview and running a few real workloads through it, here is what works, what still needs Docker, and how to get it running on your own PC.
WSL Container should not be confused with the next version of WSL 2, as we already covered how Microsoft shut down the WSL 3 rumors. It has now shipped as a public preview, so we installed it, built a custom container image from scratch, and pushed it through a few workflows to see where it holds up.

WSL Container is a built-in feature of the Windows Subsystem for Linux that lets you create, run, and manage Linux containers directly from Windows, without installing Docker Desktop, Podman Desktop, or any other third-party runtime. It ships in two parts:
Instead of asking users to install a separate runtime, a Windows app can quietly spin up a Linux container in the background to run a piece of Linux-only code, then tear it down when the task finishes. Microsoft demoed this with Moonray, an open-source Linux rendering engine used on films like The Wild Robot, running inside a Windows executable with no visible sign that Linux was involved at all.

Every Windows application that uses the API gets its own Hyper-V-backed virtual machine, separate from every other app’s container. The CLI flow gets its own VM too. Docker Desktop, however, runs every container inside one shared VM, which as you’d expect is more efficient.
WSL Containers trade some resource efficiency for a hard isolation boundary between apps, which explains why Microsoft is pitching this as enterprise-ready.
That said, both entry points talk to the same WSL service that already manages your regular distros, and inside the Linux VM, the container runtime doing the real work is Moby, the open-source engine that also powers Docker. Note that WSL Containers is not reinventing containers. It is, instead, giving Windows a first-party front door to them.
WSL Container only ships in the pre-release channel of WSL for now, so you will need to opt into that before wslc shows up on your PC.




In our test machine, the update took under two minutes over a decent connection. If wslc is not recognized right after the update, restart your terminal, and if that does not help, restart the PC. Since it’s in the pre-release channel, there might be some rough edges, as a few developers on Microsoft’s own devblog reported a Catastrophic failure, Error code: E_UNEXPECTED when running their first container. Fortunately, we didn’t face the issue.
In case you are wondering, you do not need a Copilot+ PC to try this since WSL Container ships as a plain WSL component, but the Hyper-V-backed isolation model needs the support of modern virtualization, so a recent CPU with virtualization enabled in BIOS or UEFI counts for more here than it does for a regular WSL distro.
Once wslc was working, we skipped the basic hello-world example everyone else is running and went straight to something closer to real use, building a custom image from a Containerfile and exposing a working service from it.

First, a quick sanity check. We pulled and ran a Debian container interactively:
wslc run -it debian:latest


Inside the container, running uname -a returned a Linux kernel string tied to WSL2, confirming we were sitting inside a real Linux environment instead of some translation layer.

Detaching with Ctrl+P, Ctrl+Q and running wslc ps -a listed the container by its autogenerated name (mossy_sawtooth), alongside how long ago it started and its current status.

Reattaching with wslc attach mossy_sawtooth dropped us straight back into the same shell.

Next, we wrote a Containerfile, which works the same way a Dockerfile does, to package a small Linux inspection utility that runs file, exiftool, and binutils against whatever gets dropped into it.

Here is roughly what that file looked like:
FROM python:3.12-slim
RUN apt-get update && \
apt-get install -y –no-install-recommends \
file exiftool binutils bsdmainutils coreutils && \
rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY requirements.txt .
RUN pip install –no-cache-dir -r requirements.txt
COPY app.py .
EXPOSE 5000
CMD [“python”, “app.py”]
Building it was one command:
wslc build -t my-linux-inspector .

The build cached its base layers, so a rebuild finished in seconds instead of minutes. Running wslc image ls confirmed the image existed locally with a fresh timestamp.

From there, we started the container with a port mapping so the Flask server running inside Linux could be reached from Windows:
wslc run -d -p 5000:5000 –name inspector my-linux-inspector
Loading 127.0.0.1:5000 in a browser on the Windows side brought up the tool’s web interface without any extra networking setup.

A service running on a Linux kernel, reachable through localhost on Windows, with zero third-party software installed, sums up WSL Container in one sentence.
GPU passthrough is the feature most developers doing AI or machine learning work will care about most, since it decides whether a Linux container can reach the graphics card instead of running on the CPU alone. WSL Container supports this through a --gpus all flag, the same syntax Docker users already know:
wslc run --rm --gpus all pytorch/pytorch:2.5.1-cuda12.4-cudnn9-runtime \
python -c "import torch; print(torch.cuda.is_available())"
The clip below shows this in action, a container reaching the GPU directly, then racing a compiled PyTorch model against the same model running in plain eager mode. The gap between the two is not subtle.
Microsoft is pitching WSL Container as enterprise-ready from the preview stage.
Microsoft Defender for Endpoint’s existing WSL plugin now understands container events, so security teams monitoring WSL distros get the same visibility into containers without deploying separate tooling, though the feature is currently limited to a private preview with its own signup form.

IT admins can already control WSL Container today through Group Policy and an ADMX policy, with two capabilities that count most in a managed fleet:
We expect full Intune dashboard support for these settings within a few weeks of the preview shipping.
VS Code’s Dev Containers extension also picked up wslc support starting in version 0.462.0-pre-release. Switching to it just means opening Dev Container settings, finding the Docker Path field, and changing it to wslc, no need to reinstall extensions or reconfigure projects.
WSL Container does not ship with anything resembling Docker Compose at this stage, so multi-service projects that use a compose.yaml file to bring up a database, a backend, and a cache together are not a good fit yet. Every container we tested had to be started individually.

And of course, the biggest omission is that there is also no GUI dashboard, or anything like Docker Scout for scanning images. Also, the extensive plugin ecosystem that Docker Desktop has built up over the years does not exist here. WSL Container is not meant to replace Docker Desktop, Podman Desktop, or Rancher Desktop, and all three of those tools stand to benefit from the same low-level platform work, including the new virtiofs file system that Microsoft says makes Windows file access twice as fast inside containers.
Networking has also been reworked with an experimental mode called Consomme, which relays Linux traffic through the Windows networking stack instead of the older NAT setup, aimed at fixing the VPN and proxy compatibility issues that have annoyed WSL users for years. Both virtiofs and Consomme are currently exclusive to WSL Container, though Microsoft has said it wants to bring them to regular WSL distros eventually.
For a single container running a database or a small service during local development, WSL Container already does the job without asking for a separate license. For anything that needs Compose files, multiple linked services, or Docker’s extension ecosystem, Docker Desktop is still the more complete tool for now.

Microsoft is targeting WSL Container’s general availability for fall 2026, and given how closely the CLI’s syntax already tracks Docker’s, most of what is missing looks like a matter of when rather than if.
If you already run Linux container workloads on Windows, running the pre-release build alongside Docker Desktop costs nothing and gives WSL Container a head start before it becomes the default choice.
The post I built a Linux container on Windows 11 without Docker Desktop, and Docker users should pay attention appeared first on Windows Latest

— Hrishikesh Aradhye has joined Amazon Music as vice president of product and tech for the streaming service. He spent nearly 19 years at Google, most recently as senior director of engineering leading YouTube Music and Podcasts.
“The music industry is going through a tectonic shift that will unlock entirely new kinds of customer experiences through AI,” Aradhye said.
Earlier in his tenure there, he worked at Google Research, where he helped pioneer computer vision and machine learning systems for YouTube and Android.

— Vasu Jakkal is stepping down after six years as Microsoft‘s corporate vice president of Security, Compliance, Identity, Management & Privacy. She thanked colleagues and customers in a LinkedIn post.
“It’s been an epic journey — six years ago, we formed our Security customer solution area and the growth and impact of Microsoft Security over these past years has been incredible as we built the #1 security business in the world while keeping our mission of building a safer world for all at the heart of it,” Jakkal wrote.
Jakkal is based in the San Francisco Bay Area and previously held executive roles at FireEye and Intel. She did not indicate her next move.

— Mika Yamamoto was named chief marketing and customer AI officer for Veeam Software, a Seattle-based data protection and ransomware recovery company. It’s the latest in a string of leadership changes at Veeam, which has made four other executive hires or promotions this year.
Yamamoto previously worked for Seattle-area companies including F5, Microsoft and SAP, and joined Veeam from Los Angeles-based Blackline.
“She has experienced this industry from every angle — analyst, operator, executive leader — and has consistently put the customer and partner at the center of how companies operate,” CEO Anand Eswaran said in a statement.
— In case you missed it, Microsoft has undergone a leadership shakeup within Copilot as the company works to turn its platform into a “super app.” Changes include:

— Seattle-based tech executive Niranjan Vijayaragavan has taken the role of CTO at Five9, a cloud-based contact-center-as-a-service company. He joins Five9 from Nintex, where he served as chief product and technology officer. Other past employers include Avalara and Expedia Group.
“Five9 is at the center of one of the most important shifts in customer experience as AI reshapes how companies engage with their customers,” Vijayaragavan said in a statement. The company is based in San Ramon, Calif., but Vijayaragavan will remain in Washington.

— Maura Mast was appointed president of Seattle University, succeeding Eduardo M. Peñalver, who resigned to lead Georgetown University. Mast is the first woman and first mathematician to hold the top role at the Jesuit Catholic university.
“Our world urgently needs spaces of dialogue and discernment that actively work to heal deep divisions and build a more equitable society,” Mast said in a statement, adding that SU can lead in these areas.
Mast will begin the job on Sept. 1 and joins SU from Fordham University, where she served as a dean and mathematics professor.

— The Cascadia Sustainable Aviation Accelerator named Jake Gentry as its executive director. Gentry helped create CSAA, which aims to make the Pacific Northwest a center for the production of sustainable aviation fuel (SAF). He remains a managing director at Seattle’s Earth Finance and is leading the accelerator as part of that organization.
Hawaiian Airlines CEO Diana Birkett-Rakow praised Gentry’s appointment, saying in a statement that he has “the right combination of strategic depth, execution orientation, coalition-building instincts, and commitment to the work.”
Gentry previously held sustainability leadership roles with companies including Point B and Boeing.
— Seattle’s F5 has added Gavin Munroe to its board of directors, where he will serve on the audit and risk committees. Munroe has decades of experience in financial services and most recently was chief information officer and transformation head at Commonwealth Bank of Australia.
— Harini Gokul, a former leader at Microsoft and AWS and past chief customer officer at Entrust, has joined the board of Afiniti. The company builds AI software for call centers that aims to match customers with the appropriate agent. Gokul also serves on the Medina City Council.
— Safe Software, a data and AI enterprise integration platform based in Surrey, British Columbia, has named Nabil Lodey vice president of Europe, the Middle East and Africa. Lodey will help lead the company’s expansion in the UK and Ireland.
— Allison Gruber is now VP and leader of Portland-based Cambia Health Foundation. She previously oversaw Cambia Health Solutions’ Strategy and Innovation team, where she led data-driven strategy initiatives.
— And some more folks are retiring from Microsoft, in addition to those featured Tuesday in a GeekWire story on the company’s first-ever voluntary retirement program: