[MCP Toolkit / Windows] Docker socket mapped as a Directory (Volume) instead of a Bind Mount on Windows/WSL2

[EgorBEremeev]

Bug report

Description

When deploying MCP servers using the Docker MCP Toolkit on Windows (with WSL2 backend), the Docker socket (/var/run/docker.sock) is incorrectly handled. Instead of creating a bind mount to the host's Docker socket, the toolkit creates a named Docker Volume and mounts it to the /var/run/docker.sock path inside the container.

This causes /var/run/docker.sock to be a directory inside the container, which breaks any MCP tool that relies on Docker-in-Docker functionality (such as node-code-sandbox and its run_js_ephemeral tool).

Additionally, the mcp/node-code-sandbox image contains a Docker CLI/Library version that defaults to Docker API v1.41, while modern Docker Desktop engines (e.g., v4.60.0) require a minimum of v1.44.

Steps to Reproduce

1. Use Docker MCP Toolkit to deploy mcp/node-code-sandbox on Windows 10/11 with WSL2 backend.
2. Inspect the created container using docker inspect <container_id>.
3. Observe the Mounts section.
4. Attempt to call the run_js_ephemeral tool through the MCP server.

Actual Results

• Incorrect Mount: A volume is created instead of a bind mount:

  "Mounts": [
      {
          "Type": "volume",
          "Name": "...",
          "Source": "/var/lib/docker/volumes/.../_data",
          "Destination": "/var/run/docker.sock",
          "Driver": "local"
      }
  ]
  

• Internal State: Running ls -ld /var/run/docker.sock inside the container reveals it is a directory (drwxr-xr-x).
• Error Message: Tools fail with: Error: Docker is not running. Please start Docker and try again.

Expected Results

• The toolkit should use a bind mount: -v /var/run/docker.sock:/var/run/docker.sock.
• /var/run/docker.sock inside the container should be a Unix socket file, allowing communication with the host Docker daemon.

Technical Evidence & Proof of Concept

The MCP server was manually verified to be functional on Windows when deployed with correct parameters.

Manual deployment fix:

docker run -d --name mcp-fix -v /var/run/docker.sock:/var/run/docker.sock mcp/node-code-sandbox

Successful execution in fixed container:
By forcing the API version with DOCKER_API_VERSION=1.45, the tool works as expected:

{
  "result": {
    "content": [
      {
        "type": "text",
        "text": "Node.js process output:\nEPHEMERAL_TEST_PASSED\n"
      }
    ]
  },
  "jsonrpc": "2.0",
  "id": 2
}

Suggested Fixes

1. Toolkit Level: Update the MCP Toolkit deployment logic for Windows/WSL2 to strictly use bind mounts for the Docker socket.
2. Image Level: Add DOCKER_API_VERSION=1.45 as a default environment variable to the mcp/node-code-sandbox image (or update the internal Docker client) to ensure compatibility with modern Docker Desktop versions.

Environment Details

• OS: Windows 10/11 (AMD64)
• Docker Desktop: 4.60.0 (Engine: 29.2.0)
• Backend: WSL2
• MCP Server Image: mcp/node-code-sandbox v1.3.0

mcp_node-code-sandbox_deployed_by_toolkit.json

Platform

Windows

Version information

Client:
 Version:           29.2.0
 API version:       1.53
 Go version:        go1.25.6
 Git commit:        0b9d198
 Built:             Mon Jan 26 19:28:56 2026
 OS/Arch:           windows/amd64
 Context:           desktop-linux

Server: Docker Desktop 4.60.0 (218231)
 Engine:
  Version:          29.2.0
  API version:      1.53 (minimum version 1.44)
  Go version:       go1.25.6
  Git commit:       9c62384
  Built:            Mon Jan 26 19:26:07 2026
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v2.2.1
  GitCommit:        dea7da592f5d1d2b7755e3a161be07f43fad8f75
 runc:
  Version:          1.3.4
  GitCommit:        v1.3.4-0-gd6d73eb8
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Client:
 Version:    29.2.0
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  ai: Docker AI Agent - Ask Gordon (Docker Inc.)
    Version:  v1.17.2
    Path:     C:\Program Files\Docker\cli-plugins\docker-ai.exe
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.31.1-desktop.1
    Path:     C:\Program Files\Docker\cli-plugins\docker-buildx.exe
  compose: Docker Compose (Docker Inc.)
    Version:  v5.0.2
    Path:     C:\Program Files\Docker\cli-plugins\docker-compose.exe
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.47
    Path:     C:\Program Files\Docker\cli-plugins\docker-debug.exe
  desktop: Docker Desktop commands (Docker Inc.)
    Version:  v0.3.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-desktop.exe
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.31
    Path:     C:\Program Files\Docker\cli-plugins\docker-extension.exe
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.4.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-init.exe
  mcp: Docker MCP Plugin (Docker Inc.)
    Version:  v0.38.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-mcp.exe
  model: Docker Model Runner (Docker Inc.)
    Version:  v1.0.8
    Path:     C:\Program Files\Docker\cli-plugins\docker-model.exe
  offload: Docker Offload (Docker Inc.)
    Version:  v0.5.42
    Path:     C:\Program Files\Docker\cli-plugins\docker-offload.exe
  pass: Docker Pass Secrets Manager Plugin (beta) (Docker Inc.)
    Version:  v0.0.24
    Path:     C:\Program Files\Docker\cli-plugins\docker-pass.exe
  sandbox: Docker Sandbox (Docker Inc.)
    Version:  v0.11.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-sandbox.exe
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-sbom.exe
  scout: Docker Scout (Docker Inc.)
    Version:  v1.19.0
    Path:     C:\Program Files\Docker\cli-plugins\docker-scout.exe

Server:
 Containers: 5
  Running: 3
  Paused: 0
  Stopped: 2
 Images: 9
 Server Version: 29.2.0
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 CDI spec directories:
  /etc/cdi
  /var/run/cdi
 Discovered Devices:
  cdi: docker.com/gpu=webgpu
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 nvidia runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: dea7da592f5d1d2b7755e3a161be07f43fad8f75
 runc version: v1.3.4-0-gd6d73eb8
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
 Kernel Version: 5.15.167.4-microsoft-standard-WSL2
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 3.83GiB
 Name: docker-desktop
 ID: 50f40c00-6465-4832-83b3-3bbb8e3920bf
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=npipe://\\.\pipe\docker_cli
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
  ::1/128
 Live Restore Enabled: false
 Firewall Backend: iptables

WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
WARNING: Support for cgroup v1 is deprecated and planned to be removed by no later than May 2029 (https://github.com/moby/moby/issues/51111)

Diagnostics ID

No response