Skip to content

Instantly share code, notes, and snippets.

@norio-nomura

norio-nomura/README.md

Last active June 21, 2024 12:08
Show Gist options
  • Save norio-nomura/9f8d469252a13adf2efdc49af0a47a30 to your computer and use it in GitHub Desktop.
Save norio-nomura/9f8d469252a13adf2efdc49af0a47a30 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
README.md
  1. install lima
brew install lima
  1. if docker for mac is not installed, install docker cli
brew install docker docker-buildx docker-completion
  1. create docker instance
limactl create https://gist.githubusercontent.com/norio-nomura/9f8d469252a13adf2efdc49af0a47a30/raw/a700cc7261f8e782fd0b7c5373ef1201b5158a0d/lima.yaml --tty=false --name docker
  1. enable boot dokcer instance at login
limactl start-at-login --enabled docker
  1. create "lima-docker" context to use
docker context create lima-docker --docker host=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
  1. use "lima-docker" as default context
docker context use lima-docker
Raw
lima.yaml
# A template to use Docker instead of containerd & nerdctl
# $ limactl start ./docker.yaml
# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine
# To run `docker` on the host (assumes docker-cli is installed):
# $ export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
# $ docker ...
# This template requires Lima v0.8.0 or later
images:
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
- location: "https://cloud-images.ubuntu.com/minimal/releases/noble/release-20240608/ubuntu-24.04-minimal-cloudimg-amd64.img"
arch: "x86_64"
digest: "sha256:da21d7d27c242f79102e2943cde0cc8bbd900690297814b03b8559f3022e6957"
- location: "https://cloud-images.ubuntu.com/minimal/releases/noble/release-20240608/ubuntu-24.04-minimal-cloudimg-arm64.img"
arch: "aarch64"
digest: "sha256:83612aafdfb75974d3b5b86dfa47622d2c14d218d706789292875e949b0b07e4"
# Fallback to the latest release image.
# Hint: run `limactl prune` to invalidate the cache
- location: "https://cloud-images.ubuntu.com/minimal/releases/noble/release/ubuntu-24.04-minimal-cloudimg-amd64.img"
arch: "x86_64"
- location: "https://cloud-images.ubuntu.com/minimal/releases/noble/release/ubuntu-24.04-minimal-cloudimg-arm64.img"
arch: "aarch64"
mounts:
- location: "~"
- location: "/tmp/lima"
writable: true
# containerd is managed by Docker, not by Lima, so the values are set to false here.
containerd:
system: false
user: false
provision:
- mode: system
# This script defines the host.docker.internal hostname when hostResolver is disabled.
# It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts.
# Names defined in /etc/hosts inside the VM are not resolved inside containers when
# using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later).
script: |
#!/bin/sh
sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
- mode: system
script: |
#!/bin/bash
set -eux -o pipefail
command -v docker >/dev/null 2>&1 && exit 0
export DEBIAN_FRONTEND=noninteractive
curl -fsSL https://get.docker.com | sh
# NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
systemctl disable --now docker
apt-get install -y uidmap dbus-user-session fuse3 jq
- mode: user
script: |
#!/bin/bash
set -eux -o pipefail
systemctl --user start dbus
systemctl list-unit-files --user docker.service &>/dev/null || dockerd-rootless-setuptool.sh install
docker context use rootless
# enable containerd image store
ENABLE_CONTAINERD_IMAGE_STORE=true
ENABLE_BUILDKIT=true
function update_docker_daemon_feature() {
local config="$HOME/.config/docker/daemon.json"
local current=$((cat "$config" 2>/dev/null || echo "{}")|jq ".features.\"$1\" // false")
test "$current" = "$2" && return 1
case "$2" in
true) local jq_expression=".features.\"$1\" = true";;
false) local jq_expression="del(.features.\"$1\")";;
*) return 1;;
esac
tmpfile=$(mktemp) && (cat "$config" 2>/dev/null || echo "{}") | jq "$jq_expression" > "$tmpfile"
mkdir -p $(dirname "$config") && cat "$tmpfile" > "$config" && rm "$tmpfile"
}
needs_restart=
update_docker_daemon_feature "containerd-snapshotter" "$ENABLE_CONTAINERD_IMAGE_STORE" && needs_restart=1
update_docker_daemon_feature "buildkit" "$ENABLE_BUILDKIT" && needs_restart=1
# restart docker to apply the new configuration
[ -z "$needs_restart" ] || systemctl --user restart docker
probes:
- script: |
#!/bin/bash
set -eux -o pipefail
if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
echo >&2 "docker is not installed yet"
exit 1
fi
if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
echo >&2 "rootlesskit (used by rootless docker) is not running"
exit 1
fi
hint: See "/var/log/cloud-init-output.log". in the guest
hostResolver:
# hostResolver.hosts requires lima 0.8.3 or later. Names defined here will also
# resolve inside containers, and not just inside the VM itself.
hosts:
host.docker.internal: host.lima.internal
portForwards:
- guestSocket: "/run/user/{{.UID}}/docker.sock"
hostSocket: "{{.Dir}}/sock/docker.sock"
message: |
To run `docker` on the host (assumes docker-cli is installed), run the following commands:
------
docker context create lima-{{.Name}} --docker "host=unix://{{.Dir}}/sock/docker.sock"
docker context use lima-{{.Name}}
docker run hello-world
------
memory: 16GiB
networks:
- vzNAT: true
rosetta:
enabled: true
binfmt: true
vmType: vz
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment