Skip to content

Instantly share code, notes, and snippets.

@seanhandley
Last active October 22, 2024 06:00
Show Gist options
  • Save seanhandley/7dad300420e5f8f02e7243b7651c6657 to your computer and use it in GitHub Desktop.
Save seanhandley/7dad300420e5f8f02e7243b7651c6657 to your computer and use it in GitHub Desktop.
How To Set Up Docker For Mac (Mojave) with Native NFS
version: '2'
services:
api:
volumes:
- "nfsmount:${CONTAINER_DIR}"
volumes:
nfsmount:
driver: local
driver_opts:
type: nfs
o: addr=host.docker.internal,rw,nolock,hard,nointr,nfsvers=3
device: ":${SOURCE_DIR}"
export CONTAINER_DIR=/myapp
export SOURCE_DIR=/Users/me/myapp
#!/usr/bin/env bash
OS=`uname -s`
if [ $OS != "Darwin" ]; then
echo "This script is OSX-only. Please do not run it on any other Unix."
exit 1
fi
if [[ $EUID -eq 0 ]]; then
echo "This script must NOT be run with sudo/root. Please re-run without sudo." 1>&2
exit 1
fi
echo ""
echo " +-----------------------------+"
echo " | Setup native NFS for Docker |"
echo " +-----------------------------+"
echo ""
echo "WARNING: This script will shut down running containers and prune docker volumes."
echo ""
echo -n "Do you wish to proceed? [y]: "
read decision
if [ "$decision" != "y" ]; then
echo "Exiting. No changes made."
exit 1
fi
echo ""
if ! docker ps > /dev/null 2>&1 ; then
echo "== Waiting for docker to start..."
fi
open -a Docker
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done
echo "== Stopping running docker containers..."
docker-compose down > /dev/null 2>&1
docker volume prune -f > /dev/null
osascript -e 'quit app "Docker"'
echo "== Resetting folder permissions..."
U=`id -u`
G=`id -g`
sudo chown -R "$U":"$G" .
echo "== Setting up nfs..."
LINE="/Users -alldirs -mapall=$U:$G localhost"
FILE=/etc/exports
sudo cp /dev/null $FILE
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null
LINE="nfs.server.mount.require_resv_port = 0"
FILE=/etc/nfs.conf
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null
echo "== Restarting nfsd..."
sudo nfsd restart
echo "== Restarting docker..."
open -a Docker
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done
echo ""
echo "SUCCESS! Now go run your containers 🐳"
@rivetmichael
Copy link

Thank you very effective !

@setthase
Copy link

there's no need for sudo in sudo echo "$LINE" :)

@talya
Copy link

talya commented Oct 8, 2018

Thanks, super useful!

Any chance you remember how you managed to get it working with nfsv4?
I get this error: “protocol not supported” when using ‘nfsvers=4’, ‘nfsvers=4.1’ and ‘vers=4’

Also, what seemed more stable with nfsv3? I’m actually trying to move to v4 to see if it improves performance, mainly around deleting many files and also how nfsv3 implements the “silly rename” (causing “”Device or resource busy” errors on random .nfsXXXXX’ files)

@idflood
Copy link

idflood commented Nov 12, 2018

Just wondering why on line 50 you do sudo chown -R "$U":"$G" .?

It will change the permission of the current directory and subdirectories where this script is called if I'm right. So the script should probably be executed at the root of you app/shared folder, maybe a small comment could help : )

@wss-chadical
Copy link

heads up: OSX Mojave has some new security restrictions. The script as is runs, but does not actually create the /etc/exports due to an unsurfaced permissions error.

Quick fix here:
https://www.cubewebsites.com/blog/software/quick-fix-macos-mojave-vagrant-error-tee-etc-exports-operation-not-permitted/

You can quickly fix this issue by following the following steps:
Open “System Preferences”
Go to “Security & Privacy”
Then Privacy Tab
Click the “padlock” icon in the bottom-left corner where it says “Click the lock to make changes” – enter your password when prompted
On the list of permissions on the left, select “Full Disk Access”
Now, on the right-hand side, click the little “+” icon
This will open a browse window, use this to select your preferred Terminal e.g. “Applications > iTerm” or “Applications > Utilities > Terminal”
If the selected Terminal is already open, you’ll be asked to Quit it – quit the application and restart it
When you restart the selected application, you may prompted if you’d like to allow the app to make changes to your computer – accept and enter your password if required
Try mounting your vagrant machine and now the above error should no longer appear!

@lhridley
Copy link

lhridley commented Mar 9, 2019

@wss-chadical The blog post in your comment above is protected with basic auth.

@maclordaj
Copy link

in my case the file /etc/nfs.conf already existed with other options on my system and it seems the script added the nfs.server.mount.require_resv_port = 0 at the end of the file but without a new line. Took me a while to notice.

@egobude
Copy link

egobude commented Oct 8, 2019

With macOS Catalina you have to use the following settings:

setup_native_nfs_docker_osx.sh

LINE="/Users -alldirs -mapall=$U:$G localhost" -> LINE="/System/Volumes/Data/Users -alldirs -mapall=$U:$G localhost"

env_vars.sh

export SOURCE_DIR=/System/Volumes/Data/Users/me/myapp

@seanhandley
Copy link
Author

Thanks for sharing @egobude !

@ValentinMumble
Copy link

Thanks @egobude!

@roberquesada
Copy link

Thank you @egobude! You saved me!

@geerlingguy
Copy link

Thanks @egobude :)

@DiegoVallely
Copy link

thanks @egobude

@theorician
Copy link

Bro are you serious?

https://gist.github.com/seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

@thegodone
Copy link

what would be the commands for HighSierra version ?

@seanhandley
Copy link
Author

seanhandley commented May 23, 2020

Bro are you serious?

https://gist.github.com/seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

@theorician I wrote this script to help set up our dev env at work. Works fine for us, but YMMV.

  1. Feel free to fork it.
  2. Configuring Docker is definitely not my area of expertise. If you want to suggest a safer command to recreate volumes, please let me know and I'll update the script.
  3. Please consider refining your approach in future when commenting on code people have shared freely. You can save your "bro" and your "fuck shit up" for arguing with minors in online games - keep your language civil and your feedback constructive and help make the world a more pleasant place in which to collaborate ❤️

@Wharenn
Copy link

Wharenn commented May 27, 2020

Bro are you serious?

seanhandley/7dad300420e5f8f02e7243b7651c6657#file-setup_native_nfs_docker_osx-sh-L43
docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

Indeed the pruning is not really expected. It can be easily missed when read. I missed it :p. Maybe a prompt to do it or not would prevent people from loosing their data while testing the script. It would be a nice addition to this (awesome) gist.

@seanhandley
Copy link
Author

I've updated the warning to:

WARNING: This script will shut down running containers and prune docker volumes.

I'm open to suggestions for how to handle recreating volumes in a more targeted way 👍

I also encourage D4M users to try this new edge feature - maybe it removes the need to workaround performance issues via NFS as done in this gist https://docs.docker.com/docker-for-mac/mutagen-caching/

@abdennour
Copy link

What about the embedded kubernetes with docker-for-mac ( or docker-for-desktop). it has already strogeclass "hostpath" as default.
Can we leverage this solution for dynamic PV provisioning with NFS (RWX) mount using Docker for Desktop ?

@darkn3rd
Copy link

How would you do this on Linux, I don't have a host.docker.internal on my network. Is this the docker gateway address?

@gabs77
Copy link

gabs77 commented Feb 20, 2021

I test my NFS configuration ans it's so slow
Composer install test on Magento :
no bind, no NFS, directly docker environment : 1m25
no bind, NFS Volume: 10m45 AND the permissions are not the goods ones
Maybe my config is not optimal but for me now on ma, the best performance is the following methods :

  • mount bind delegated custom code directory
  • not bind log, var, cache, vendor directory (keep only on docker environment)

@peanutlasko
Copy link

peanutlasko commented Apr 2, 2021

I keep trying to follow this guide and no matter how much I try to adjust permissions, it still continues to display an error and state: "Operation Not Supported"

I've allowed full disk access for iterm, console, nfsd.

My root cause it probably because my projects dont live in my home directory. They are on a separate volume, which I have still listed in my /etc/exports folder:

/System/Volumes/Data/Users -alldirs -mapall=501:20 localhost
/Volumes/Data/Docker -alldirs -mapall=501:20 localhost
/Volumes/Media -alldirs -mapall=501:20 localhost

@keywinf
Copy link

keywinf commented Jun 18, 2021

Seems to be broken for docker desktop > 3.2.2

@jamsinclair
Copy link

Firstly thanks for this script @seanhandley, you've helped so many of us! 🙇

Seems to be broken for docker desktop > 3.2.2

Running Docker Desktop (for mac) v3.5.1 and working fine here 🙆.

I'm open to suggestions for how to handle recreating volumes in a more targeted way 👍

If we're talking about only removing volumes for the current docker project, docker down -v may be a nicer solution 😸. Removes only named volumes from the compose file (See docker-compose down documentation)

@dev-danim
Copy link

dev-danim commented Jul 15, 2021

@jamsinclair yeah now it's working with v3.5.1, but thanks to the new docker volumes management (mutagen). No need for NFS volumes anymore (you can also remove your old :cached and :delegated flags)

@jamsinclair
Copy link

jamsinclair commented Jul 15, 2021

@dev-danim appreciate the update! Do you have any links around that? I don't see much mention of volume performance improvements in any of the docker blog and github material I'm browsing.

Edit: From what I can gather Docker went with "gRPC FUSE" instead of mutagen that has improved performance and made :delegated, :cached and :ro flags redundant. Still trying to track down which version this moved from experimental to stable. Seems to have flown under the radar.

tldr; as @dev-danim pointed out just update to the latest Docker Desktop build 😸. You may not need NFS mounts anymore.

Relevant Links:

@MafMihai
Copy link

MafMihai commented Sep 22, 2021

Is there any special requirement for M1 macs? I am struggling to start containers on it.
Stuck here -> data: addr=192.168.65.2,nolock,hard,nointr,nfsvers=3: invalid argument

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment