Using Docker without Docker Desktop in MacOS

Installing Lima and creating a Docker VM

We can use Lima Linux VMs for MacOS to host Docker in a lightweight virtual Linux machine. First we need to install Lima (from MacOS terminal):

brew install lima

The Lima CLI tool is limactl. You can check the version installed:

limactl --version

You can use the default image doing limactl start, but instead of using default image let's create a Lima VM with Docker installed to use it as a Docker host. First thing is to download the Lima configuracion for this VM:

curl -LO https://raw.githubusercontent.com/lima-vm/lima/master/examples/docker.yaml

The file content is (just in case the link is not available):

# Example to use Docker instead of containerd & nerdctl
# $ limactl start ./docker.yaml
# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

# To run `docker` on the host (assumes docker-cli is installed):
# $ export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
# $ docker ...

# This example requires Lima v0.8.0 or later
images:
  # Hint: run `limactl prune` to invalidate the "current" cache
  - location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-amd64.img"
    arch: "x86_64"
  - location: "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-arm64.img"
    arch: "aarch64"
mounts:
  - location: "~"
    writable: false
  - location: "/tmp/lima"
    writable: true
ssh:
  localPort: 60006
  # Load ~/.ssh/*.pub in addition to $LIMA_HOME/_config/user.pub , for allowing DOCKER_HOST=ssh:// .
  # This option is enabled by default.
  # If you have an insecure key under ~/.ssh, do not use this option.
  loadDotSSHPubKeys: true
# containerd is managed by Docker, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false
provision:
  - mode: system
    script: |
      #!/bin/sh
      sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
  - mode: system
    script: |
      #!/bin/bash
      set -eux -o pipefail
      command -v docker >/dev/null 2>&1 && exit 0
      export DEBIAN_FRONTEND=noninteractive
      curl -fsSL https://get.docker.com | sh
      # NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
      systemctl disable --now docker
      apt-get install -y uidmap dbus-user-session
  - mode: user
    script: |
      #!/bin/bash
      set -eux -o pipefail
      systemctl --user start dbus
      dockerd-rootless-setuptool.sh install
      docker context use rootless
probes:
  - script: |
      #!/bin/bash
      set -eux -o pipefail
      if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
        echo >&2 "docker is not installed yet"
        exit 1
      fi
      if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
        echo >&2 "rootlesskit (used by rootless docker) is not running"
        exit 1
      fi
    hint: See "/var/log/cloud-init-output.log". in the guest
portForwards:
  - guestSocket: "/run/user/{{.UID}}/docker.sock"
    hostSocket: "{{.Dir}}/sock/docker.sock"
message: |
  To run `docker` on the host (assumes docker-cli is installed):
  $ export DOCKER_HOST=unix://{{.Dir}}/sock/docker.sock
  $ docker ...

File is saved in a docker.yaml file. Now it is time to start the Lima VM:

$ limactl start ./docker.yaml
 limactl start ./docker.yaml
? Creating an instance "docker" Open an editor to override the configuration
INFO[0031] Attempting to download the image from "https://cloud-images.ubuntu.com/impish/current/impish-server-cloudimg-arm64.img"  digest=
533.88 MiB / 533.88 MiB [----------------------------------] 100.00% 28.55 MiB/s
...
INFO[0052] [hostagent] Starting QEMU (hint: to watch the boot progress, see "/Users/david/.lima/docker/serial.log")
INFO[0052] SSH Local Port: 60006
...
...
INFO[0132] READY. Run `limactl shell docker` to open the shell.

Check that Docker is installed and working in the VM:

limactl shell docker docker version

Using the Linux VM as the Docker Host

Check that the Lima VM for Docker is running:

$ limactl list
NAME       STATUS     SSH                ARCH       CPUS    MEMORY    DISK      DIR
docker     Running    127.0.0.1:60006    aarch64    4       4GiB      100GiB    /Users/david/.lima/docker

To use docker from the host, just export DOCKER_HOST environment variable:

export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')

NOTE: You can also use SSH port 60006 to connect to Docker daemon:

export DOCKER_HOST="ssh://localhost:60006"

The problem if you run wihin this approach is that you might have some issues with Minikube using Docker driver. So it is recommended using the previous unix://{{.Dir}}/sock/docker.sock

Now, from the MacOS terminal you can check that Docker is working by running an image:

docker run --name nginx nginx

Once you run the image you can check also the downloaded image within the VM:

limactl shell docker docker image ls