Saturday, December 27, 2014

Top 5 Gotchas When Running Docker on a Mac

Running Docker on Mac is meant to be a convenience but the fact that Docker on Mac is a 2nd class citizen shows up every now and then. Since Docker is based on Linux cgroups, it cannot and does not run natively on MacOS X. Instead, Docker runs on Macs by using boot2docker, a shim that boots up a whole VirtualBox VM on which one will actually run Docker. Running Docker inside of a VM on Macs complicates things quite a bit.

First, VirtualBox does not support all the nifty new instruction sets on the latest processors thus anything that relies on such instructions won't work.

Second, the VMDK VirtualBox disk image grows monotonically which each Docker image one creates. If Docker were running natively, any stale images could be removed to free up space. Not so for the VirtualBox-hosted Docker. Although images can be removed, the reserved space in the VirtualBox boot2docker disk image remains hence one will be faced with an ever growing chunk of disk space consumed by the boot2docker image. There is an undesirable workaround here. If the all of the important images are safely squirreled away elsewhere, one can do a "boot2docker delete" to clobber the boot2docker disk image completely followed by a "boot2docker init" to create a fresh boot2docker image with none of the docker images.

Third, networking is complicated by the VirtualBox layer. Now connecting to a Docker container means not only going through Docker networking but also a VirtualBox NAT. This can be worked around using boot2docker but it is certainly not as straightforward as running Docker natively.

Fourth, if it happens that the boot2docker disk image isn't large enough, one might have to go into the disk image (or even the source ISO image) itself to tweak that.

Fifth, though the choice of VirtualBox makes it convenience to have a prepackaged open-source hypervisor easily deployed with boot2docker, sometimes this just is not as robust as some of the other hypervisors out there.

Unfortunately, neither Rocket nor LXD will likely solve these issues since they also fundamentally rely on Linux kernel support for containerization.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.