Any Mac Docker users here? A few Docker questions from a new user

Software
,
1

I’ve been using VMs on the desktop and server for years and largely get how those work. And I at a high level get that containers share a lot of system level services so each container doesn’t need its own full copy of the OS like a VM does.

I’m doing some reading now and working through a tutorial or two. Installed Docker on my Mac. In a VM I can see the massive VM file on my machine. But when I download and run a container, it’s not entirely clear to me where it really is on my local disk?

Can anyone shed some light on that for me? And any other tips/tricks or especially notable uses you’ve found for Docker on Mac?

Thanks!

2

docker → settings → resources Look at “Disk image location”

Mine is ~/Library/Containers/com.docker.docker/Data/vms/0/data

Docker Images are built in layers, any shared layer is not duplicated on disk.

3 Likes
3

I assume this will show the images locations not the containers.

1 Like
4

Few things:

  1. Docker for Mac run Linux images only. It doesn’t run Windows images.
  2. I am not sure why you specifically need to find the images locations, you can manage everything from the UI or CLI using docker images command.
  3. Docker is great for running specialized software that require other dependencies and you don’t want to install all of that on your host OS
  4. To really leverage Docker you will need to get familiar with its run command and alias them to shorter commands.
1 Like
5

Hi speedmaster, I try to explain.

When you do “docker run hello-world” the following happens:

  1. the docker daemon checks if a hello-world docker image is already existing locally
    1.1 if it is not, it will pull the image from an image repository (default hub.docker.com)
  2. the docker daemon creates a docker container based on that image
    means docker container = docker image at runtime

Docker containers are immutable.
When you make changes to a container and stop the container, all changes will be lost, except when you are binding “volumes” to the container.
That is really huge, because you can play around inside the container without destroying anything.

Useful examples:
$ docker run -it ubuntu bash

  • creates a latest ubuntu container in interactive mode and get’s you into its bash

$ docker run -it -v $(pwd):/macOSFolder ubuntu bash

  • gets you also into the ubuntu bash but also mounts the current directory into the container
  • means when you create files in /macOSFolder inside the container they will be created and accessible from macOS

$ docker ps

  • lists all running docker container with their id

$ docker exec -it ##ubuntu container id## bash

  • get you into the bash of the already running ubuntu container

$ docker image prune -f

  • removes unused images

All docker containers are running as the macOS user which is running the docker daemon, root by default. To change the user use -u

$ docker run -it -u $(id -u) ubuntu bash

  • gets you a bash inside the ubuntu container as the current host on macOS

$ docker stop ##ubuntu container id##

  • stops a running image

There is a lot more.
For the storage paths of the images and containers have a look at the output of
$ docker info

When combining different container (e.g. nginx, Nextcloud, fail2ban, etc.) have a look at docker-compose. You can define a docker-compose.yml file with all the settings and simply do
$ docker-compose up
to run the whole composition or also do “down” instead of “up”.

Hope this helps somehow. Docker is a huge topic, but really really handy, especially for trying tools to apps without really installing them and their libraries.

  • Stefan
4 Likes
6

Stefan, this is amazing, thanks so much!! You even guessed at my follow-up questions!!! I was wondering what kind of accounts/creds were created and used by default. :slight_smile:

7

You are welcome :slight_smile:
I just tried to remember my most important findings of the years.

But be careful for using Docker Desktop professionally, Docker changed the subscription agreement. In some cases, it is not free anymore since end of Jan. 2022.

1 Like
8

The Docker.raw file contains all of the things, Containers, Images, and Volumes.

An Image, as you said, is a minimal operating system, along with whatever software it runs/needs. When you run it, a Container is created which provides disk space for the image. Containers can be easily discarded, so you don’t want to store data that you will need long-term in there. The answer to that, is to map folders within the Image to folders on your actual drive on you Mac. Use the -v command for that. When you run the Image, the folder in the Container becomes connected to the folder on your drive, and the Container uses it transparently.

I do this to process fMRI data. There is an image called niprep/fmriprep that I use.

As @mina said, I have this command that runs the Image with the appropriate folder mappings.

docker run -ti --rm \
    -v /Volumes/fMRI/aim2/BIDS:/data:ro \
    -v /Volumes/fMRI/aim2/BIDS/derivatives:/out \
    -v /Volumes/fMRI/aim2/BIDS/work:/work \
    nipreps/fmriprep:20.2.6 \
    /data /out/fmriprep-20.2.6 \
    sub-001 \
    -w /work

This runs the docker Image and maps /Volumes/fMRI/aim1/BIDS to /data within the Container, and makes it read only (the :ro option).
It also maps /Volumes/fMRI/aim1/BIDS/derivatives to /out (again, in the Container), and /Volumes/fMRI/aim1/BIDS/work to /work (in the Container).
The Image to run is specified on the next line nipreps/fmriprep:20.2.6.
The /data and /out folders are specified as where the data will come from and be saved to, the subject sub-001 is specified, then the work folder is specified.

There are also ways to run an Image and run a shell so that you get a # prompt in the OS running in the container. So if I do that with the above command, then do ls -l on the /data folder, I actually see the contents of /Volumes/fMRI/aim2/BIDS:

image
image1228×490 70.7 KB

Containers can also run various servers, such as a web server, or a jupyter notebooks server.

Endless possibilities!

One caveat: With Monterey installed, I found that my iMac Pro would shutdown without error or warning if I left Docker (or VMWare) running while I walked away for a while. I moved back to Big Sur, and everything is fine.

2 Likes
9

Oh definitely. We’d be using commercial tools for work.

10

Thanks so much! This is helpful.

11

@mina Thanks. I definitely don’t need to know where they are. But I like to ry to have a mental picture of what is happening and where. :slight_smile:

12

One other interesting use. I have an ADS-B receiver set up here at my house. It tracks aircraft via crowdsourcing and sends to a server.
https://globe.adsbexchange.com

I have an antenna connected to a Raspberry Pi running a special image of the Raspbian OS. It can be a minor hassle getting the image installed on a card running on the Pi. But I think it’s available as a container now so I might try that at some point.

1 Like
13

I have Docker running 24/7 on Monetary on M1 no issues. Is that a known issue with Intel processors?

14

That makes sense. Dockers are very complex though, probably reading more about how the engine works is probably very beneficial.

1 Like
15

n=1