Lima: A free, open source and free alternative to Docker Desktop for Mac

Hi everyone, this is Zhang Jintao.

Recently, Docker Inc. company suddenly changed its product and pricing strategies , Docker Desktop for Mac / Win no longer free for personal use within large enterprises.

Regarding the terms involved in this news, I will not introduce them here. Let me introduce you to a free, free and open source Docker for Mac alternative, containerd & Lima .

You only need to execute the following commands for a quick experience:

$ brew install lima
$ limactl start
$ lima nerdctl run -it --rm alpine

Note: If it is an Arm version of the Mac, you need to install an additional QEMU patch, please refer to the Lima document .

What is containerd? What is nerdctl?

containerd is an open source container runtime used by many projects, including Docker, and many cloud vendors' default Kubernetes clusters, such as AKS, EKS and GKE.

Since containerd project is limited to the non-user-oriented area , it is difficult for users to directly interact with containerd. So we recently contributed a personalized CLI as a non-core sub-project of containerd: nerdctl .

The functions and usage of nerdctl are almost the same as Docker CLI, but nerdctl also supports several cutting-edge features of containerd that do not exist in Docker. Such functions include but are not limited to delayed pull (stargz) and running encrypted image (ocicrypt) .

For more information about inputting nerdctl, please refer to the previous article: nerdctl: Docker-compatible CLI for contaiNERD

What is Lima?

Lima (Linux MAchines) can start a Linux virtual machine with automatic file sharing, port forwarding and the use of containerd.

Lima has received 3k stars on GitHub as of September 1, 2021.

We originally created Lima to promote containerd and nerdctl to Mac users, but Lima can also be used for other container engines, such as Podman or even non-containerized applications.

The design of Lima is similar to WSL2, but Lima uses MacOS as its main target host. Lima does not currently support Windows hosts. If there is a need, we can also consider supporting Windows systems.

Lima's technical details

The following are the technical details of Lima, thank you friends can take a look:

• Management program: QEMU, with hvf (Hypervisor.framework) accelerator;
• Supported Guest operating systems: Ubuntu (default), Debian, Fedora, Alpine, Arch, and openSUSE;
• File sharing (host->guset): "Reverse SSHFS" is used in the current version, which may change in the future and may switch to Samba;
• File sharing (guset->host): WebDAV over SSH ( https://github.com/lima-vm/sshwebdav );
• Port forwarding: ssh -L has an agent process monitoring /proc/net/tcp* in the guest;
• Network: "slirp" is used in user space by default. At the same time, it also supports the advanced network configuration of vmnet.framework https://github.com/lima-vm/vde_vmnet ;
• Security: No need to use root privileges on the host in the design, except for the optional vmnet.framework support;

Quick start

Install Lima

If you are using an Intel Mac, just run the following brew command to complete:

$ brew install lima

If you are using Arm Mac (M1), you need to install the current path version of a QUME to enable hvf accelerate, the patch may be incorporated into QUME upstream in the near future. Please refer to Lima's document

Start Lima

Execute limactl start and press Enter to select Proceed with the default configuration . After a few minutes, Lima will automatically download the VM image and start the virtual machine.

$ limactl start
? Creating an instance "default"  [Use arrows to move, type to filter]
> Proceed with the default configuration
  Open an editor to override the configuration
  Exit
...
INFO[0111] READY. Run `lima` to open the shell.

After seeing the output of READY lima uname -a to confirm that the virtual machine is already running.

$ lima uname -a
Linux lima-default 5.11.0-31-generic #33-Ubuntu SMP Wed Aug 11 13:19:04 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

Use lima nerdctl build and run a container

Create a file ~/lima-test/Dockerfile on the host and write the following content:

FROM nginx
RUN  echo "hello lima" > /usr/share/nginx/html/index.html

Then use the following command to build a container image lima-test

$ lima nerdctl build -t lima-test ~/lima-test

Lima mounts the host's home directory to the guest file system, so nerdctl in the guest can seamlessly access the ~/lima-test directory on the host. For safety's sake, the home directory is mounted as read-only by default, but it can also be mounted in read-write mode by modifying the configuration when limactl start

lima-test image just built can be started by the following command:

$ lima nerdctl run -d -p 127.0.0.1:8080:80 lima-test

127.0.0.1:8080 that has been mapped to port 80 in the container on the guest VM to 06134b8583d1ca on the 127.0.0.1:8080 , so you can directly open http://127.0.0.1:8080/ in Safari to access the lima-test container.

Rancher Desktop & GUI

Rancher Desktop has been adapted to Lima to run k3s on macOS. (I introduced this project to you in the previous "K8S Ecological Weekly")

Although Lima and nerdctl currently do not contain a GUI control surface, Rancher Desktop already uses Electron to provide a cool GUI.

In the future, the upstream Lima and nerdctl may also have their own GUI, depending on the needs (and contributions) from the community.

Original address: