Switching from Docker Desktop to Podman on macOS M1/M2 ARM64 CPU
After podman machine start, do podman machine ssh and create the following files:
/etc/sysctl.d/98-performance.conf
# the maximum number of open file handles
fs.file-max=518144
# the maximum number of memory map areas a process may have
vm.max_map_count=262144
# the maximum number of incoming connections
net.core.somaxconn=65000
# decrease "swappiness" (swapping out runtime memory vs. dropping pages)
vm.swappiness=1
# the % of system memory fillable with "dirty" pages before flushing
vm.dirty_background_ratio=40
# maximum % of dirty system memory before committing everything
vm.dirty_ratio=80
kernel.dmesg_restrict=0
net.core.rmem_default=212992
net.core.rmem_max=12582912
net.core.wmem_default=212992
net.core.wmem_max=12582912
net.ipv4.tcp_rmem=10240 212992 12582912
net.ipv4.tcp_wmem=10240 212992 12582912
fs.file-max=518144
fs.inotify.max_user_watches=131072
fs.inotify.max_queued_events=131072
fs.inotify.max_user_instances=512
# allow lower unprivileged port bind
net.ipv4.ip_unprivileged_port_start=20
# TCP retransmission retries
net.ipv4.tcp_retries2=5
/etc/security/limits.d/limits.conf
* soft nofile 65535
* hard nofile 65535
* soft memlock unlimited
* hard memlock unlimited
* soft nproc 262144
* hard nproc 524288
Originally I wanted to run rootless, but running podman compose with userns_mode: keep-id would result in this error message:
Error response from daemon: container uses ID mappings ([]specs.LinuxIDMapping{specs.LinuxIDMapping{ContainerID:0x1f5, HostID:0x0, Size:0x1}}), but doesn't map UID 0
Error: executing /opt/homebrew/bin/docker-compose up --detach: exit status 1
I tried going into podman machine ssh and adding root:0:65536 to /etc/subuid and /etc/subgid and restarting the machine but that didn't help. After a while, I decided since Podman's running in a VM anyway, I'd just re-init the machine with --rootful.