Skip to content

Instantly share code, notes, and snippets.

@nevmerzhitsky

nevmerzhitsky/article.md

Last active May 26, 2018 11:52
Show Gist options
  • Save nevmerzhitsky/696db451f39a4068a76ecf0fb4b3c189 to your computer and use it in GitHub Desktop.
Save nevmerzhitsky/696db451f39a4068a76ecf0fb4b3c189 to your computer and use it in GitHub Desktop.
Download ZIP
Configuring local docker machine
Raw
article.md

If you using Docker Toolbox then your installation include local instance of Docker Machine. Usually the instance use driver and instance of Oracle VirtualBox application.

Tune disk size

By default driver for VirtualBox create a virtual machine with 20GB of disk space. When developing a new image (Dockerfile or Docker Compose), this volume quickly ends and it makes sense to immediately allocate several times more space on your hard drive.

To change various parameters of VirtualBox for Docker check options: https://docs.docker.com/machine/drivers/virtualbox/#options

Let's create a new docker machine with increased amount of disk space.

Firstly remove a VM which was created on Docker Toolbox installation. (It is worth noting that it's possible to increase the amount of disk space for the existing VM but this is more difficult than creating a new one with the required volume.)

docker-machine rm -y default
docker-machine create --driver virtualbox \
    --virtualbox-cpu-count "-1" \
    --virtualbox-disk-size "50000" \
    --virtualbox-hostonly-cidr "192.168.98.1/24" \
    --virtualbox-share-folder "\\\\?\\c:\\:c" \
    default
docker-machine upgrade default

This commands create VM with 50GB disk space, access to all CPU on the host machine (``), use different sub-net for docker instead of 192.168.99.1/24, and mount C:/ instead of C:/Users as Docker Toolbox do by default. The last simplify mounting of host machine directories to containers: path on docker VM will match to path on host machine, so just use /c/foo/bar/ in Dockerfile and Docker Compose. You should change `\\?\c:\` to path where real root of your development files are placed.

Run unprivileged

By default containers start by super-user of OS in VirtualBox. To remove this security risk you can configure Docker Daemon to use user namespaces. This possible for particular container also but this case out of scope of the section.

This technique is recommended to apply only for clean docker host (without already existing images, containers, volumes or networks).

To do this go to SSH of docker machine (docker-machine ssh), switch to super-user and type:

cat <<EOL > /etc/docker/daemon.json
{
  "userns-remap": "default"
}
EOL

Then leave docker machine and restart it:

  • docker-machine stop
  • docker-machine start

You can get details about this technique here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment