Last active January 23, 2025 09:49
How To Set Up Docker For Mac (Mojave) with Native NFS
version: '2'
- "nfsmount:${CONTAINER_DIR}"
driver: local
type: nfs
o: addr=host.docker.internal,rw,nolock,hard,nointr,nfsvers=3
device: ":${SOURCE_DIR}"
export CONTAINER_DIR=/myapp
export SOURCE_DIR=/Users/me/myapp
#!/usr/bin/env bash
OS=`uname -s`
if [ $OS != "Darwin" ]; then
echo "This script is OSX-only. Please do not run it on any other Unix."
exit 1
if [[ $EUID -eq 0 ]]; then
echo "This script must NOT be run with sudo/root. Please re-run without sudo." 1>&2
exit 1
echo ""
echo " +-----------------------------+"
echo " | Setup native NFS for Docker |"
echo " +-----------------------------+"
echo ""
echo "WARNING: This script will shut down running containers and prune docker volumes."
echo ""
echo -n "Do you wish to proceed? [y]: "
read decision
if [ "$decision" != "y" ]; then
echo "Exiting. No changes made."
exit 1
echo ""
if ! docker ps > /dev/null 2>&1 ; then
echo "== Waiting for docker to start..."
open -a Docker
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done
echo "== Stopping running docker containers..."
docker-compose down > /dev/null 2>&1
docker volume prune -f > /dev/null
osascript -e 'quit app "Docker"'
echo "== Resetting folder permissions..."
U=`id -u`
G=`id -g`
sudo chown -R "$U":"$G" .
echo "== Setting up nfs..."
LINE="/Users -alldirs -mapall=$U:$G localhost"
sudo cp /dev/null $FILE
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null
LINE="nfs.server.mount.require_resv_port = 0"
grep -qF -- "$LINE" "$FILE" || sudo echo "$LINE" | sudo tee -a $FILE > /dev/null
echo "== Restarting nfsd..."
sudo nfsd restart
echo "== Restarting docker..."
open -a Docker
while ! docker ps > /dev/null 2>&1 ; do sleep 2; done
echo ""
echo "SUCCESS! Now go run your containers 🐳"
Would sudo touch $FILE be better than sudo cp /dev/null $FILE (line 55) for cases when the file exists? For example, I already have the file with entries for other NFS shares using vagrant for other projects, so I don't want it emptied.

Otherwise thanks a lot for putting this together!

there's no need for sudo in sudo echo "$LINE" :)

talya commented Oct 8, 2018

Any chance you remember how you managed to get it working with nfsv4?
I get this error: β€œprotocol not supported” when using β€˜nfsvers=4’, β€˜nfsvers=4.1’ and β€˜vers=4’

Also, what seemed more stable with nfsv3? I’m actually trying to move to v4 to see if it improves performance, mainly around deleting many files and also how nfsv3 implements the β€œsilly rename” (causing β€œβ€Device or resource busy” errors on random .nfsXXXXX’ files)

idflood commented Nov 12, 2018

Just wondering why on line 50 you do sudo chown -R "$U":"$G" .?

It will change the permission of the current directory and subdirectories where this script is called if I'm right. So the script should probably be executed at the root of you app/shared folder, maybe a small comment could help : )

heads up: OSX Mojave has some new security restrictions. The script as is runs, but does not actually create the /etc/exports due to an unsurfaced permissions error.

Quick fix here:

You can quickly fix this issue by following the following steps:
Open β€œSystem Preferences”
Go to β€œSecurity & Privacy”
Then Privacy Tab
Click the β€œpadlock” icon in the bottom-left corner where it says β€œClick the lock to make changes” – enter your password when prompted
On the list of permissions on the left, select β€œFull Disk Access”
Now, on the right-hand side, click the little β€œ+” icon
This will open a browse window, use this to select your preferred Terminal e.g. β€œApplications > iTerm” or β€œApplications > Utilities > Terminal”
If the selected Terminal is already open, you’ll be asked to Quit it – quit the application and restart it
When you restart the selected application, you may prompted if you’d like to allow the app to make changes to your computer – accept and enter your password if required
Try mounting your vagrant machine and now the above error should no longer appear!

lhridley commented Mar 9, 2019

@wss-chadical The blog post in your comment above is protected with basic auth.

in my case the file /etc/nfs.conf already existed with other options on my system and it seems the script added the nfs.server.mount.require_resv_port = 0 at the end of the file but without a new line. Took me a while to notice.

egobude commented Oct 8, 2019

With macOS Catalina you have to use the following settings:

LINE="/Users -alldirs -mapall=$U:$G localhost" -> LINE="/System/Volumes/Data/Users -alldirs -mapall=$U:$G localhost"

export SOURCE_DIR=/System/Volumes/Data/Users/me/myapp

Thanks for sharing @egobude !

Thanks @egobude!

Thank you @egobude! You saved me!

Thanks @egobude :)

thanks @egobude

Bro are you serious?
docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

what would be the commands for HighSierra version ?

seanhandley commented May 23, 2020

Bro are you serious?
docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

@theorician I wrote this script to help set up our dev env at work. Works fine for us, but YMMV.

  1. Feel free to fork it.
  2. Configuring Docker is definitely not my area of expertise. If you want to suggest a safer command to recreate volumes, please let me know and I'll update the script.
  3. Please consider refining your approach in future when commenting on code people have shared freely. You can save your "bro" and your "fuck shit up" for arguing with minors in online games - keep your language civil and your feedback constructive and help make the world a more pleasant place in which to collaborate ❀️

Wharenn commented May 27, 2020

Bro are you serious?

docker volume prune -f??

Seriously, get rid of that, someone is going to fuck their shit up with that.

Indeed the pruning is not really expected. It can be easily missed when read. I missed it :p. Maybe a prompt to do it or not would prevent people from loosing their data while testing the script. It would be a nice addition to this (awesome) gist.

I've updated the warning to:

WARNING: This script will shut down running containers and prune docker volumes.

I'm open to suggestions for how to handle recreating volumes in a more targeted way πŸ‘

I also encourage D4M users to try this new edge feature - maybe it removes the need to workaround performance issues via NFS as done in this gist

What about the embedded kubernetes with docker-for-mac ( or docker-for-desktop). it has already strogeclass "hostpath" as default.
Can we leverage this solution for dynamic PV provisioning with NFS (RWX) mount using Docker for Desktop ?

How would you do this on Linux, I don't have a host.docker.internal on my network. Is this the docker gateway address?

Copy link

gabs77 commented Feb 20, 2021

I test my NFS configuration ans it's so slow
Composer install test on Magento :
no bind, no NFS, directly docker environment : 1m25
no bind, NFS Volume: 10m45 AND the permissions are not the goods ones
Maybe my config is not optimal but for me now on ma, the best performance is the following methods :

  • mount bind delegated custom code directory
  • not bind log, var, cache, vendor directory (keep only on docker environment)

peanutlasko commented Apr 2, 2021

I keep trying to follow this guide and no matter how much I try to adjust permissions, it still continues to display an error and state: "Operation Not Supported"

I've allowed full disk access for iterm, console, nfsd.

My root cause it probably because my projects dont live in my home directory. They are on a separate volume, which I have still listed in my /etc/exports folder:

/System/Volumes/Data/Users -alldirs -mapall=501:20 localhost
/Volumes/Data/Docker -alldirs -mapall=501:20 localhost
/Volumes/Media -alldirs -mapall=501:20 localhost

keywinf commented Jun 18, 2021

Seems to be broken for docker desktop > 3.2.2

Copy link

Firstly thanks for this script @seanhandley, you've helped so many of us! πŸ™‡

Seems to be broken for docker desktop > 3.2.2

Running Docker Desktop (for mac) v3.5.1 and working fine here πŸ™†.

I'm open to suggestions for how to handle recreating volumes in a more targeted way πŸ‘

If we're talking about only removing volumes for the current docker project, docker down -v may be a nicer solution 😸. Removes only named volumes from the compose file (See docker-compose down documentation)

dev-danim commented Jul 15, 2021

@jamsinclair yeah now it's working with v3.5.1, but thanks to the new docker volumes management (mutagen). No need for NFS volumes anymore (you can also remove your old :cached and :delegated flags)

jamsinclair commented Jul 15, 2021

@dev-danim appreciate the update! Do you have any links around that? I don't see much mention of volume performance improvements in any of the docker blog and github material I'm browsing.

Edit: From what I can gather Docker went with "gRPC FUSE" instead of mutagen that has improved performance and made :delegated, :cached and :ro flags redundant. Still trying to track down which version this moved from experimental to stable. Seems to have flown under the radar.

tldr; as @dev-danim pointed out just update to the latest Docker Desktop build 😸. You may not need NFS mounts anymore.

Relevant Links:

MafMihai commented Sep 22, 2021

Is there any special requirement for M1 macs? I am struggling to start containers on it.
Stuck here -> data: addr=,nolock,hard,nointr,nfsvers=3: invalid argument

