Docker Machine on OSX, with VMware Fusion

For those of you who want to experiment with new technologies, e.g , docker – here’s a nice tutorial on how to run docker on OSX, without boot2docker which uses VirtualBox. Since I have VMware Fusion on my Mac, I was looking for a way to get rid of VirtualBox while still running docker on OSX with ease, using VMware Fusion instead, and getting direct access to the docker containers like you would on native linux.

Prequel

In OSX, Docker-daemon can’t run natively, since docker uses a linux kernel feature for containers (or FreeBSD ‘Jails’ ) which Mac OSX simply doesn’t have / was removed / not exposed. Bottom line – you cannot run docker on OSX Natively.

To the rescue – Boot2Docker.

mac_docker_host

Boot2Docker is a nice cli & package that installs VirtualBox on your Mac, creates a small VM , with a preconfigured Boot2Docker iso to boot from. Boot2Docker is also a tiny linux distro aimed at doing one thing only – running docker.

As this is usually not a real issue, the one thing you cannot do, is connect to the container itself while your on a remote host. that is, unless you expose specific ports to do so, since docker also creates an internal NAT on its hosting box.

So to summarize the problem again – How can I use docker on my OSX Mac, without having to use VirtualBox, while also being able to natively connect to my container’s network?

Fusion & Docker-Machine

To the rescue – Docker-Machine & VMware Fusion!
Docker-Machine is a utility (in beta) that allows you to start simple docker-hosts with ease, and on multiple cloud providers / private cloud providers. It support a really long list of providers at the moment like :

  • VMware vSphere/vCloudAir/Fusion 
  • OpenStack
  • Azure
  • Google
  • EC2
  • list goes on…

So essentially what id does is kind of like the boot2docker cli only not limited to just VirtualBox ( in fact i think they’ve merged their code base with docker-machine, but never mind :) )
First we’ll install docker-machine for OSX by simply downloading it here , renaming the downloaded file to “docker-machine” , giving it right permissions, and moving it to a generally available folder on OSX.
Also, lets download the docker client for OSX with brew.

Now, lets create a docker-machine on our fusion instance

This will create a new VM within fusion named osxdock. Now, we can work with our docker as we would on VirtualBox. If we would expose ports to the Boot2Docker host, we would be able to access them by accessing the VMs local ip and port allocated by Fusion.

To get to our docker client to connect to our docker vm , we’ll run the command $(docker-machine env osxdock) which will basically set our environment variables to our current active docker-machine.

Now, in order for us to be able to natively connect to our docker machine, like we would on other linux distros running docker directly, we’ll fiddle around with Fusion networking.

First, lets create a new network (don’t want to modify existing networks, although it should be ok) VMwareFusion – > Prefrences – > Network – > Click Lock to unlock, and Add a network with the + sign.

Mark only “Connect the host Mac to this network” & “Provide addresses on this network via DHCP”. I prefer to assign something close to the docker network, like 172.18.0.0/16 as my dhcp subnet. Lets take our docker-machine offline so we can add it with a network interface:


Open the machine within Fusion and add a NIC that uses the new network you had just created. In order for us to communicate with the containers we’ll have to create a route to that NIC, so each time our MAC tries to access the docker container itself, it would route through the docker-machine new NIC.

Now for the last part. In order for our route to remain static, and for the docker-machine which essentially just boots a Boot2Docker iso, thus , has no persistence, we’ll modify the Fusion network.
open up a terminal and go to the network setting (vmnet<number>) in my case, 4:

We will actually add a DHCP reservation. So our osxdock VM will always get the same IP automatically on the new NIC we’ve configured.
Add the following configuration to the bottom of the file:

Where EE:EE… stands for osxdock’s MAC address, and fixed IP is the fixed IP you want to give it. Make sure that you are allocating an IP from that DHCP’s range configured in the first section of the file.
you will need to restart Fusion after this configuration change, or just run this command to restart Fusion Netwroking:

Lastly, bring up your docker-machine, and make sure it gets the ip address you’ve configured by running ifconfig on the docker vm

Now tell your Mac to route all traffic to container subnets which is by default 172.17.0.0/16 to the osxdock vm “static” ip like so:


You can also create a permanent static route using the OSX StartupItems options, but I’ll let you google this one since it isn’t short unfortunately.

Presto! You can now run docker with a “native feel” on OSX, using VMware Fusion! You’ll be able to ping containers, access them without exporting ports, and work as if you are working in a native linux environment.

To check this, simply run a docker machine on osxdock, inspect it, and ping it, with the following command:

Happy devving!


Comments
Harvey Specter
Posted at 2:09 am March 15, 2015
Tim Goeke
Reply
Author

Really nice. Thx for the posting.

    Harvey Specter
    Posted at 8:46 am March 15, 2015
    Kushmaro
    Reply
    Author

    you’re welcome! :)

Harvey Specter
Posted at 6:22 pm March 31, 2015
jsm
Reply
Author

Hey, what’s your experience with this and mounting volumes?

    Harvey Specter
    Posted at 9:12 am April 12, 2015
    Kushmaro
    Reply
    Author

    Unfortunately I haven’t played around volumes and this method.

Harvey Specter
Posted at 9:29 am April 12, 2015
Thomas E.
Reply
Author

The on line installation if you have cask installed:
brew cask install docker-machine

    Harvey Specter
    Posted at 7:55 pm April 15, 2015
    Kushmaro
    Reply
    Author

    Great! thanks for the tip! :)

Harvey Specter
Posted at 5:33 am April 16, 2015
Mike
Reply
Author

I get the vmware-vmx process running fine, but it doesn’t seem to add it to the UI. Are you using Fusion 6 or 7?

    Harvey Specter
    Posted at 3:22 pm April 19, 2015
    Kushmaro
    Reply
    Author

    I’m using fusion 7, I have noticed a bit of UI problems myself in the first couple of runs.. simply close and open the fusion interface a couple of times until you see the vm.. a boot might help as well.

Harvey Specter
Posted at 9:57 pm April 21, 2015
James
Reply
Author

After setting up the NIC in the fusion settings and adding the vmnet MAC address and static IP to dhcpd.conf I get:
vmsvc[1029] [warning] [guestinfo] failed to get vmstats

Any Ideas?

    Harvey Specter
    Posted at 10:07 am July 31, 2015
    Kushmaro
    Reply
    Author

    I think this might be happening if you set up the static IP in the conf file where fusion is writing to.
    Try putting the config in the lowest or upper most part of the file.

Harvey Specter
Posted at 5:14 am May 17, 2015
Andy
Reply
Author

Thanks for the write-up! However, I think you need to have VMware Fusion Pro to do the networking setup …

    Harvey Specter
    Posted at 10:07 am July 31, 2015
    Kushmaro
    Reply
    Author

    Uhh… that might be a good case here. I did check this with the pro version.

Harvey Specter
Posted at 2:38 am July 18, 2015
Kbrock
Reply
Author

Thanks.

looks like homebrew now has docker-machine.
I installed with brew install docker-machine.

I’m running vmware fusion 6.0.5, so it this may be the reason for the difference.

I noticed that docker-machine env osxdoc didn’t seem to work for me when the machine was not visible in the vmware fusion ui. At that time docker-machine env did seem to work.

    Harvey Specter
    Posted at 10:16 am July 31, 2015
    Kushmaro
    Reply
    Author

    Hmmm, I haven’t tried this with 6.x , but fusion will show up the VM eventually, its just some kind of bug where when you create the VM through the docker-machine cli, fusion will not show you the vm for a while.

Harvey Specter
Posted at 12:22 pm November 26, 2015
ThomasB
Reply
Author

Nice guide, but I have some issues. When I initially create the machine, vmware uses NAT (vmnet8 — IP 172.18.230.0/16 ) by default.

Then I create the new network with the dhcp settings (vmnet3 on this setup) and start the docker machine. It boots just fine with the correct address but can’t interact with it via docker-machine does not update to the new 172.18.0.20 address.
Instead, if I run docker-machine ip osxdock, it reports the old installation IP somewhere in 172.18.230.0/16. I’ve tried hardcoding 172.18.0.20 into the config.json but the address gets overwritten with 172.18.230.x again.

I suspect this is because docker-machine binds to vmnet8 as used during the installation instead of the newly created vmnet3 and won’t detect the change. Oddly, according to this guide, this issue didn’t exist before.

OS X10.11.1/Fusion 8.0.2 Pro/latest docker & docker-machine via brew

    Harvey Specter
    Posted at 7:57 pm January 18, 2016
    Kushmaro
    Reply
    Author

    Sorry for the very late response.
    docker-machine reporting the “old” ip address is just fine. What the second NIC is meant to do is to act as your static route to the actual containers, allowing you to interact with them as if you were running them on your own MAC , seamlessly.

Harvey Specter
Posted at 2:07 pm February 11, 2016
Dave
Reply
Author

Late, I know, but… Have you thought about just running up an ubuntu vm under vmware, and then doing all your dev inside that vm. Just seems a lot simpler…

    Harvey Specter
    Posted at 9:01 pm February 17, 2016
    Kushmaro
    Reply
    Author

    if there’s something I hate, is using an ubuntu box when I have a Mac that is essentially a *nix machine.
    Actually, my entire dev team develops like this (only with windows as Host) .. I don’t get this approach TBH.

      Harvey Specter
      Posted at 10:34 am February 18, 2016
      Dave
      Reply
      Author

      I agree it’s frustrating that the Mac is running some flavour of *nix: but I think the correct way to think about this is that what matters for Docker is whether your OS has LXC…

      I think the point of this approach is that either way, you run a VM: you can either work entirely inside the VM or you can work partly inside the VM, which is what boot2docker enables. Partly inside requires jumping through the hoops you’ve described: fully inside means using Linux rather than OSX devtools. For me personally, the tools I like are in both OSes so it seems less complicated to avoid the hoops. But I guess YMMV.

Harvey Specter
Posted at 10:46 am April 2, 2016
fuzzycheck
Reply
Author

Hi, really interesting, but a lot of content is missing on this page. For example:

open up a terminal and go to the network setting (vmnet) in my case, 4:

We will actually add a DHCP reservation.

Add the following configuration to the bottom of the file:

Where EE:EE… stands for o

But thanks anyway, it points me in the right direction.

    Harvey Specter
    Posted at 9:04 pm April 11, 2016
    Omer Kushmaro
    Reply
    Author

    sorry that you feel this way, i’ll definitely try and find the time to update this post with more content!
    Thanks!

      Harvey Specter
      Posted at 9:37 am May 25, 2016
      Peter
      Reply
      Author

      Hi Omer,

      could you please explain what file and what content is added?

      To me it looks like the “code” samples are missing from the source of the HTML.

      Peter

      Harvey Specter
      Posted at 10:12 am May 27, 2016
      Paolo
      Reply
      Author

      Hi, what fuzzycheck is saying is that the article content is broken.. It lacks some images/boxes where they should be, making it useless now. Maybe they broke after you updated something in your blogging platform..

Leave a Reply

Navigation