so im trying to create a non-rootless docker setup because i think rootless is causing me some trouble when trying to use KIND w/ cilium. atm im just copying the docker.yaml template and tweaking it, and ive got it working, but the port-forward isn’t working, even after updating it to use

/var/run/docker.sock

.

(the tweet link didn’t seem expanded, but there will be a session about Lima at KubeCon:

Running containerd  and k3s on macOS

06:25 PDT / 09:25 EDT / 13:25 UTC / 15:25 CEST / 22:25 JST)

@best-accountant-68201 @fast-garage-66093 is there a reason sshfs isn’t suitable for single file mounts? regarding https://github.com/lima-vm/lima/issues/130#issuecomment-888178048. i was considering implementing the feature, but wanted to check what might be blocking it.

Hi everyone, I'm using the docker template on my mac M1. This works really great. Now I'm trying to find a way to import certificates in the lima vm. This is needed because of a proxy that I use. Is it possible to copy them from the host into the vm during the creation of the vm? or Is it possible to create my own ubuntu vm image?

Is it possible for a created lima vm to "migrate" the data to a new created lima vm? The reason I'm asking is, I want to change the

ubuntu cloud image

that is been used. Only changing the

lima.yaml

doesn't seem have effect.

Seems the power supply in my FreeBSD box died. Guess those years in the attic made it feel sad

Hello folks! Yesterday I've tried to package and try lima

v0.11.0

on NetBSD and it (mostly) just works out of the box! Thanks a lot for that! (it needed a patch to fix unused

err

that I've then seen it was landed yesterday on HEAD too and

-cpu host

was not supported so I've locally patched that to

-cpu max

via https://github.com/NetBSD/pkgsrc-wip/blob/master/lima/patches/patch-pkg_limayaml_defaults.go I have investigate a bit further on that (and seen that https://github.com/lima-vm/lima/commit/f32d795ad775b33680d6f7283e58c5d17e98d382 landed) and I think it's easy to add

-cpu host

support for NVMM accelerator too, so no

lima

changes should be needed (I've them locally and I will likely commit them tomorrow in pkgsrc (The NetBSD package system)

Neat, both FreeBSD and NetBSD still have support for

docker-machine

in their package collections. Maybe we should just port the VirtualBox driver to lima and call it a day ? (it just forks

VBoxManage

)

I'm trying to run lima docker template with docker root capability. I remove the following lines in the template (with the #, at mode system and mode user)

# Example to use Docker instead of containerd & nerdctl
# $ limactl start ./docker.yaml
# $ limactl shell docker docker run -it -v $HOME:$HOME --rm alpine

# To run `docker` on the host (assumes docker-cli is installed):
# $ export DOCKER_HOST=$(limactl list docker --format 'unix://{{.Dir}}/sock/docker.sock')
# $ docker ...

arch: "x86_64"

# This example requires Lima v0.8.0 or later
images:
# Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.
- location: "<https://cloud-images.ubuntu.com/releases/21.10/release-20220201/ubuntu-21.10-server-cloudimg-amd64.img>"
  arch: "x86_64"
  # digest: "sha256:73fe1785c60edeb506f191affff0440abcc2de02420bb70865d51d0ff9b28223"
- location: "<https://cloud-images.ubuntu.com/releases/21.10/release-20220201/ubuntu-21.10-server-cloudimg-arm64.img>"
  arch: "aarch64"
  # digest: "sha256:1b5b3fe616e1eea4176049d434a360344a7d471f799e151190f21b0a27f0b424"
# Fallback to the latest release image.
# Hint: run `limactl prune` to invalidate the cache
- location: "<https://cloud-images.ubuntu.com/releases/21.10/release/ubuntu-21.10-server-cloudimg-amd64.img>"
  arch: "x86_64"
- location: "<https://cloud-images.ubuntu.com/releases/21.10/release/ubuntu-21.10-server-cloudimg-arm64.img>"
  arch: "aarch64"

mounts:
- location: "~"
- location: "/tmp/lima"
  writable: true
# containerd is managed by Docker, not by Lima, so the values are set to false here.
containerd:
  system: false
  user: false
provision:
- mode: system
  # This script defines the host.docker.internal hostname when hostResolver is disabled.
  # It is also needed for lima 0.8.2 and earlier, which does not support hostResolver.hosts.
  # Names defined in /etc/hosts inside the VM are not resolved inside containers when
  # using the hostResolver; use hostResolver.hosts instead (requires lima 0.8.3 or later).
  script: |
    #!/bin/sh
    sed -i 's/host.lima.internal.*/host.lima.internal host.docker.internal/' /etc/hosts
- mode: system
  script: |
    #!/bin/bash
    set -eux -o pipefail
    command -v docker >/dev/null 2>&1 && exit 0
    export DEBIAN_FRONTEND=noninteractive
    curl -fsSL <https://get.docker.com> | sh
#     # NOTE: you may remove the lines below, if you prefer to use rootful docker, not rootless
#     systemctl disable --now docker
#     apt-get install -y uidmap dbus-user-session
# - mode: user
#   script: |
#     #!/bin/bash
#     set -eux -o pipefail
#     systemctl --user start dbus
#     dockerd-rootless-setuptool.sh install
#     docker context use default
probes:
- script: |
    #!/bin/bash
    set -eux -o pipefail
    if ! timeout 30s bash -c "until command -v docker >/dev/null 2>&1; do sleep 3; done"; then
      echo >&2 "docker is not installed yet"
      exit 1
    fi
    if ! timeout 30s bash -c "until pgrep rootlesskit; do sleep 3; done"; then
      echo >&2 "rootlesskit (used by rootless docker) is not running"
      exit 1
    fi
  hint: See "/var/log/cloud-init-output.log". in the guest
hostResolver:
  # hostResolver.hosts requires lima 0.8.3 or later. Names defined here will also
  # resolve inside containers, and not just inside the VM itself.
  hosts:
    host.docker.internal: host.lima.internal
portForwards:
- guestSocket: "/var/run/docker.sock"
  hostSocket: "{{.Dir}}/sock/docker.sock"
message: |
  To run `docker` on the host (assumes docker-cli is installed), run the following commands:
  ------
  docker context create lima --docker "host=unix://{{.Dir}}/sock/docker.sock"
  docker context use lima
  docker run hello-world
  ------

This seems not to work. Seems that the socket is not on user level.

default *   Current DOCKER_HOST based configuration   unix:///var/run/docker.sock                         swarm

So I changed the portForwards:

portForwards:
- guestSocket: "/var/run/docker.sock"
  hostSocket: "{{.Dir}}/sock/docker.sock"

But when I set the

docker context

to the lima vm (the socket available in

.lima

folder) it doesn't work. With

docker ps

->

error during connect: Get "<http://%2FUsers%2FUSER%2F.lima%2Fdocker_x86_64_root%2Fsock%2Fdocker.sock/v1.24/containers/json?all=1>": EOF

Did I miss something?

If anyone wants to use Lima on Windows, https://github.com/lima-vm/lima/issues/909#issuecomment-1159647123

Same ole Hyper-V either way, but some people find this to be more exciting than VirtualBox

i.e. use "/home/lima" for the home directory and 4096 for the user id. or something to that effect, there just is no "mapping" the regular user name is prefixed with the domain (in upper case, of course) and then a backslash to make sure it fails

does anyone know how to craft an SSH config using eg: proxycommand with limactl so that

ssh $lima_vm

works directly? I’ve got an ssh alias, which calls my ssh binary that handles setting TERMINFO on the remote end (for Kitty terminal) and id like to have that functionality, but it’s cumbersome to

eval "$(limactl show-ssh my-vm-name)"

final version:

# match lima VM names and use limactl to ssh to them
Match exec "limactl list -q | grep -q '%h'"
    ProxyCommand limactl shell %h nc 127.0.0.1 22

Unfortunately it seems like QEMU is even more unstable on Windows, than on macOS. And that is after the all the compromises needed, to work around the OS shortcomings

I guess the good news is that the Hyper-V virtualization of Alpine seems to be working OK, always something ? Beyond submitting some other small patches I accumulated, I don't think I will continue with the port myself...

Hello, I was just wondering, is there a way to share VMs? Is there a way to setup/create a base vm that can be shared among a team using lima?

Hello everyone, Quick Question: What would cause the user creation to fail? I sometimes see this error:

util.py[WARNING]: Failed to create user johndoe

here's a little snippet:

[    9.302014] cloud-init[620]: 2022-07-06 22:56:06,308 - cc_ca_certs.py[WARNING]: DEPRECATION: key 'ca-certs' is now deprecated. Use 'ca_certs' instead.
[    9.310466] cloud-init[620]: Updating certificates in /etc/ssl/certs...
[    9.957213] cloud-init[620]: 0 added, 0 removed; done.
[    9.959290] cloud-init[620]: Running hooks in /etc/ca-certificates/update.d...
[    9.961933] cloud-init[620]: done.
[    9.983448] cloud-init[620]: 2022-07-06 22:56:06,989 - util.py[WARNING]: Failed to create user johndoe
[    9.986888] cloud-init[620]: 2022-07-06 22:56:06,991 - util.py[WARNING]: Running module users-groups (<module 'cloudinit.config.cc_users_groups' from '/usr/lib/python3/dist-packages/cloudinit/config/cc_users_groups.py'>) failed
[   10.520038] cloud-init[620]: Generating public/private rsa key pair.
[   10.522103] cloud-init[620]: Your identification has been saved in /etc/ssh/ssh_host_rsa_key
[   10.524759] cloud-init[620]: Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub
[   10.527118] cloud-init[620]: The key fingerprint is:

Which is causing this other error towards the end:

sudo -iu johndoe XDG_RUNTIME_DIR=/run/user/501 systemctl --user enable --now dbus
sudo: unknown user johndoe
sudo: error initializing audit plugin sudoers_audit

a bit more snippet:

[   33.254669] sudo[2228]: + '[' -e /run/user/501/systemd/private ']'
[   33.255221] sudo[2228]: + '[' -n '' ']'
[   33.255977] sudo[2228]: + sudo -iu johndoe XDG_RUNTIME_DIR=/run/user/501 systemctl --user enable --now dbus
[   33.257239] sudo[2228]: sudo: unknown user johndoe
[   33.259272] sudo[2228]: sudo: error initializing audit plugin sudoers_audit
[   33.259392] sudo[2228]: LIMA| WARNING: Failed to execute /mnt/lima-cidata/boot/40-install-containerd.sh

But if I create a new user, say

janedoe

on my macOS, run

sudo su - janedoe

, copy over the .lima folder from

johndoe

user to

janedoe

and run

limactl start vm-name

, it starts fine with no issues... Any ideas what the issue could be or where I can look?

Is this the right channel to ask about M1 limavm issues?

I am having the famous waiting for the essential requirement of ssh as follows

limactl start --name odb odb_lima.yaml
? Creating an instance "odb" Proceed with the current configuration
INFO[0001] Attempting to download the image from "<https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-amd64.img>"  digest=
600.38 MiB / 600.38 MiB [----------------------------------] 100.00% 18.66 MiB/s
INFO[0034] Downloaded the image from "<https://cloud-images.ubuntu.com/releases/22.04/release-20220712/ubuntu-22.04-server-cloudimg-amd64.img>"
INFO[0034] Attempting to download the nerdctl archive from "<https://github.com/containerd/nerdctl/releases/download/v0.21.0/nerdctl-full-0.21.0-linux-amd64.tar.gz>"  digest="sha256:728f9b543374b1b1733f759608e156dbe578d7b140a081084a1f4bfb4f2b3fbf"
INFO[0034] Using cache "/Users/jaimegarza/Library/Caches/lima/download/by-url-sha256/dd4613292b3a598687b9e5f97a294845661491c61e554435a27c6f6c691f8dd4/data"
INFO[0035] [hostagent] Starting QEMU (hint: to watch the boot progress, see "/Users/jaimegarza/.lima/odb/serial.log")
INFO[0035] SSH Local Port: 49615
INFO[0035] [hostagent] Waiting for the essential requirement 1 of 3: "ssh"
and more lines like this

Now, that's a whole lot of work to use lima just to run Word Perfect. Reminded me of that time someone wanted to use MacPorts to install... Xgalaga. But it is still very useful to be able to run graphical applications in containers, so added an issue about it: https://github.com/lima-vm/lima/issues/989

Something like this use case, here in the usual security-schmecurity style of docker: https://blog.jessfraz.com/post/docker-containers-on-the-desktop/

Yeah, I used to run desktop apps in containers back in the days when Linux was my primary OS. I also used systemd-nspawn for a while. But I had to give up when I switched from Linux as I am unable to replicate the desired (graphic) performance. I now use headless VMs instead.

Released v0.11.3 https://github.com/lima-vm/lima/releases/tag/v0.11.3

Hi. Does one else have experience issue when using pipe | on mac OS with lima nerdctl command? https://github.com/lima-vm/lima/issues/1012

Hello every1 🙂 Anyone tried configuring Lima VM to expose container access directly to host ? ( access containers from host by their private IP ) If anyone with some experience on the topic or some tips could help, I’d appreciate it a lot 🙂 ty 🖖 ( my original question in #rancher-desktop) https://rancher-users.slack.com/archives/C0200L1N1MM/p1660222613294579

Hi everyone, joined to track any announcements regarding limactl being flagged as malware and deleted on macOS, making using any version of Rancher Desktop impossible. Would hate to have my team revert to Docker Desktop for Mac.

anyone know if there’s been any work by anyone to enable virtiofs on lima?

Is there a template variable that I can use to reference my

~

mount’s absolute path? Trying to set a few variables in my

.bashrc

as part of the provisioning and it relies on knowing the path to my Mac’s

~

within the VM, and I’d like to avoid hardcoding it since this template is shared with others.

also fun, just hit a 9p issue:

Network dropped connection on reset

much like this: https://github.com/lima-vm/lima/issues/831 still digging into it.