Saved searches
Use saved searches to filter your results more quickly
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.
Linux virtual machines, on macOS (aka «Linux-on-Mac», «macOS subsystem for Linux», «containerd for Mac», unofficially)
License
TrendingTechnology/lima-1
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
Latest commit
Git stats
Files
Failed to load latest commit information.
README.md
Lima: Linux virtual machines (on macOS, in most cases)
Lima launches Linux virtual machines with automatic file sharing, port forwarding, and containerd.
Lima can be considered as a some sort of unofficial «macOS subsystem for Linux», or «containerd for Mac».
Lima is expected to be used on macOS hosts, but can be used on Linux hosts as well.
✅ Automatic port forwarding
The goal of Lima is to promote containerd including nerdctl (contaiNERD ctl) to Mac users, but Lima can be used for non-container applications as well.
- Rancher Desktop: Kubernetes and container management to the desktop
- Colima: Docker (and Kubernetes) on macOS with minimal setup
- Lima xbar plugin: xbar plugin to start/stop VMs from the menu bar and see their running status.
- lima-gui: Qt GUI for Lima
$ uname -a Darwin macbook.local 20.4.0 Darwin Kernel Version 20.4.0: Thu Apr 22 21:46:47 PDT 2021; root:xnu-7195.101.2~1/RELEASE_X86_64 x86_64 $ lima uname -a Linux lima-default 5.11.0-16-generic #17-Ubuntu SMP Wed Apr 14 20:12:43 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ LIMA_INSTANCE=arm lima uname -a Linux lima-arm 5.11.0-16-generic #17-Ubuntu SMP Wed Apr 14 20:10:16 UTC 2021 aarch64 aarch64 aarch64 GNU/Linux
See ./docs/multi-arch.md for Intel-on-ARM and ARM-on-Intel .
Sharing files across macOS and Linux
$ echo "files under /Users on macOS filesystem are readable from Linux" > some-file $ lima cat some-file files under /Users on macOS filesystem are readable from Linux $ lima sh -c 'echo "/tmp/lima is writable from both macOS and Linux" > /tmp/lima/another-file' $ cat /tmp/lima/another-file /tmp/lima is writable from both macOS and Linux
Running containerd containers (compatible with Docker containers)
$ lima nerdctl run -d --name nginx -p 127.0.0.1:8080:80 nginx:alpine http://127.0.0.1:8080 is accessible from both macOS and Linux.
Install recent version of QEMU. v6.1.0 or later is recommended.
On ARM Mac hosts, a patched version of QEMU has to be installed for enabling -accel hvf support.
The patch was merged into the master branch on 2021-09-21 and will be included in QEMU v6.2.0.
The patch is already cherry-picked in the Homebrew package of QEMU since 6.1.0_1 bottle.
- Download the binary archive of Lima from https://github.com/lima-vm/lima/releases , and extract it under /usr/local (or somewhere else). For instance:
brew install jq VERSION=$(curl -fsSL https://api.github.com/repos/lima-vm/lima/releases/latest | jq -r .tag_name) curl -fsSL https://github.com/lima-vm/lima/releases/download/$ /lima-$:1>-$(uname -s)-$(uname -m).tar.gz | tar Cxzvm /usr/local
NOTE Lima is not regularly tested on ARM Mac (due to lack of CI).
[macOS]$ limactl start . INFO[0029] READY. Run `lima` to open the shell. [macOS]$ lima uname Linux
- Run limactl start [—tty=false] to start the Linux instance. The default instance name is «default». Lima automatically opens an editor ( vi ) for reviewing and modifying the configuration. Wait until «READY» to be printed on the host terminal. —tty=false disables the interactive prompt to open an editor.
- Run limactl shell to launch on Linux. For the «default» instance, this command can be shortened as lima . The lima command also accepts the instance name as the environment variable $LIMA_INSTANCE .
- Run limactl copy . to copy files between instances, or between instances and the host. Use : to specify a source or target inside an instance.
- Run limactl list [—json] to show the instances.
- Run limactl stop [—force] to stop the instance.
- Run limactl delete [—force] to delete the instance.
- To enable bash completion, add source <(limactl completion bash) to ~/.bash_profile .
- To enable zsh completion, see limactl completion zsh —help
⚠️ CAUTION: make sure to back up your data
Lima may have bugs that result in loss of data.
Make sure to back up your data before running Lima.
Especially, the following data might be easily lost:
- Data in the shared writable directories ( /tmp/lima by default), probably after hibernation of the host machine (e.g., after closing and reopening the laptop lid)
- Data in the VM image, mostly when upgrading the version of lima
- OS: Ubuntu 21.10 (Impish Indri)
- CPU: 4 cores
- Memory: 4 GiB
- Disk: 100 GiB
- Mounts: ~ (read-only), /tmp/lima (writable)
- SSH: 127.0.0.1:60022
- Hypervisor: QEMU with HVF accelerator
- Filesystem sharing: reverse sshfs (likely to be replaced with 9p or Samba in future)
- Port forwarding: ssh -L , automated by watching /proc/net/tcp and iptables events in the guest
- Please certify your Developer Certificate of Origin (DCO), by signing off your commit with git commit -s and with your real name.
- Please squash commits.
- Test on ARM Mac
- Performance optimization
- More guest distros
- Windows hosts
- VirtFS to replace the current reverse sshfs (work has to be done on QEMU repo)
- vsock to replace SSH (work has to be done on QEMU repo)
- Generic
- «What’s my login password?»
- «Does Lima work on ARM Mac?»
- «Can I run non-Ubuntu guests?»
- «Can I run other container engines such as Docker and Podman? What about Kubernetes?»
- «Can I run Lima with a remote Linux machine?»
- «Advantages compared to Docker for Mac?»
- «QEMU crashes with HV_ERROR «
- «QEMU is slow»
- error «killed -9»
- «QEMU crashes with vmx_write_mem: mmu_gva_to_gpa XXXXXXXXXXXXXXXX failed «
- «Port forwarding does not work»
- stuck on «Waiting for the essential requirement 1 of X: «ssh»
- «permission denied» for limactl cp command
- «Cannot access the guest IP 192.168.5.15 from the host»
Password is disabled and locked by default. You have to use limactl shell bash (or lima bash ) to open a shell.
Alternatively, you may also directly ssh into the guest: ssh -p 60022 -i ~/.lima/_config/user -o NoHostAuthenticationForLocalhost=yes 127.0.0.1 .
«Does Lima work on ARM Mac?»
Yes, it should work, but not regularly tested on ARM (due to lack of CI).
«Can I run non-Ubuntu guests?»
Alpine, Arch Linux, Debian, Fedora, openSUSE, and Rocky are also known to work. See ./examples/ .
An image has to satisfy the following requirements:
- systemd or OpenRC
- cloud-init
- The following binaries to be preinstalled:
- sudo
- sshfs
- newuidmap and newgidmap
«Can I run other container engines such as Docker and Podman? What about Kubernetes?»
Yes, any container engine should work with Lima.
Container runtime examples:
Container orchestrator examples:
The default Ubuntu image also contains LXD. Run lima sudo lxc init to set up LXD.
See also third party containerd projects based on Lima:
- Rancher Desktop: Kubernetes and container management to the desktop
- Colima: Docker (and Kubernetes) on macOS with minimal setup
«Can I run Lima with a remote Linux machine?»
Lima itself does not support connecting to a remote Linux machine, but sshocker, the predecessor or Lima, provides similar features for remote Linux machines.
e.g., run sshocker -v /Users/foo:/home/foo/mnt -p 8080:80 @ to expose /Users/foo to the remote machine as /home/foo/mnt , and forward localhost:8080 to the port 80 of the remote machine.
«Advantages compared to Docker for Mac?»
Lima is free software (Apache License 2.0), while Docker for Mac is not. Their EULA even prohibits disclosure of benchmarking result.
On the other hand, Moby, aka Docker for Linux, is free software, but Moby/Docker lacks several novel features of containerd, such as:
«QEMU crashes with HV_ERROR «
If you have installed QEMU v6.0.0 or later on macOS 11 via homebrew, your QEMU binary should have been already automatically signed to enable HVF acceleration.
However, if you see HV_ERROR , you might need to sign the binary manually.
cat >entitlements.xml EOF
com.apple.security.hypervisor EOF codesign -s - --entitlements entitlements.xml --force /usr/local/bin/qemu-system-x86_64Note: Only on macOS versions before 10.15.7 you might need to add this entitlement in addition:
- Make sure that HVF is enabled with com.apple.security.hypervisor entitlement. See «QEMU crashes with HV_ERROR «.
- Emulating non-native machines (ARM-on-Intel, Intel-on-ARM) is slow by design. See docs/multi-arch.md for a workaround.
- make sure qemu is codesigned, See «QEMU crashes with HV_ERROR «.
- if you are on macOS 10.15.7 or 11.0 or later make sure the entitlement com.apple.vm.hypervisor is not added. It only works on older macOS versions. You can clear the codesigning with codesign —remove-signature /usr/local/bin/qemu-system-x86_64 and start over.
«QEMU crashes with vmx_write_mem: mmu_gva_to_gpa XXXXXXXXXXXXXXXX failed «
This error is known to happen when running an image of RHEL8-compatible distribution such as Rocky Linux 8.x on Intel Mac. A workaround is to set environment variable QEMU_SYSTEM_X86_64=»qemu-system-x86_64 -cpu Haswell-v4″ .
«Port forwarding does not work»
Prior to Lima v0.7.0, Lima did not support forwarding privileged ports (1-1023). e.g., you had to use 8080, not 80.
Lima v0.7.0 and later supports forwarding privileged ports on macOS hosts.
On Linux hosts, you might have to set sysctl value net.ipv4.ip_unprivileged_port_start=0 .
stuck on «Waiting for the essential requirement 1 of X: «ssh»
libslirp v4.6.0 used by QEMU is known to be broken. If you have libslirp v4.6.0 in /usr/local/Cellar/libslirp , you have to upgrade it to v4.6.1 or later ( brew upgrade ).
«permission denied» for limactl cp command
The copy command only works for instances that have been created by lima 0.5.0 or later. You can manually install the required identity on older instances with (replace INSTANCE with actual instance name):
«Cannot access the guest IP 192.168.5.15 from the host»
The default guest IP 192.168.5.15 is not accessible from the host and other guests.
To add another IP address that is accessible from the host and other virtual machines, enable vde_vmnet .
«Hints for debugging other problems?»
- Inspect logs:
- limactl —debug start
- $HOME/.lima//serial.log
- /var/log/cloud-init-output.log (inside the guest)
- /var/log/cloud-init.log (inside the guest)
About
Linux virtual machines, on macOS (aka «Linux-on-Mac», «macOS subsystem for Linux», «containerd for Mac», unofficially)