How to access the VM created by docker's HyperKit?

Docker for Mac uses a Linux VM created by HyperKit for storing and running containers on Mac.

With Docker Toolbox, I can just open VirtualBox and access the docker-machine VM. But with Docker for Mac, how do I access the VM created by HyperKit?

28739 次浏览
小开
最佳答案

Update 2019-01-31, thanks to ru10's update, now there is a better way:

screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty

Original Answer:

After a while, I found following way to get a shell of the VM that was created by HyperKit:

Run from terminal:

screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty

You will see an empty screen, then type enter, you will get a login prompt. Login as root and hit enter, you will get a shell (no password), you will gett the shell:

enter image description here

To exit the session, type Ctrl-A k (then y to confirm).

It is a little bit hacky, but it seems to work for now (Sep 2016) (Sep 2017).

小开

Mac OS High Sierra Docker version 18.06.0-ce-mac70 (26399)

screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty

instead of

screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
小开

According to this GitHub issue comment by a Docker maintainer, the recommended way to access the VM is through a privileged docker container.

Try logging into the VM: (I recommend this instead of using screen on the TTY)

$ docker run -it --privileged --pid=host justincormack/nsenter1
小开

In fact, the answer from augurar is the only working as of 2021 as smammy says, the other options are deprecated.

So:

$ docker run -it --privileged --pid=host justincormack/nsenter1

was the right answer and worked for me in MacOS Big Sur as of July 2021.

小开

I'm using docker desktop 4.7.1 on Mac. As mentioned, some of the good solutions proposed above does not work on newer docker desktop (tty link is gone).

I preferred the solution of Smammy which does not involve using image from unverified publisher (image: justincormack/nsenter1, though the image comes from a docker maintainer and the repository has a lot of stars), especially when it needs to run the docker with '--privileged' flag which grant the docker full access to the host machine.

This worked for me (using busybox image, which contains nsenter utility):

docker run -it --rm --privileged --pid=host busybox nsenter -t1 -m -u -i -n

you can find explanation of the command at
https://www.bretfisher.com/docker-for-mac-commands-for-getting-into-local-docker-vm/ (and similar suggestion, using debian image instead of busybox)

another solution proposed there (but less convenient, as it does not have auto-completion) is to use netcat

nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock

提交答案