Docker Desktop for Mac was previously known to have performance issues, particularly with file system events and I/O operations. However, the Docker team has made significant improvements to address these problems and enhance overall performance. Fast forward to 2024, and Docker Desktop has undergone a transformational journey, addressing pain points and introducing novel features that redefine container development on macOS.
Here are some of the key steps taken by the Docker team to fix the slowness issues:
Docker Daemon Startup Time
Docker Desktop’s commitment to optimizing resource usage is evident in the remarkable ~5-second startup time of the Docker Daemon. This swift startup time empowers developers to dive into their containerized projects without delay, fostering a productive and seamless development experience.
Mac amd64 | Mac arm64 | Win amd64 | Linux amd64 |
7.84 s | 5.24 s | 19.1 s | 9.50 s |
Container Startup and Start Time
Hyperfine is a command-line tool that can be used to benchmark the performance of commands. It is a popular tool for benchmarking the performance of Docker commands.
Comparing Docker Desktop v4.22 Vs v4.11
Docker Desktop v4.11 | Docker Desktop v4.22 | |
Run #1 | 55.0 – 68.3 ms | 39.7 – 49.6 ms |
Run #2 | 51.7 – 62.5 ms | 43.1 – 52.5 ms |
Run #3 | 51.2 – 69.5 ms | 39.0 – 63.5 ms |
Idle CPU & Memory Usage
Docker Desktop 4.22 is now available and includes Docker Resource Saver that manages memory and CPU utilization based on running containers requirements to ensure the host performance.
To see this feature in action, start Docker Desktop and leave it idle for 30 seconds with no containers running. You’ll see an icon appearing in your whale menu and the sidebar of the Docker Desktop dashboard, indicating that Resource Saver mode is activated.
Resource Saver for Docker Desktop monitors whether containers are running. When it detects that Docker Desktop is idle without any active containers for a duration of 30 seconds, it automatically reduces the memory and CPU footprint.
File Sharing: Throughput
Types of File Sharing Mechanism
Type of File Sharing Mechanism | Definition |
VirtioFS | VirtioFS is a native file sharing mechanism that is supported by Docker Desktop. It is the fastest file sharing mechanism because it does not require any additional software to be installed. A default file-sharing mechanism/implementation in DD 4.22 |
gRPC FUSE | gRPC FUSE is a file sharing mechanism that uses the gRPC protocol. It is a bit slower than VirtioFS, but it is still faster than the other file sharing mechanisms. A default file-sharing option in DD 2.4.0.0(back in 2020). This uses much less CPU than osxfs, especially when there are lots of file events on the host. |
qemu-grpcfuse | qemu-grpcfuse is a file sharing mechanism that uses the qemu hypervisor. It is the slowest file sharing mechanism, but it is still a viable option for building Redis images |
hyperkit-grpcfuse | hyperkit-grpcfuse is a file sharing mechanism that uses the hyperkit hypervisor. It is similar to qemu-grpcfuse in terms of speed. |
osxfs | Essentially a file system driver that bridges the gap between the macOS file system and the Linux-based file system used by the Docker containers A default file-sharing mechanism in Docker for Mac 1.12.x. |
VirtioFS: A Game-Changer for File Sharing
One of the standout achievements in the 2023 release is the integration of VirtioFS as the default file sharing mechanism. This innovation has resulted in lightning-fast file I/O operations, eliminating the previous bottleneck and significantly enhancing container performance. Developers can now enjoy seamless interactions with files and data, further streamlining their workflows.
Feature/Tool Used: A Generic “time” command
Enable VirtioFS
By default, VirtioFS is enabled in the latest version of Docker Desktop. You can verify it using:
Step 1. Create a directory
mkdir data
Step 2. Create a file in the directory that contains a large amount of data(1GB random data)
dd if=/dev/zero of=data/data.img bs=1M count=1000
Step 3. Build the Image
Create a simple Dockerfile
# Create a Dockerfile that mounts the directory into the container
FROM ubuntu:latest
# Mount the data directory into the container
VOLUME /data
# Start a bash shell
CMD ["bash"]
# Create a Dockerfile that mounts the directory into the container
docker build -t virtiofs-demo:latest
Step 4. Run the Docker container
docker run -it --rm -v "$(pwd)/data:/data" virtiofs-demo
Step 5. List the container
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e47eb4731c80 virtiofs-demo "bash" 5 minutes ago Up 5 minutes gifted_lichterman
Step 6. Measure the time it takes to copy the file into the container
time docker cp gifted_lichterman:/data/data.img data/data.img
Results:
Successfully copied 1.05GB to /Users/ajeetsraina/july/virt/data/data.img
docker cp gifted_lichterman:/data/data.img data/data.img 0.61s user 1.84s system 36% cpu 6.750 total
Comparing DD 4.22 Vs DD 4.11 (without VirtioFS enabled)
Data Size: 10GB Data Transfer
Mac M1 Pro
Docker Desktop v4.11 | Docker Desktop v4.22 | |
Run #1 | 7 min 13.21 s | 5 min 11.10 s |
Run #2 | 6 min 47.89 s | 5 min 04.08 s |
Run #3 | 7 min 04.75 s | 5 min 02.08 s |
Comparing DD 4.22 Vs DD 4.11 (with VirtioFS enabled)
Data Size: 10GB Data Transfer
Mac M1 Pro
Docker Desktop v4.11 | Docker Desktop v4.22 | |
Run #1 | 2 min 18.55 s | 1 min 04.44 s |
Run #2 | 2 min 20.23 s | 1 min 06.21 s |
Run #3 | 2 min 15.65 s | 1 min 05.39 s |
Network: Container to Container
Networking improvements have been a focal point of the 2023 enhancements. Docker Desktop now boasts optimized networking interactions on macOS, resulting in smoother connections between containers. This enhancement translates to faster data transfer and reduced latency, ensuring a more responsive and efficient containerized environment.
Docker Desktop for Mac now uses gVisor instead of VPNKit for container-to-host networking. This change was made in Docker Desktop 4.19, which was released in March 2023.
In v4.19 we made container-to-host networking performance 5x faster on macOS by replacing vpnkit with the TCP/IP stack from gvisor.
In Docker Desktop 4.19, we made container-to-host networking performance 5x faster on macOS by replacing vpnkit with the TCP/IP stack from the gVisor project.
gVisor is a lightweight sandboxed container runtime that is designed to improve the security and performance of containers. It is based on the Linux kernel, but it is implemented in user space. This makes it much faster than VPNKit, which is a kernel-based networking solution
Many users work on projects that have containers communicating with a server outside their local Docker network. One example of this would be workloads that download packages from the internet via npm install or apt-get. This performance improvement should help a lot in these cases.
How to enable this feature?
Open your terminal window and run the following command to ensure that your Docker Desktop uses gVisor as a default option. To continue using VPNKit, add “networkType”:”vpnkit” to your settings.json file located at ~/Library/Group Containers/group.com.docker/settings.json.
cat ~/Library/Group\ Containers/group.com.docker/settings.json | grep -i network
"networkType": "gvisor",
Here are some of the benefits of using gVisor instead of VPNKit:
- Increased performance: gVisor is much faster than VPNKit, which can improve the performance of your containers.
- Improved security: gVisor is a sandboxed container runtime, which means that it can help to protect your containers from security vulnerabilities.
- Reduced resource usage: gVisor uses less resources than VPNKit, which can help to improve the performance of your Mac.
Rosetta Beta Feature: Bridging the Apple Silicon Gap
The introduction of Rosetta as a beta feature has opened new horizons for Docker Desktop users. Developers can now run containers built for Intel-based Macs on Apple Silicon devices, expanding compatibility and providing more flexibility in choosing hardware.
That means you no longer need to use the following command:
docker run --platform=linux/amd64
Like VirtioFS, we noted some of the performance improvements that users have experienced using Rosetta. One of the community users reported 7x speed improvement compared to the slow speed of running DB migration process. Refer
Conclusion: A Future Forward
As we reflect on the journey of Docker Desktop from “then” to “now,” the transformative performance enhancements of 2023 stand as a testament to Docker’s dedication to its user community. VirtioFS, networking optimizations, Rosetta support, resource efficiency, and collaborative efforts have combined to create a Docker Desktop that is more powerful, responsive, and user-friendly than ever before.
The evolution of Docker Desktop serves as a reminder that innovation is a constant process. As developers, we are the beneficiaries of these advancements, empowered to create, build, and deploy with unprecedented speed and efficiency.
So, whether you’re a seasoned container enthusiast or just beginning your containerization journey, the journey of Docker Desktop from “then” to “now” invites you to explore and embrace the future of container development on macOS. Your next containerized adventure awaits – let’s dive in!