Docker Desktop is a popular tool used by developers to build and run containerized applications on their local machines. With the release of Docker Desktop, version 4.6, a new feature called VirtioFS was introduced for the first time. VirtioFS is a high-performance file system that can be used with Docker containers to improve their performance.In this post, we will explore what VirtioFS is, how it works, and the benefits of using it with Docker Desktop.
What is VirtioFS?
Source ~ https://virtio-fs.gitlab.io/design.html
Virtiofs is a shared file system that lets virtual machines access a directory tree on the host. Unlike existing approaches, it is designed to offer local file system semantics and performanceVirtioFS is a file system designed to work with virtual machines (VMs) and containers. It is built on top of the Virtio virtualization framework, which is used in popular hypervisors like QEMU and KVM. VirtioFS allows virtual machines and containers to share a file system with the host operating system, without the need for a network file system (NFS) or a storage area network (SAN).With VirtioFS, the file system is mounted on the host and then passed through to the VM or container as a Virtio device. This allows the VM or container to access the file system as if it were a local file system, with no network overhead
How does VirtioFS work in Docker Desktop?
Docker Desktop uses VirtioFS to mount the host file system in the container as a shared file system. This allows the container to access files on the host machine directly, without the need for a network share or a volume mount.
To use VirtioFS in Docker Desktop, you need to enable it in the settings. Once enabled, Docker Desktop will automatically detect if VirtioFS is supported by the host operating system and use it if possible.
Benefits of using VirtioFS with Docker Desktop
VirtioFS brings improved I/O performance for operations on bind mounts. Enabling VirtioFS will automatically enable Virtualization framework. Available in macOS 12.5 and above.
Developers now have the option of using a new experimental file sharing implementation called virtiofs (the current default is gRPC-FUSE). Secondly, improvements have been made to the way that files are synced between the macOS host and Docker VM. During testing with our amazing macOS community of users, we have observed that these changes have reduced the time taken to complete filesystem operations by up to 98%.
For developers, these incredible gains in speed mean less time waiting for filesystem operations to complete (or building project-specific workarounds to improve performance) and more time focusing on innovation!There are several benefits to using VirtioFS with Docker Desktop. Here are some of the most important ones:
Improved performance
VirtioFS provides significant performance improvements over other file systems like NFS and SAN. This is because VirtioFS uses the Virtio framework, which is optimized for virtual environments. With VirtioFS, the file system is accessed directly from the container, without the need for network overhead.
Performance is vital when application source code is shared between the host and container. For example when a developer uses the Symfony PHP framework, edits the source code and then reloads the page in the browser, the web-server in the container must re-read many PHP files stored on the host. When considering that modern dependency management can easily bring 10k – 100k files into a project (which linearly increases the performance penalty), this can result in poor performance as the host and container keep in sync via the volume.p 4.6 with virtiofs enabled and changes to file syncing included have observed:
Reduced resource usage
Using VirtioFS reduces the need for additional resources like network bandwidth and storage. This is because the file system is shared between the host and the container, without the need for a network share or a volume mount.
Improved security
With VirtioFS, the file system is mounted on the host and then passed through to the container as a Virtio device. This provides an additional layer of security, as the container is not directly accessing the host file system.
Limitations of VirtioFS
While VirtioFS offers many benefits, there are also some limitations to consider. Here are some of the most important ones:Limited operating system support
VirtioFS is not supported by all operating systems. Currently, it is only supported on Linux systems with a kernel version of 5.4 or later. If you are using an older version of Linux or a different operating system, VirtioFS may not be available.Limited application supportNot all applications are designed to work with VirtioFS. While many applications will work without any issues, some may not be compatible with VirtioFS. If you are using an application that requires specific file system features, you may need to use a different file system.
Limited container compatibility
VirtioFS is not compatible with all container runtimes. Currently, it is only supported by the Docker container runtime. If you are using a different container runtime, you may need to use a different file system.Potential stability issuesAs with any new technology, there is always the potential for stability issues. While VirtioFS has been tested extensively and is generally considered stable, there may be some issues that arise in certain environments.
How to enable virtiofs
Virtiofs is only available to users of the following macOS versions:
- macOS 12.2 and above (for Apple Silicon)
- macOS 12.3 and above (for Intel)
To enable virtiofs in Docker Desktop:Ensure that you are using Docker Desktop version 4.6+.
Navigate to ‘Settings’ > General
You will see an option “Choose file sharing implementation for your containers” > select “VirtioFS”
Here’s a sample code snippet that demonstrates how to use VirtioFS with Docker Desktop:
docker run -it --mount type=virtiofs,source=/path/to/host/files,target=/container/files alpine /bin/shThis command starts a Docker container and mounts the host file system at /path/to/host/files as a VirtioFS file system in the container at /container/files.
The container is based on the Alpine Linux distribution and starts a shell (/bin/sh) inside the container. You can modify the source and target paths to match the specific files and directories you want to share between the host and the container. Note that the type argument is set to virtiofs to enable VirtioFS.
With this simple code snippet, you can start experimenting with VirtioFS in Docker Desktop and see the benefits for yourself!
Difference between osxfs and VirtioFS
Here’s an example code snippet that demonstrates the performance difference between VirtioFS and osxfs using a simple file read operation within a Docker container:
# Using VirtioFS
docker run -it --mount type=virtiofs,source=/path/to/host/folder,target=/path/in/container alpine:latest sh -c "dd if=/path/in/container/myfile.txt of=/dev/null bs=1M"
# Using osxfs
docker run -it --mount type=bind,source=/path/to/host/folder,target=/path/in/container alpine:latest sh -c "dd if=/path/in/container/myfile.txt of=/dev/null bs=1M"
In this example, the first command runs a Docker container with VirtioFS as the file sharing implementation, while the second command uses osxfs for the same purpose. Both commands perform a file read operation (dd command) on the myfile.txt file, measuring the time it takes to read and discard the file’s content.
By executing these commands and comparing the execution times, you can observe that the VirtioFS implementation typically exhibits improved I/O performance compared to osxfs. This performance gain can vary based on factors such as file size, hardware, and specific use cases.
Tested Environment
- Docker Desktop for Mac
- Mac M1 Pro
Results:
| S.No. | Data size | Time Taken(with VirtioFS enabled | Time Taken(without VirtioFS enabled |
|---|---|---|---|
| 1 | 1 GB | 0.61s | 0.83s |
| 2 | 10 GB | 5.66s | 8.17s |
Getting Started
Enable VirtioFS
By default, VirtioFS is enabled in the latest version of Docker Desktop. You can verify it using:
Step 1. Create a directory
mkdir data
Step 2. Create a file in the directory that contains a large amount of data(1GB random data)
dd if=/dev/zero of=data/data.img bs=1M count=1000
Step 3. Build the Image
Clone the repository
https://github.com/ajeetraina/virtiofs-demo
docker build -t ajeetraina/virtiofs-demo:latest
Step 4. Run the Docker container
docker run -it --rm -v "$(pwd)/data:/data" ajeetraina/virtiofs-demo
Step 5. List the container
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e47eb4731c80 ajeetraina/virtiofs-demo "bash" 5 minutes ago Up 5 minutes gifted_lichterman
Step 6. Measure the time it takes to copy the file into the container
time docker cp gifted_lichterman:/data/data.img data/data.img
Results:
Successfully copied 1.05GB to /Users/ajeetsraina/july/virt/data/data.img
docker cp gifted_lichterman:/data/data.img data/data.img 0.61s user 1.84s system 36% cpu 6.750 total
Step 7. Repeat steps 5 and 6 without VirtioFS
time docker cp laughing_montalcini:/data/data.img data/data.img
Successfully copied 1.05GB to /Users/ajeetsraina/july/virt/data/data.img
docker cp laughing_montalcini:/data/data.img data/data.img 0.83s user 2.95s system 35% cpu 10.646 total
Yes, I can see that the time it takes to copy the file with VirtioFS enabled is significantly faster than the time it takes to copy the file without VirtioFS enabled. This is because VirtioFS is a more efficient filesystem than traditional filesystems.
The time it takes to copy a file between a container and the host machine can vary depending on a number of factors, including the size of the file, the network speed, and the filesystem that is being used. In your case, the time it took to copy the file with VirtioFS enabled was 0.61 seconds. This is significantly faster than the time it took to copy the file without VirtioFS enabled (1.84 seconds). This is because VirtioFS is a more efficient filesystem than traditional filesystems.
The difference in performance between VirtioFS and traditional filesystems can be even more pronounced when copying large files. For example, if you were to copy a 10GB file, the time it would take to copy the file with VirtioFS enabled would be significantly less than the time it would take to copy the file without VirtioFS enabled.
Testing with 10GB data
Without VirtioFS Enabled
time docker cp compassionate_bartik:/data/data.img data/data.img
Successfully copied 10.5GB to /Users/ajeetsraina/july/virt/data/data.img
docker cp compassionate_bartik:/data/data.img data/data.img 8.17s user 31.14s system 35% cpu 1:51.41 total
With VirtioFS Enabled
time docker cp gracious_chebyshev:/data/data.img data/data.img
Successfully copied 10.5GB to /Users/ajeetsraina/july/virt/data/data.img
docker cp gracious_chebyshev:/data/data.img data/data.img 5.66s user 17.99s system 34% cpu 1:07.64 totalConclusion
VirtioFS is a powerful new technology that offers significant performance improvements for Docker containers. With VirtioFS, containers can access files on the host machine directly, without the need for a network share or a volume mount. This reduces resource usage, improves performance, and enhances security.While VirtioFS has some limitations, it is a promising technology that is likely to become more widely adopted in the coming years. As more operating systems and container runtimes support VirtioFS, it will become an increasingly important tool for developers and system administrators.If you are using Docker Desktop, consider enabling VirtioFS to see the benefits for yourself. With VirtioFS, you can unlock new levels of performance and efficiency in your containerized applications.
References:
– Speed boost achievement unlocked on Docker Desktop 4.6 for Mac
– Docker Documentation on VirtioFS
– Docker Desktop Release Notes
