I’m just looking for some clarity on how Docker Desktop for Linux functions. Based on the documentation, my current understanding is that Docker Desktop spools up a VM and the Docker Engine runs inside it. Docker objects like images, containers and volumes are not stored directly in the host’s filesystem but are instead kept inside a disk image file, which on my machine is $HOME/.docker/desktop/vms/*/data/Docker.raw.
What I want to know is…
does the Docker CLI run on the host or inside the VM?
does the Docker daemon run on the host or inside the VM?
when a bind mount is created between the host machine’s filesystem (not the VM’s) and that of a container, what exactly is going on? From the user’s perspective this seems to occur completely transparently.
Since you run the command on the host not in a VM, it has to be on the host
The daemon always has to be where you run the containers so if you know the containers are in the VM, the daemon is also has to be in the VM.
It is different on each platform, but the concept is the same. Docker Desktop will mount some of your folders into the virtual machine and containers will actually mount the folders from inside the virtual machine.
It may not be obvious at first, but Docker Desktop has to convert API calls so when you run docker inspect, you will see a host folder among in the mount section, but it would return a different json inside the virtual machine. Current Docker Desktops does not have the docker client inside the VM, so it is tricky to get this information, but this has to be done, otherwise the daemon inside the VM would not have any idea what a path is that you defined as it will not be at the same location inside, and you would not know what the path is when you run docker inspect and it returns something which is not on your host.
When you mount a fodler which is not shared with Docker Desktop, you will mount it from inside the virtual machine. That is why mounting the docker socket would work even if there is no docker socket on the host. It is always mounted from the VM.
If you want to share folders with the VM, you can go to the Settings » Resources » File sharing, except on Windows with the WSL backend because that makes everything available without explicitly sharing it…
Thanks! Please excuse my ignorance, I’m trying to develop a mental model of how the process works. Right now I think the following four things are true, unless I’ve misunderstood.
the VM’s root filesystem is inside the Docker.raw disk image
When the VM is started, its filesystem is loaded into memory
directories on the host can then be mounted onto the VM filesystem
those mount-points can themselves then be mounted onto the filesystem of containers within the VM
So when one runs a command such as docker run -v /foo/bar:/foo/baz <image>, the host directory /foo/bar is mounted onto the VM filesystem, and then the new mount-point is itself mounted onto the container filesystem at /foo/baz(?)
