Docker Desktop on Apple Silicon: a teardown —
On this page
Skip to contentOverview
Docker Desktop on Apple Silicon uses a lightweight VM running Lima-based Linux under the hood. It’s not running containers directly on macOS — it’s running a Linux VM with containerd inside it, and Docker CLI talks to that VM via a Unix socket forwarded through the hypervisor.
This teardown examines the architecture, the performance implications, and when you should consider alternatives like Podman or OrbStack.
Architecture
Docker CLI → Docker Socket → Lima VM (qemu-system-aarch64) → containerd → runc → containersThe Lima VM is a minimal Linux distribution (Alpine-based) that runs as a macOS VM. It handles:
- Linux kernel namespaces and cgroups (which macOS doesn’t expose natively)
- containerd for image management and container lifecycle
- Network translation between macOS and the VM
The VM starts in ~3 seconds and uses ~200MB of RAM idle. Container operations add overhead because every Docker CLI command crosses the VM boundary.
Performance
On an M2 MacBook Pro with 16GB:
| Operation | Docker Desktop | Podman (Lima) | OrbStack |
|---|---|---|---|
| VM startup | ~3s | ~5s | ~1s |
docker pull nginx | ~4s | ~6s | ~3.5s |
docker run -d nginx | ~0.8s | ~1.2s | ~0.3s |
| Memory overhead | ~250MB | ~200MB | ~50MB |
The difference is most noticeable in I/O-heavy workloads. Docker Desktop’s VM-based approach means file mounts go through the hypervisor, which adds latency. OrbStack’s approach of running containerd directly on macOS (using macOS native features where possible) eliminates most of this overhead.
When to Use What
Docker Desktop if you want the default, well-supported experience and don’t measure container startup time. The Docker ecosystem tooling (Compose, Kube, extensions) is the most polished.
Podman if you want a daemonless approach and don’t mind the extra setup. Podman on Lima is functionally equivalent to Docker Desktop but without the Docker trademark and the VMware license.
OrbStack if you’re a solo developer or small team on macOS. It’s faster, uses less memory, and has a simpler configuration model. The tradeoff is fewer enterprise features and no built-in Kubernetes.
Verdict
Docker Desktop is the safe choice. It works, it’s well-supported, and the ecosystem around it is mature. But if you’re on Apple Silicon and care about performance, OrbStack is the better tool. The difference isn’t marginal — it’s the difference between containers that feel instant and containers that feel like they’re starting a VM.
Distributed consensus: Raft from first principles
Walking through the Raft paper with hand-drawn state machines, implementing a toy consensus protocol in Go.
LLM orchestration patterns: agents, tools, and loops
Surveying the landscape of agent frameworks — ReAct, Plan-and-Execute, tool-augmented generation — and when each pattern breaks.
Neovim as a Rust IDE: worth the migration?
Migrating a Rust workspace from VS Code to Neovim — LSP setup, tree-sitter parsing, debugging, and the cognitive cost of configuration.