describe major modes of lima operation #3831
Conversation
olamilekan000
force-pushed
the
describe-major-modes-of-lima-operation
branch
3 times, most recently
from
9a07017 to
6c8bbd3
Compare
|
No time for a review right now, but I dislike the term "machine mode". I know it comes from the issue that this PR addresses, but most people will not make the connection to "docker-machine" and "podman-machine", and even then might not recognize the implications. I would suggest that we talk about "integrated mode" (default) vs. "plain mode". "Integrated" is kind of a long word, so I was looking for alternatives, like "blended mode", "fusion mode", "hybrid mode", "seamless mode", but in the end I think "integrated mode" is the most descriptive one. What do you think @afbjorklund? |
|
The machine reference was mostly internal, we can call it something else in the user documentation... The individual machines created are usually just referred to as "the instances", in Lima. Perhaps even "THE instance", since having more than one is an advanced topic (like the plain mode) |
does integrated or instance mode work? |
Doesn't work for me because "instance" is just a synonym for "machine", you can have "integrated" or "plain" instances. Lima already means "Linux Machine", so "Lima machine" doesn't make much sense (like "ATM machine"). We use the terms "template" for just the spec of a machine, and "instance" for an actual implementation that can be run. So I still think "integrated" (default) and "plain" are the best choices so far. And no, we are not going to make "plain" the default. As "The Highlander" says: "There can be only one!", and "integrated" was here first. 😛 |
olamilekan000
force-pushed
the
describe-major-modes-of-lima-operation
branch
from
6c8bbd3 to
ba49971
Compare
|
We could just call it "default mode", if it is hard to come up with a name. |
"default mode" is not descriptive (how is it different from "plain mode"). I think we should just go with "integrated mode" even though it is a mouthful. |
Signed-off-by: olalekan odukoya <[email protected]>
olamilekan000
force-pushed
the
describe-major-modes-of-lima-operation
branch
from
ba49971 to
39c889a
Compare
There was a problem hiding this comment.
I think it looks very good, and I like that tries into explain differences and why/when
https://deploy-preview-3831--lima-vm.netlify.app/docs/usage/operation-modes/
| - Reduced background processes in the guest | ||
|
|
||
| #### 5. Minimal Host Integration | ||
| - User information may still be mirrored for SSH access |
There was a problem hiding this comment.
This is true for now, in the future we might want to add a feature to only use a local user (like "ubuntu", or "lima")
It is a separate feature though, and if it is implemented later on we can just modify this sentence accordingly...
| | **Port Forwarding** | ✅ Automatic | ❌ None | | ||
| | **Container Engine** | ✅ containerd by default | ❌ None | | ||
| | **Guest Agent** | ✅ Running | ❌ Disabled | | ||
| | **User Mirroring** | ✅ Full mirroring | ✅ Basic (for SSH) | |
There was a problem hiding this comment.
This does look a bit "odd" in the column, we don't actually need the user account in plain mode do we?
| - **Configuration Management**: Version control your Lima YAML configurations | ||
| - **Testing**: Test your setup in both development and production-like scenarios | ||
|
|
||
| ## Troubleshooting Common Issues |
There was a problem hiding this comment.
FAQs should be consolidated into https://lima-vm.io/docs/faq/ ?
| - **Integrated Mode (Default)**: Best for development workflows with seamless host-guest integration | ||
| - **Plain Mode**: Best for traditional VM usage with explicit control and better isolation | ||
|
|
||
| Choose the mode that best fits your security requirements, workflow preferences, and integration needs. You can always switch between modes by modifying your Lima configuration file. |
There was a problem hiding this comment.
You can always switch between modes by modifying your Lima configuration file.
I don't think you can switch an integrated mode into a plain mode in this way
There was a problem hiding this comment.
Did ChatGPT or something write this section?
There was a problem hiding this comment.
My money is on Claude Sonnet. 😄 (I recognize the style because I just used it last week to write a larger set of reference docs, and both the formatting and document structure closely resembles what it generated for me).
| - **Resource Monitoring**: Monitor CPU, memory, and disk usage | ||
| - **Regular Maintenance**: Keep the guest OS and packages updated | ||
| - **Configuration Management**: Version control your Lima YAML configurations | ||
| - **Testing**: Test your setup in both development and production-like scenarios |
There was a problem hiding this comment.
Too verbose and sounds like out of the topic of the "operation modes".
| - **Review Mounted Directories**: Be aware of what host directories are accessible | ||
| - **Use Read-Only Mounts**: Keep the home directory read-only unless you need to write | ||
| - **Monitor Port Forwarding**: Be aware of which ports are being forwarded | ||
| - **Regular Updates**: Keep the guest agent and container engines updated |
There was a problem hiding this comment.
The guest agent and nerdctl are automatically kept updated
There was a problem hiding this comment.
As far as I know, this goes for Docker and Podman as well
|
|
||
| ### For Plain Mode | ||
| - **Explicit Configuration**: Document all manual configurations you make | ||
| - **Security Review**: Regularly audit what access the VM has to host resources |
There was a problem hiding this comment.
This rather sounds like a practice for integrated mode
|
|
||
| ### Key Features of Integrated Mode | ||
|
|
||
| #### 1. User Mirroring |
There was a problem hiding this comment.
This is not specific to integrated mode
| - Network services running in the guest become accessible from the host | ||
|
|
||
| #### 4. Container Engine Integration | ||
| Lima can automatically install and configure container engines: |
There was a problem hiding this comment.
| #### 4. Container Engine Integration | ||
| Lima can automatically install and configure container engines: | ||
|
|
||
| - **containerd**: Installed by default in user mode (rootless) |
There was a problem hiding this comment.
"user mode" sounds like the antonym of the "kernel mode"
| A guest agent runs inside the VM to: | ||
| - Manage port forwarding | ||
| - Handle file system mounts | ||
| - Coordinate host-guest integration |
| - Manage port forwarding | ||
| - Handle file system mounts | ||
| - Coordinate host-guest integration | ||
| - Provide status information |
| - **Container Development**: When you need Docker/Podman/containerd with host integration | ||
| - **Development Workflows**: When you want to edit files on the host but run them in Linux | ||
| - **Cross-platform Development**: When developing Linux applications on macOS/Windows | ||
| - **CI/CD Testing**: When you need a Linux environment that integrates with host tools |
There was a problem hiding this comment.
I'd rather use the plain mode for CI to run "normal" Ubuntu that is usually seen on non-Lima environments.
| Integrated mode is ideal for: | ||
| - **Container Development**: When you need Docker/Podman/containerd with host integration | ||
| - **Development Workflows**: When you want to edit files on the host but run them in Linux | ||
| - **Cross-platform Development**: When developing Linux applications on macOS/Windows |
There was a problem hiding this comment.
Not specific to integrated mode
| | **Port Forwarding** | ✅ Automatic | ❌ None | | ||
| | **Container Engine** | ✅ containerd by default | ❌ None | | ||
| | **Guest Agent** | ✅ Running | ❌ Disabled | | ||
| | **User Mirroring** | ✅ Full mirroring | ✅ Basic (for SSH) | |
| | **Container Engine** | ✅ containerd by default | ❌ None | | ||
| | **Guest Agent** | ✅ Running | ❌ Disabled | | ||
| | **User Mirroring** | ✅ Full mirroring | ✅ Basic (for SSH) | | ||
| | **Host Integration** | ✅ Seamless | ❌ Minimal | |
There was a problem hiding this comment.
What is "Host Integration"?
| Lima's default behavior of mounting the home directory is designed to provide seamless integration similar to Docker Machine or Podman Machine. This design choice: | ||
|
|
||
| 1. **Enables Seamless Development**: You can edit files on your host with your preferred tools and run them in the Linux environment | ||
| 2. **Maintains File Ownership**: The UID mirroring ensures files have correct permissions |
There was a problem hiding this comment.
The UID mirroring is kinda broken at least on Apple virtiofs
|
|
||
| 1. **Enables Seamless Development**: You can edit files on your host with your preferred tools and run them in the Linux environment | ||
| 2. **Maintains File Ownership**: The UID mirroring ensures files have correct permissions | ||
| 3. **Reduces Context Switching**: No need to copy files back and forth between host and guest |
There was a problem hiding this comment.
"Context Switching" may sound like talking about kernel/user context switches
| 1. **Enables Seamless Development**: You can edit files on your host with your preferred tools and run them in the Linux environment | ||
| 2. **Maintains File Ownership**: The UID mirroring ensures files have correct permissions | ||
| 3. **Reduces Context Switching**: No need to copy files back and forth between host and guest | ||
| 4. **Supports Container Workflows**: Container images can access host files for development |
There was a problem hiding this comment.
Possibly related to mounting, but could need some clarification
| ### "Ports aren't being forwarded" | ||
| In plain mode, port forwarding is disabled. You need to: | ||
| - Add explicit `portForwards` configuration | ||
| - Or use plain networking and access the VM's IP directly |
There was a problem hiding this comment.
What is "plain networking"?
There was a problem hiding this comment.
Probably this should be rather under https://lima-vm.io/docs/config/ ?
|
|
||
| #### 2. No Port Forwarding | ||
| - Ports are not automatically forwarded from guest to host | ||
| - You must manually configure any port forwarding rules |
There was a problem hiding this comment.
This is not merged yet
| #### 2. No Port Forwarding | ||
| - Ports are not automatically forwarded from guest to host | ||
| - You must manually configure any port forwarding rules | ||
| - Network access requires explicit configuration |
fixes issue