orbstack-best-practices
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseOrbStack Best Practices
OrbStack 最佳实践
OrbStack is a fast, lightweight Docker and Linux VM runtime for macOS. Replaces Docker Desktop with better performance and seamless macOS integration.
OrbStack是一款适用于macOS的快速、轻量级Docker与Linux虚拟机运行时工具,可替代Docker Desktop,具备更优性能与无缝的macOS集成体验。
Core Commands
核心命令
bash
undefinedbash
undefinedStart/stop
启动/停止
orb # Start + open default machine shell
orb start # Start OrbStack
orb stop # Stop OrbStack
orb # 启动并打开默认虚拟机的Shell
orb start # 启动OrbStack
orb stop # 停止OrbStack
Machine management
虚拟机管理
orb list # List machines
orb create ubuntu # Create with latest version
orb create ubuntu:jammy myvm # Specific version + name
orb create --arch amd64 ubuntu intel # x86 on Apple Silicon
orb delete myvm # Delete machine
orb list # 列出所有虚拟机
orb create ubuntu # 创建最新版本的Ubuntu虚拟机
orb create ubuntu:jammy myvm # 创建指定版本(Jammy)并命名为myvm的Ubuntu虚拟机
orb create --arch amd64 ubuntu intel # 在Apple Silicon芯片上创建x86架构的Ubuntu虚拟机
orb delete myvm # 删除虚拟机
Shell access
Shell访问
orb # Default machine shell
orb -m myvm # Specific machine
orb -u root # As root
orb -m myvm -u root # Combined
orb # 进入默认虚拟机的Shell
orb -m myvm # 进入指定虚拟机myvm的Shell
orb -u root # 以root用户身份进入默认虚拟机
orb -m myvm -u root # 以root用户身份进入指定虚拟机myvm
Run commands
执行命令
orb uname -a # Run in default machine
orb -m myvm ./script.sh # Run in specific machine
orb uname -a # 在默认虚拟机中执行命令
orb -m myvm ./script.sh # 在指定虚拟机myvm中执行脚本
File transfer
文件传输
orb push ~/local.txt # Copy to Linux
orb pull ~/remote.txt # Copy from Linux
orb push -m vm ~/f.txt /dest/ # Push to specific machine/path
orb push ~/local.txt # 将本地文件复制到Linux虚拟机
orb pull ~/remote.txt # 从Linux虚拟机复制文件到本地
orb push -m vm ~/f.txt /dest/ # 将本地文件推送到指定虚拟机的指定路径
Docker/K8s
Docker/K8s相关
orb restart docker # Restart Docker engine
orb logs docker # Docker engine logs
orb start k8s # Start Kubernetes
orb delete k8s # Delete K8s cluster
orb restart docker # 重启Docker引擎
orb logs docker # 查看Docker引擎日志
orb start k8s # 启动Kubernetes
orb delete k8s # 删除K8s集群
Config
配置设置
orb config set memory_mib 8192 # Set memory limit
orb config docker # Edit daemon.json
undefinedorb config set memory_mib 8192 # 设置内存限制(单位:MiB)
orb config docker # 编辑daemon.json配置文件
undefinedKey Paths
关键路径
| Path | Description |
|---|---|
| Linux files from macOS |
| Docker volumes from macOS |
| macOS files from Linux |
| Other machines from Linux |
| SSH private key |
| Docker daemon config |
| 路径 | 说明 |
|---|---|
| 从macOS访问Linux虚拟机的文件目录 |
| 从macOS访问Docker卷的目录 |
| 从Linux虚拟机访问macOS文件的目录 |
| 从Linux虚拟机访问其他虚拟机的目录 |
| SSH私钥文件路径 |
| Docker守护进程配置文件路径 |
DNS Names
DNS名称
| Pattern | Description |
|---|---|
| Linux machine |
| Docker container |
| Compose service |
| macOS from Linux machine |
| macOS from container |
| Docker from Linux machine |
| 格式 | 说明 |
|---|---|
| Linux虚拟机的域名 |
| Docker容器的域名 |
| Compose服务的域名 |
| 从Linux虚拟机访问macOS的域名 |
| 从Docker容器访问macOS的域名 |
| 从Linux虚拟机访问Docker的域名 |
Machine Lifecycle
虚拟机生命周期
Creation
创建
bash
orb create ubuntu # Latest Ubuntu
orb create ubuntu:noble devbox # Ubuntu 24.04 named "devbox"
orb create --arch amd64 debian x86vm # x86 emulation via Rosetta
orb create --set-password ubuntu pwvm # With password set
orb create ubuntu myvm -c cloud.yml # With cloud-initSupported distros: Alma, Alpine, Arch, CentOS, Debian, Devuan, Fedora, Gentoo, Kali, NixOS, openSUSE, Oracle, Rocky, Ubuntu, Void
bash
orb create ubuntu # 创建最新版本的Ubuntu虚拟机
orb create ubuntu:noble devbox # 创建Ubuntu 24.04版本并命名为devbox的虚拟机
orb create --arch amd64 debian x86vm # 通过Rosetta创建x86架构的Debian虚拟机
orb create --set-password ubuntu pwvm # 创建带密码的Ubuntu虚拟机
orb create ubuntu myvm -c cloud.yml # 结合cloud-init配置创建虚拟机支持的发行版:Alma、Alpine、Arch、CentOS、Debian、Devuan、Fedora、Gentoo、Kali、NixOS、openSUSE、Oracle、Rocky、Ubuntu、Void
Lifecycle
生命周期管理
bash
orb start myvm # Start stopped machine
orb stop myvm # Stop machine
orb restart myvm # Restart
orb delete myvm # Delete permanently
orb default myvm # Set as default machine
orb logs myvm # View boot logsbash
orb start myvm # 启动已停止的虚拟机
orb stop myvm # 停止虚拟机
orb restart myvm # 重启虚拟机
orb delete myvm # 永久删除虚拟机
orb default myvm # 设置为默认虚拟机
orb logs myvm # 查看虚拟机启动日志Cloud-Init
Cloud-Init配置
Create machines with automated provisioning:
bash
orb create ubuntu myvm -c user-data.ymlExample :
user-data.ymlyaml
#cloud-config
packages:
- git
- vim
- docker.io
users:
- name: dev
groups: sudo, docker
shell: /bin/bash
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
- systemctl enable docker
- systemctl start dockerDebug cloud-init:
bash
orb logs myvm # Boot logs from macOS
orb -m myvm cloud-init status --long # Status inside machine
orb -m myvm cat /var/log/cloud-init-output.log通过自动化配置创建虚拟机:
bash
orb create ubuntu myvm -c user-data.yml示例:
user-data.ymlyaml
#cloud-config
packages:
- git
- vim
- docker.io
users:
- name: dev
groups: sudo, docker
shell: /bin/bash
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
- systemctl enable docker
- systemctl start docker排查cloud-init问题:
bash
orb logs myvm # 从macOS查看虚拟机启动日志
orb -m myvm cloud-init status --long # 在虚拟机内查看cloud-init状态
orb -m myvm cat /var/log/cloud-init-output.logNetworking
网络设置
Port Access
端口访问
Servers in Linux machines are automatically on :
localhostbash
undefinedLinux虚拟机中的服务器可自动映射到:
localhostbash
undefinedIn Linux: python3 -m http.server 8000
在Linux中启动HTTP服务:python3 -m http.server 8000
From macOS: curl localhost:8000 or curl myvm.orb.local:8000
从macOS访问:curl localhost:8000 或 curl myvm.orb.local:8000
undefinedundefinedConnecting from Linux to macOS
从Linux访问macOS
bash
undefinedbash
undefinedFrom Linux machine
从Linux虚拟机访问
curl host.orb.internal:3000
curl host.orb.internal:3000
From Docker container
从Docker容器访问
curl host.docker.internal:3000
undefinedcurl host.docker.internal:3000
undefinedVPN/Proxy
VPN/代理
- Fully VPN-compatible with automatic DNS handling
- Follows macOS proxy settings automatically
- Custom proxy:
orb config set network_proxy http://proxy:8080 - Disable:
orb config set network_proxy none
- 完全兼容VPN,自动处理DNS配置
- 自动跟随macOS的代理设置
- 自定义代理:
orb config set network_proxy http://proxy:8080 - 禁用代理:
orb config set network_proxy none
File Sharing
文件共享
macOS Files from Linux
从Linux访问macOS文件
bash
undefinedbash
undefinedSame paths work
直接使用macOS路径即可
cat /Users/allen/file.txt
cat /mnt/mac/Users/allen/file.txt # Explicit prefix
undefinedcat /Users/allen/file.txt
cat /mnt/mac/Users/allen/file.txt # 也可使用显式前缀路径
undefinedLinux Files from macOS
从macOS访问Linux文件
bash
ls ~/OrbStack/myvm/home/user/
ls ~/OrbStack/docker/volumes/myvolume/bash
ls ~/OrbStack/myvm/home/user/
ls ~/OrbStack/docker/volumes/myvolume/Transfer Commands
文件传输命令
bash
orb push ~/local.txt # To default machine home
orb pull ~/remote.txt # From default machine
orb push -m vm ~/f.txt /tmp/ # To specific pathbash
orb push ~/local.txt # 将本地文件推送到默认虚拟机的主目录
orb pull ~/remote.txt # 从默认虚拟机拉取文件到本地
orb push -m vm ~/f.txt /tmp/ # 将本地文件推送到指定虚拟机的指定路径SSH Access
SSH访问
Built-in multiplexed SSH server (no per-machine setup):
bash
ssh orb # Default machine
ssh myvm@orb # Specific machine
ssh user@myvm@orb # Specific user + machine内置多路复用SSH服务器(无需为每个虚拟机单独配置):
bash
ssh orb # 连接到默认虚拟机
ssh myvm@orb # 连接到指定虚拟机myvm
ssh user@myvm@orb # 以指定用户连接到指定虚拟机myvmIDE Setup
IDE配置
VS Code: Install "Remote - SSH" extension, connect to or
orbmyvm@orbJetBrains: Host , Port , Key
localhost32222~/.orbstack/ssh/id_ed25519VS Code:安装「Remote - SSH」扩展,连接到或
orbmyvm@orbJetBrains系列IDE:主机设为,端口设为,密钥路径为
localhost32222~/.orbstack/ssh/id_ed25519Ansible
Ansible配置
ini
[servers]
myvm@orb ansible_user=ubuntuSSH agent forwarding is automatic.
ini
[servers]
myvm@orb ansible_user=ubuntuSSH代理转发功能自动启用。
Docker Integration
Docker集成
Container Domains
容器域名
bash
docker run --name web nginxbash
docker run --name web nginxAccess: http://web.orb.local (no port needed for web servers)
Compose: <service>.<project>.orb.local
Compose服务:<service>.<project>.orb.local
undefinedundefinedHTTPS
HTTPS配置
Zero-config HTTPS for all domains:
.orb.localbash
curl https://mycontainer.orb.local所有域名默认支持HTTPS,无需额外配置:
.orb.localbash
curl https://mycontainer.orb.localCustom Domains
自定义域名
bash
docker run -l dev.orbstack.domains=myapp.local nginxbash
docker run -l dev.orbstack.domains=myapp.local nginxHost Networking
主机网络
bash
docker run --net=host nginxbash
docker run --net=host nginxlocalhost works both directions
localhost可双向访问
undefinedundefinedx86 Emulation
x86模拟
bash
docker run --platform linux/amd64 ubuntu
export DOCKER_DEFAULT_PLATFORM=linux/amd64 # Default to x86bash
docker run --platform linux/amd64 ubuntu
export DOCKER_DEFAULT_PLATFORM=linux/amd64 # 默认使用x86架构SSH Agent in Containers
容器中的SSH代理
bash
docker run -v /run/host-services/ssh-auth.sock:/agent.sock \
-e SSH_AUTH_SOCK=/agent.sock alpinebash
docker run -v /run/host-services/ssh-auth.sock:/agent.sock \
-e SSH_AUTH_SOCK=/agent.sock alpineVolumes vs Bind Mounts
卷与绑定挂载对比
Prefer volumes for performance (data stays in Linux):
bash
docker run -v mydata:/data alpine # Volume (fast)
docker run -v ~/code:/code alpine # Bind mount (slower)优先使用卷以获得更好性能(数据存储在Linux虚拟机内):
bash
docker run -v mydata:/data alpine # 卷(性能更优)
docker run -v ~/code:/code alpine # 绑定挂载(速度较慢)Kubernetes
Kubernetes(K8s)
bash
orb start k8s # Start cluster
kubectl get nodes # kubectl includedAll service types accessible from macOS without port-forward:
bash
curl myservice.default.svc.cluster.local # cluster.local works
curl 192.168.194.20 # Pod IPs work
curl myservice.k8s.orb.local # LoadBalancer wildcardLocal images available immediately (use non- tag or ).
latestimagePullPolicy: IfNotPresentbash
orb start k8s # 启动K8s集群
kubectl get nodes # 内置kubectl命令所有服务类型均可从macOS直接访问,无需端口转发:
bash
curl myservice.default.svc.cluster.local # 可直接使用cluster.local域名
curl 192.168.194.20 # 可直接访问Pod IP
curl myservice.k8s.orb.local # LoadBalancer服务的通配符访问本地镜像可直接在集群中使用(建议使用非标签或设置)。
latestimagePullPolicy: IfNotPresentTroubleshooting
故障排查
bash
orb report # Generate diagnostic report
orb logs myvm # Machine boot logs
orb logs docker # Docker engine logs
orb restart docker # Restart Docker
orb reset # Factory reset (deletes everything)Cannot connect to Docker daemon: Start OrbStack with , or fix context with
orb startdocker context use orbstackMachine not starting: Check , try
orb logs myvmorb restart myvmRosetta x86 error: Install x86 libc:
bash
sudo dpkg --add-architecture amd64
sudo apt update && sudo apt install libc6:amd64bash
orb report # 生成诊断报告
orb logs myvm # 查看虚拟机启动日志
orb logs docker # 查看Docker引擎日志
orb restart docker # 重启Docker引擎
orb reset # 恢复出厂设置(会删除所有数据)无法连接Docker守护进程:使用启动OrbStack,或通过切换Docker上下文
orb startdocker context use orbstack虚拟机无法启动:查看,尝试
orb logs myvmorb restart myvmRosetta x86模拟错误:安装x86架构的libc库:
bash
sudo dpkg --add-architecture amd64
sudo apt update && sudo apt install libc6:amd64Configuration
配置设置
bash
orb config set rosetta true # Enable x86 emulation
orb config set memory_mib 8192 # Memory limit (MiB)
orb config set cpu 4 # CPU limit (cores)
orb config set network_proxy auto # Proxy (auto/none/url)Docker daemon config at :
~/.orbstack/config/docker.jsonjson
{
"insecure-registries": ["registry.local:5000"],
"registry-mirrors": ["https://mirror.gcr.io"]
}Apply with .
orb restart dockerbash
orb config set rosetta true # 启用x86模拟
orb config set memory_mib 8192 # 设置内存限制(单位:MiB)
orb config set cpu 4 # 设置CPU核心数限制
orb config set network_proxy auto # 设置代理模式(自动/无/自定义URL)Docker守护进程配置文件路径::
~/.orbstack/config/docker.jsonjson
{
"insecure-registries": ["registry.local:5000"],
"registry-mirrors": ["https://mirror.gcr.io"]
}修改配置后执行使设置生效。
orb restart dockermacOS Commands from Linux
从Linux执行macOS命令
bash
mac open https://example.com # Open URL in macOS browser
mac uname -a # Run macOS command
mac link brew # Link command for reuse
mac notify "Build done" # Send notificationForward env vars:
bash
ORBENV=AWS_PROFILE:EDITOR orb ./deploy.shbash
mac open https://example.com # 在macOS浏览器中打开URL
mac uname -a # 执行macOS命令
mac link brew # 链接命令以便重复使用
mac notify "Build done" # 向macOS发送通知转发环境变量:
bash
ORBENV=AWS_PROFILE:EDITOR orb ./deploy.sh