linuxkit/blueprints/docker-for-mac/docker-17.06-ce.yml

services:
  # Run dockerd with the vpnkit userland proxy from the vpnkit-forwarder container.
  # Bind mounts /var/run to allow vsudd to connect to docker.sock, /var/vpnkit
  # for vpnkit coordination and /var/config/docker for the configuration file.
  - name: docker-dfm
    image: docker:17.06.0-ce-dind
    capabilities:
     - all
    net: host
    mounts:
     - type: cgroup
       options: ["rw","nosuid","noexec","nodev","relatime"]
    binds:
     - /var/lib/docker:/var/lib/docker
     - /lib/modules:/lib/modules
     - /var/vpnkit:/port # vpnkit control 9p mount
     - /var/run:/var/run
     - /var/config/docker:/var/config/docker
     - /usr/bin/vpnkit-expose-port:/usr/bin/vpnkit-expose-port # userland proxy
     - /usr/bin/vpnkit-iptables-wrapper:/usr/bin/iptables # iptables wrapper 
    command: [ "/usr/local/bin/docker-init", "/usr/local/bin/dockerd", "--",
            "--config-file", "/var/config/docker/daemon.json",
            "--swarm-default-advertise-addr=eth0",
            "--userland-proxy-path", "/usr/bin/vpnkit-expose-port",
            "--storage-driver", "overlay2" ]

files:
    - path: /var/config/docker/daemon.json
      contents: '{ "debug": true }'

trust:
    org:
        - library