DEV Community

Cover image for Docker Was Blocked on My macOS Machine, but I Found an Unexpected Way Around It
Athreya aka Maneshwar
Athreya aka Maneshwar

Posted on

Docker Was Blocked on My macOS Machine, but I Found an Unexpected Way Around It

#webdev #beginners #programming #devops

Today started with what was supposed to be a simple task: install LiveReview on my macOS machine so I could validate changes before sending a PR to my lead.

Except… my company had completely blocked Docker Desktop.

The installer was flagged by macOS security and wouldn’t run.

Apparently Docker Desktop is a “nope” on our machines now.

But the PR had to go out. LiveReview needs Docker. So giving up wasn’t an option.

A friend dropped a tip:

“Try OrbStack. It runs Docker on macOS differently.”

I didn’t expect much, but I installed it anyway.

At first, macOS security grumbled, there was only two options, done/move to bin. I tried done, but it wouldn't let me run it. I removed it, restored it from the Bin to Applications, and—somehow it launched. "Run Anyways" in the angry pop-up.

I opened Terminal, ran docker ps, and… containers actually worked. LiveReview spun up, and I got my review done.

After the adrenaline wore off, I had a bigger question:

How did OrbStack run Docker when Docker Desktop itself was blocked?

That rabbit hole turned into this write-up.

What OrbStack actually is

OrbStack is a fast, lightweight replacement for Docker Desktop on macOS.

Under the hood, it runs a Docker Engine inside a highly optimized Linux VM and forwards the Docker socket to macOS, so your normal docker / docker compose commands just work.

It also lets you run full Linux “machines” (VMs) with tight macOS integration.

Why it felt different on my Mac

Here’s the technical picture, minus the marketing fluff:

  • Official Apple virtualization OrbStack builds on Apple’s Virtualization.framework and a tuned Linux VM rather than older stacks; the VM is small and tightly integrated with macOS.
  • Docker Engine inside the VM, socket forwarded to macOS OrbStack runs Docker Engine alongside its Linux machines and forwards the Docker socket to your host, so the host docker CLI talks to that engine transparently.
  • Fast file sharing File mounts use VirtioFS with custom dynamic caching (bind mounts and host-file access are snappy).
  • x86/amd64 on Apple Silicon via Rosetta On Apple Silicon, OrbStack can run Intel-only Linux binaries/images using Rosetta for Linux, which is generally much faster than plain QEMU emulation. You can even create full Intel (amd64) machines with a flag.
  • Networking that follows your Mac It ships a custom virtual network stack that respects your Mac’s VPN/DNS settings and supports direct container IP access, host networking, and localhost port forwards.

None of this guarantees it’ll sidestep your company’s controls. Enterprise security policies vary a lot.

In my case OrbStack launched where Docker Desktop didn’t—but that’s an anecdote, not a promise.

Docker Desktop in 2025: what’s changed

A few years ago it was accurate to say “Docker Desktop uses slow osxfs and QEMU.” That’s outdated:

  • File sharing: Docker Desktop has VirtioFS and has for a while.
  • x86/amd64 on Apple Silicon: Docker Desktop can use Rosetta for Linux (toggle in Settings).
  • VM tech: Docker Desktop now supports multiple VMMs (Apple Virtualization.framework, a new Docker VMM on Apple Silicon, and legacy options); QEMU as a VMM is being deprecated.

So performance deltas depend on workload and configuration.

OrbStack’s edge is its focused design (single purpose, lots of low-level tuning for Mac) rather than “the other guy is ancient tech.”

How OrbStack “runs Docker” on macOS (in plain English)

  1. It boots a small, optimized Linux VM using Apple’s virtualization APIs.
  2. It runs a Docker Engine inside that VM.
  3. It forwards the Docker socket to macOS so the host docker CLI and tools talk to that engine.
  4. It accelerates file mounts (VirtioFS + smart caching) and streamlines networking so local-dev tasks feel native. ([OrbStack Docs][3])

OrbStack vs Docker Desktop vs “native Docker on Linux”

Area Docker on Linux Docker Desktop (macOS, 2025) OrbStack (macOS)
Kernel / runtime Native Linux Linux VM using Apple Virtualization.framework or Docker VMM (legacy HyperKit/QEMU paths exist) Lightweight Linux VM with deep macOS integration
Docker CLI compatibility Native Native Drop-in (docker, docker compose)
File sharing Native FS VirtioFS (plus alternatives) VirtioFS + dynamic caching
x86/amd64 on Apple Silicon N/A (native) Rosetta for Linux option Rosetta for machines/containers
Networking Native VM networking (varies by VMM; follows host) Custom stack that follows macOS VPN/DNS, direct IP, host networking
Kubernetes Yes (if installed) Built-in option Supported (docs & features)

My verdict after that hectic day

OrbStack wasn’t just a workaround. It gave me:

  • a clean docker CLI that “just worked,”
  • fast mounts and a responsive dev loop,
  • and fewer moving parts to micromanage.

Most importantly: it let me run LiveReview and ship the PR while Docker Desktop was blocked on my machine.

If Docker Desktop is restricted in your environment or you just want a leaner Mac-native setup, OrbStack is absolutely worth a try.

FreeDevTools

I’ve been building FreeDevTools.

A collection of developer resources & tools crafted to save time and reduce friction in searching tools/materials.

Any feedback or contributions are welcome!

It’s online, open-source, and ready for anyone to use.

👉 Check it out: FreeDevTools
⭐ Star it on GitHub: freedevtools

Top comments (0)