macOS Container Machines

Developer Tools
Infrastructure
Programming
AI
Hardware

Apple’s new “container machines” extend its earlier containerization work into something closer to a lightweight, long-lived Linux dev box on macOS. Under the hood it is still virtualization. Each container runs in its own small Linux VM rather than sharing one big Linux VM like Docker Desktop or Colima often do. Apple pitches that as a better balance of isolation, privacy, and startup time, with support for persistence, filesystem mounts, and even systemd when the guest image includes it. That framing mattered because many readers initially assumed this was just another OCI runtime or a native Darwin container system. It is neither. It is an Apple-managed way to run Linux workloads on a Mac with less visible VM friction.

The reaction was enthusiastic about Apple finally taking this use case seriously, but not convinced the new tool is ready to displace what people already use. The strongest consensus was that this is basically “WSL2 for macOS,” which is useful because modern development targets Linux far more than generic POSIX. That also explains why Apple chose virtualization instead of chasing a WSL1-style syscall compatibility layer. Several comments argued that once developers need cgroups, namespaces, systemd, and exact Linux kernel behavior, emulation becomes a maintenance trap and a source of weird breakage. A tiny VM gets you the real thing. Where the conversation got practical was around tradeoffs versus existing tools. OrbStack came up constantly because many people already see it as the best Mac container experience. Its developer said OrbStack uses a custom virtualization stack and custom filesystem sharing, with the biggest advantage being dynamic memory that can be returned to macOS. Apple’s stack can grow guest memory with ballooning but cannot shrink it back yet, and sparse disks do not shrink conveniently either. That turned memory pressure into the clearest functional gap, especially for laptop users who leave dev environments running all day. Filesystem performance was the other recurring pain point. Readers noted that Mac host-to-Linux guest mounts have historically been slow enough to break Node and other small-file-heavy workflows. Apple uses virtiofs for host mounts, but several people doubted this alone changes the underlying reality much. The other major theme was that Apple built the one Linux feature everyone can approximate, while still not building the one thing only Apple could uniquely provide: strong native macOS containers or jails. That complaint was especially sharp from people running macOS CI for iOS or Mac builds, where Apple still forces real Macs, limits VM use, and leaves teams stitching together expensive workarounds. So the new feature was seen as valuable for Linux-on-Mac development, but also as an implicit admission that macOS is not where modern server-side workflows live. Overall mood was positive about the direction and skeptical about version one. People expect it to become a solid platform primitive that Podman, Docker-adjacent tools, and agent sandboxes can build on. Right now, though, existing users of OrbStack, Lima, Colima, Multipass, or Podman mostly saw no urgent reason to switch unless Apple closes gaps around memory reclamation, networking, USB and GPU passthrough, DNS reliability, and higher-level workflow support like Compose-style multi-service setups.

If you run Linux-heavy dev workflows on Macs, this is worth tracking as Apple’s first-party base layer, not as an immediate replacement for your current setup. For teams choosing tooling today, the decision still comes down to host file I/O, memory reclaim, device passthrough, and whether you need Compose-like workflows or full VM features.

June 10, 2026
github.com
Discuss on HN

Discussion mood

Mostly positive about Apple finally shipping a first-party Linux-on-Mac developer primitive, but skeptical that it beats mature tools yet. The excitement came from lower-friction Apple-native support and better isolation, while the hesitation centered on memory not being reclaimed, persistent file I/O pain, missing device and networking features, and the sense that OrbStack or existing VM stacks already solve more real-world problems today.

Key insights

OrbStack’s edge is reclaiming memory

OrbStack’s advantage is not just polish. Its custom virtualization stack can return unused guest RAM back to macOS, which Apple’s current containerization stack cannot do. That changes the day-to-day laptop experience because idle Linux environments stop acting like permanently reserved memory, and it explains why several readers who liked Apple’s direction still planned to stay on OrbStack.

If your team keeps multiple dev environments running on MacBooks, measure steady-state RAM after workloads go idle. Memory reclamation is a product-defining feature here, not a benchmark footnote.

Attribution:

kdrag0n #1 #2 #3
kxxx #1
CGamesPlay #1

Host filesystem sharing is still the pain point

The hard problem is not booting tiny VMs. It is making Linux guests work smoothly against a macOS filesystem. Apple uses virtiofs for mounts, but commenters with experience on Docker-for-Mac-style stacks said small-file workloads, file watchers, and dev servers are where these setups still fall apart. One sharp recommendation was to stop treating host mounts as the default and keep active project state inside the guest when performance matters.

For Node, Rust, and hot-reload stacks, test your real edit-build-watch loop before standardizing on any Mac container solution. If it stutters, move the working tree into the guest and sync only what you must.

Attribution:

jdub #1 #2
miohtama #1
gempir #1

A WSL1-style compatibility layer is the wrong fight

The better explanation for Apple’s VM-first design is not laziness. It is that developers increasingly need exact Linux behavior, not just a mostly POSIX shell. WSL1 came up as the warning sign. The syscall translation idea was elegant, but filesystem semantics and Linux-specific kernel features turned it into a compatibility treadmill. Several comments made the same point in different ways: once the workload expects cgroups, namespaces, and systemd, you are effectively reimplementing Linux badly unless you just run Linux.

If your product depends on deep Linux behavior, optimize the VM path rather than waiting for a “native” compatibility layer. Compatibility shims look cheaper until edge cases become your support queue.

Attribution:

mjg59 #1
barrkel #1
qalmakka #1 #2

Apple still avoids native macOS containerization

The most frustrated reactions were not about Linux performance. They were about what Apple still refuses to do for its own platform. People want native macOS containers or at least denser sandboxed build isolation for CI, because Apple requires real Macs for large parts of the iOS and macOS toolchain. Instead, Apple shipped better Linux-on-Mac. That helps general development, but it does nothing for the expensive Mac build farm problem that only Apple can really solve.

If you run macOS CI, do not expect this feature to lower your Mac hardware footprint. Keep planning around VMs, bare-metal runners, and bespoke snapshotting until Apple exposes denser native isolation for macOS workloads.

Attribution:

qalmakka #1 #2 #3
m463 #1
egorfine #1
thedougd #1

Sandboxing untrusted code is the near-term killer use

Beyond classic app development, several readers immediately saw container machines as a safer execution layer for AI agents, throwaway build jobs, and untrusted code. That use case fits the architecture better than pretending it is a drop-in Docker Desktop clone. The isolation story is stronger than ordinary containers on Linux, and people are already wiring Apple’s stack or competing machine abstractions into local agent runners and secure sandboxes.

If you are building AI coding workflows or internal execution sandboxes on Macs, pilot this as an isolation primitive now. It may be more valuable for ephemeral untrusted tasks than for your existing Compose-based dev stack.

Attribution:

Igor_Wiwi #1
TheTaytay #1
kdrag0n #1
blackqueeriroh #1
keybits #1
jlhawn #1
vachanmn123 #1
sachinjoseph #1

Peripheral access is still a gating feature

A lot of real developer workflows stop being “just containers” the moment hardware enters the picture. Embedded work, storage tools, SD cards, debuggers, GPUs, and USB devices all came up as immediate blockers. Some commenters pointed to new USB passthrough support arriving in Apple’s virtualization framework and hacks like USB/IP with a custom kernel, but the message was clear: until these features are surfaced cleanly, many power users will keep a fuller VM tool around.

Audit whether your developers need USB, serial, GPU, or custom network access before treating container machines as a standard base image. If they do, plan for a mixed fleet of tools instead of a single blessed runtime.

Attribution:

alerighi #1
mrpippy #1
rgovostes #1
commandersaki #1
konaraddi #1

Against the grain

Containers can still be a reasonable boundary

Against the repeated line that “containers are not a security mechanism,” some commenters pushed back that default unprivileged containers are a perfectly usable safety boundary for many cases. Their point was that most disaster stories come from obvious own goals like mounting sensitive host paths read-write, handing over the Docker socket, or adding broad capabilities. That reframes Apple’s VM-per-container model as stronger isolation, but not proof that ordinary containers are worthless.

Match your isolation choice to the threat model instead of assuming VMs are always necessary. For many internal tools, a minimally privileged container is good enough if you avoid the well-known footguns.

Attribution:

lxgr #1 #2
fc417fc802 #1

The Mac server market may be too small

The popular theory that Apple blocks native macOS containers to protect Mac mini sales got pushback. One reply argued the market is statistically tiny compared with Apple’s overall business, so deliberate revenue defense is probably not the real reason. That does not explain Apple’s choice, but it weakens the easy story that every missing feature is a hardware upsell tactic.

Be careful building strategy around assumed vendor motives. Missing platform features can come from product focus, engineering cost, or policy constraints just as much as direct monetization.

Attribution:

qalmakka #1
coldtea #1

There is no reason to switch yet

One blunt view was that from a normal developer’s perspective there is currently no payoff in moving from Colima or OrbStack to Apple’s tooling. The value today is mostly strategic. Apple is laying groundwork for a first-party solution, not delivering a clearly better daily driver right now. That cuts through a lot of launch excitement.

Do not schedule migration work just because Apple shipped a foundation layer. Revisit when your existing stack is the bottleneck or when downstream tools make Apple’s runtime materially easier to operate.

Attribution:

CarlitosHighway #1

In plain english

ballooning ↩

A virtual machine memory management technique that lets the guest adjust how much host RAM it uses.

cgroups ↩

Control groups, a Linux kernel feature for limiting and accounting for CPU, memory, and other resources used by processes.

CI ↩

Continuous integration, a development practice where code changes are merged and tested frequently using automation.

Colima ↩

A macOS tool that provides a local Linux VM for running container runtimes like Docker or containerd without Docker Desktop.

Compose ↩

Usually Docker Compose, a declarative format for defining and running multiple connected container services together.

DNS ↩

Domain Name System, the internet service that turns names like example.com into the network addresses computers use.

Docker Desktop ↩

Docker’s official desktop application for running containers on macOS and Windows, typically by managing a Linux VM behind the scenes.

GPU ↩

Graphics Processing Unit, the processor specialized for rendering graphics and accelerating some compute tasks.

Lima ↩

Linux virtual machines on macOS, an open source tool for running Linux VMs on Macs, often used under higher-level tools like Colima.

namespaces ↩

A Linux kernel feature that gives processes isolated views of system resources such as filesystems, networking, and process IDs.

OCI ↩

Open Container Initiative, the set of standards that defines common image and runtime formats for containers such as Docker-compatible images.

Podman ↩

An open source container engine positioned as a Docker alternative, often used without a central daemon.

POSIX ↩

Portable Operating System Interface, a family of standards that defines common Unix-like operating system APIs.

systemd ↩

A widely used Linux init system and service manager that starts background services and manages system state.

USB/IP ↩

A protocol that forwards Universal Serial Bus devices over a network so they can appear attached to a remote machine.

virtiofs ↩

A virtualization file sharing mechanism that lets a guest operating system access host files more efficiently than older shared-folder methods.

VM ↩

Virtual machine, a software-emulated computer that runs its own operating system isolated from the host.

WSL1 ↩

The first version of Windows Subsystem for Linux, which translated Linux system calls instead of running a real Linux kernel.

WSL2 ↩

The second version of Windows Subsystem for Linux, which runs a real Linux kernel inside a lightweight virtual machine.

Reference links

Apple docs and videos

Apple container machine documentation
Primary documentation for the new container machines feature
WWDC 2026 Discover container machines
Apple’s video explanation of the feature and intended workflows
Container technical overview
Explains the per-container VM design, limits, and architecture details
WWDC 2026 virtualization accessory access session
Referenced for new virtualization framework improvements around device access

Competing tools and implementations

OrbStack
The most frequently cited alternative, praised for performance and UX
OrbStack isolated machines issue
Used to discuss recent isolation features in OrbStack machines
OrbStack isolated machines docs
Reference for OrbStack’s newer sandboxing and isolation controls
OrbStack release notes
Referenced as evidence of recent sandboxing and stability improvements
OrbStack bridge networking issue
Example of a missing feature users still want from OrbStack
smolvm
Alternative lightweight VM tooling suggested for similar use cases
Tart
Another macOS VM-oriented tool readers wanted compared against Apple’s approach
crucible
Tool built on Apple’s containerization framework to run BuildKit or dockerd

Security and sandboxing references

OWASP Docker Security Cheat Sheet
Security guidance cited in the discussion about whether containers are a real sandbox
sandbox-exec article
Explores using Apple’s container tech as a successor to sandbox-exec for untrusted code
coderunner MCP
Example project exposing Apple containers to AI coding agents via MCP

Background and related systems

Kata Containers
Referenced as a precedent for running containers inside lightweight VMs for stronger isolation
Microsoft mxc
Referenced as Microsoft’s similar Build-announced feature
Pico process overview
Background on WSL’s original implementation model
Anil Madhavapeddy’s notes on Apple containerisation
Prior technical notes used to frame this release as an extension of Apple’s earlier work
A decade of Docker containers
Cited for context on networking and Docker-for-Mac design tradeoffs