Apple has introduced a toolkit for creating, loading, and running Linux containers on macOS. Containers on macOS are powered by lightweight virtual machines with a Linux kernel, launched using the Virtualization.framework hypervisor. Two packages are offered for working with Linux containers: containerization and container, written in Swift and open sourced under the Apache 2.0 license.
The Containerization package provides a low-level API for managing OCI container images, loading containers from external repositories, creating an Ext4 root filesystem, providing networking, building fast-booting Linux kernel variants, and creating virtual machines and launch individual containers within them. Containers can be associated with individual IP addresses. The vmnet framework is used to organize the virtual network stack associated with each container.
The virtual machine takes less than a second to start thanks to an optimized Linux kernel configuration and a stripped-down system environment with the lightweight vminitd init process. Interaction with the initialization process in virtual machine Implemented via the GRPC API over vsock. This API allows you to configure the operating environment and launch containers with user-selected payloads or separate, isolated processes on top of the virtual machine.
The Container package is a superstructure on top of the Containerization API, implementing high-level Docker-style tools for creating, loading, starting, and stopping Linux container images in the OCI format. Services are managed when launching containers using the Launchd system manager.
The toolkit can be used in macOS 15, but for full functionality and to avoid problems, it is recommended to use macOS 26 Beta 1. For example, in macOS 15, direct network interaction between containers does not work and binding of individual IPs to containers is limited. It is possible to work on ARM-based Apple Silicon Mac systems (M1/M2/M3/M4), computers based on Intel processors are not supported. To run containers built for the x86_64 architecture, the Rosetta 2 processor instruction translator is used.
Source: opennet.ru
