[{"id":"f25650f3-8097-47c4-9ea1-46b76f62b175","thread_id":"d7814d76-15cc-46a2-9313-255084cbd51e","created_at":"2026-01-13T02:06:15Z","state":"done","prompt":"Research on the development progress and the stability, reliability and community acceptance (or lack thereof) of the Apple `container` project and how well it can be used to replace other container runtimes like Docker or colima or Podman Desktop.\n\nDescribe at length, and don't hesitate on technical terminology and nuances; assume your reader is an experienced software developer and architect that uses container technology regularly.\n\nhttps://github.com/apple/container/","references_html":"<ol data-ref-list>\n \n <li>\n <a href=\"https://github.com/apple/container/\" >container GitHub Repo</a>\n <span class=\"__domain-name\">github.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 80%, transparent 80%)\">80%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n <li>\n <a href=\"https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9\" >Run Docker Containers Without Admin Rights and... | Medium</a>\n <span class=\"__domain-name\">medium.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 7%, transparent 7%)\">7%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n <li>\n <a href=\"https://github.com/apple/container/actions\" >Actions</a>\n <span class=\"__domain-name\">github.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 7%, transparent 7%)\">7%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n <li>\n <a href=\"https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/\" >Podman v Colima 2025, on Apple Silicon</a>\n <span class=\"__domain-name\">www.reddit.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 3%, transparent 3%)\">3%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n <li>\n <a href=\"https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4\" >Docker Container Solutions: A Complete Guide to Docker, Colima, and ...</a>\n <span class=\"__domain-name\">medium.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 2%, transparent 2%)\">2%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n <li>\n <a href=\"https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2\" >The Great Container Debate: Docker vs Podman - Medium</a>\n <span class=\"__domain-name\">medium.com</span>\n <div class=\"trigger\" tabindex=\"0\">\n <span class=\"contribution\" style=\"background: linear-gradient(to right, var(--primary-70) 1%, transparent 1%)\">1%</span>\n <div class=\"tooltip top end tooltip_base tw-auto\">\n This percentage indicates how much a source has contributed to the answer.\n </div>\n </div>\n </li>\n \n</ol>\n","references_md":"[^1]: [container GitHub Repo](https://github.com/apple/container/) (80%)\n[^2]: [Run Docker Containers Without Admin Rights and... | Medium](https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9) (7%)\n[^3]: [Actions](https://github.com/apple/container/actions) (7%)\n[^4]: [Podman v Colima 2025, on Apple Silicon](https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/) (3%)\n[^5]: [Docker Container Solutions: A Complete Guide to Docker, Colima, and ...](https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4) (2%)\n[^6]: [The Great Container Debate: Docker vs Podman - Medium](https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2) (1%)\n","reply":"<details><summary>Planned research</summary>\n<ul>\n<li>Examine the official GitHub repository for project status, release history, architecture, and feature completeness</li>\n<li>Search for community discussions and reviews on Hacker News, Reddit, and developer blogs</li>\n<li>Look for technical comparisons with Docker, colima, and Podman Desktop</li>\n<li>Investigate known issues, limitations, and stability concerns</li>\n<li>Assess community adoption signals (stars, forks, contributors, issue activity)</li>\n<li>Identify use cases where it excels or falls short compared to alternatives</li>\n</ul>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://github.com/apple/container/\" target=\"_blank\">container GitHub Repo</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>Provide a comprehensive overview of the Apple container project: What is it, what are its goals, architecture, current development status, release history, supported features, known limitations, and how it compares to Docker/Podman/colima? Include information from the README, any documentation, and recent commits/releases.</p>\n<h3>Response</h3>\n<h1><code>container</code></h1>\n<p><code>container</code> is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.</p>\n<p>Context: The document describes the 'container' tool as a utility for creating and running Linux containers on Mac, functioning like lightweight virtual machines. It highlights that the tool is written in Swift and optimized for Apple silicon.</p>\n<hr>\n<p>The tool consumes and produces <a href=\"https://github.com/opencontainers/image-spec\" target=\"_blank\">OCI-compatible container images</a>, so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compatible application.</p>\n<p>Context: The 'container' tool is compatible with OCI-standard container images, allowing users to pull images from registries and push their own built images to be run in other OCI-compatible applications.</p>\n<hr>\n<p><code>container</code> uses the <a href=\"https://github.com/apple/containerization\" target=\"_blank\">Containerization</a> Swift package for low level container, image, and process management.</p>\n<p>Context: The underlying technology for 'container' is the 'Containerization' Swift package, which handles low-level management of containers, images, and processes.</p>\n<hr>\n<p>You need a Mac with Apple silicon to run <code>container</code>. To build it, see the <a href=\"./BUILDING.md\" target=\"_blank\">BUILDING</a> document.</p>\n<p><code>container</code> is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the <code>container</code> maintainers typically will not address issues that cannot be reproduced on the macOS 26.</p>\n<p>Context: The 'container' tool requires a Mac with Apple silicon and is supported on macOS 26, leveraging new virtualization and networking features. Older macOS versions are not supported, and issues on older versions are typically not addressed.</p>\n<hr>\n<h2>Project Status</h2>\n<p>The container project is currently under active development. Its stability, both for consuming the project as a Swift package and the <code>container</code> tool, is only guaranteed within patch versions, such as between 0.1.1 and 0.1.2. Minor version number releases may include breaking changes until we achieve a 1.0.0 release.</p>\n<p>Context: The project is currently under active development. Stability is guaranteed only within patch versions (e.g., between 0.1.1 and 0.1.2). Minor version releases may introduce breaking changes until a 1.0.0 release is achieved.</p>\n<hr>\n<p>Links from Source - Can be extracted on follow up librarian calls:</p>\n<p>Link: https://github.com/apple/container<br>\nContext: The main GitHub repository for the 'container' project.<br>\nLink: https://github.com/apple/container/releases<br>\nContext: The GitHub release page where signed installer packages for 'container' can be downloaded.<br>\nLink: https://github.com/apple/containerization<br>\nContext: The Swift package used by 'container' for low-level container, image, and process management.<br>\nLink: https://apple.github.io/container/documentation/<br>\nContext: API documentation for the 'container' project.</p>\n</details>\n<details><summary>Searched with Kagi<p></p>\n<ul>\n<li>Apple container project GitHub macOS container runtime</li>\n<li>Apple container vs Docker vs colima vs Podman comparison</li>\n<li>Apple container project review developer experience 2024 2025</li></ul></summary><br>\n Sources (30):<br>\n<strong>apple/container: A tool for creating and running Linux ...</strong><br>\n<a href=\"https://github.com/apple/container\" target=\"_blank\">https://github.com/apple/container</a><br>\nJun 09, 2025 You need a Mac with Apple silicon to run container. To build it, see the BUILDING document. container is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the container maintainers typically will not address issues that cannot be reproduced on the macOS 26. Install or upgrade. If you're upgrading, first stop and uninstall your existing container (the -k flag keeps your user data, while -d removes it)\n\n<p><strong>Issues 53</strong><br>\n<a href=\"https://github.com/apple/container/issues\" target=\"_blank\">https://github.com/apple/container/issues</a><br>\n Issues 53 - GitHub - apple/container: A tool for creating and running Linux ...</p>\n<p><strong>GitHub - apple/containerization: Containerization is a Swift package for...</strong><br>\n<a href=\"https://github.com/apple/containerization\" target=\"_blank\">https://github.com/apple/containerization</a><br>\nJun 10, 2025 Containers achieve sub-second start times using an optimized Linux kernel configuration and a minimal root filesystem with a lightweight init system. vminitd is a small init system, which is a subproject within Containerization. vminitd is spawned as the initial process inside of the virtual machine and provides a GRPC API over vsock. The API allows the runtime environment to be configured and containerized processes to be launched. vminitd provides I/O, signals, and events to the calling process when a process is run.</p>\n<p><strong>Releases · apple/container</strong><br>\n<a href=\"https://github.com/apple/container/releases\" target=\"_blank\">https://github.com/apple/container/releases</a><br>\n A tool for creating and running Linux containers using lightweight virtual machines on a Mac. It is written in Swift, and optimized for Apple silicon. - Releases · apple/container</p>\n<p><strong>Pull requests 5</strong><br>\n<a href=\"https://github.com/apple/container/pulls\" target=\"_blank\">https://github.com/apple/container/pulls</a><br>\n Pull requests 5 - GitHub - apple/container: A tool for creating and running Linux ...</p>\n<p><strong>GitHub - cafiore7/ac9s: AC9s is a Textual-powered TUI (Terminal User...</strong><br>\n<a href=\"https://github.com/cafiore7/ac9s\" target=\"_blank\">https://github.com/cafiore7/ac9s</a><br>\nJun 16, 2025 macOS 15+ (Sonoma or Sequoia beta with native container support). Apple's container CLI installed (part of macOS 15 Developer Preview). Python 3.10+. Docker images available to the container runtime.Developer Notes. This project uses Apple's new container runtime on macOS 15+ which exposes the container CLI. Built using Textual framework for terminal UI development.</p>\n<p><strong>Discussions</strong><br>\n<a href=\"https://github.com/apple/container/discussions\" target=\"_blank\">https://github.com/apple/container/discussions</a><br>\n Explore the GitHub Discussions forum for apple container. Discuss code, ask questions & collaborate with the developer community.</p>\n<p><strong>GitHub - abiosoft/colima: Container runtimes on macOS (and Linux)...</strong><br>\n<a href=\"https://github.com/abiosoft/colima\" target=\"_blank\">https://github.com/abiosoft/colima</a><br>\nSep 06, 2021 Support for Intel and Apple Silicon macOS, and Linux. Simple CLI interface with sensible defaults. Automatic Port Forwarding. Volume mounts. Multiple instances.Docker client is required for Docker runtime. Installable with brew brew install docker. You can use the docker client on macOS after colima start with no additional setup. Containerd.</p>\n<p><strong>Actions</strong><br>\n<a href=\"https://github.com/apple/container/actions\" target=\"_blank\">https://github.com/apple/container/actions</a><br>\n Actions - GitHub - apple/container: A tool for creating and running Linux ...</p>\n<p><strong>container/docs/technical-overview.md at main</strong><br>\n<a href=\"https://github.com/apple/container/blob/main/docs/technical-overview.md\" target=\"_blank\">https://github.com/apple/container/blob/main/docs/technical-overview.md</a><br>\n A tool for creating and running Linux containers using lightweight virtual machines on a Mac. It is written in Swift, and optimized for Apple silicon.</p>\n<p><strong>Podman v Colima 2025, on Apple Silicon</strong><br>\n<a href=\"https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/\" target=\"_blank\">https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/</a><br>\nMar 13, 2025 Podman tries very hard to be as Docker-compatible as possible, so Dockerfiles generally work exactly the same with Podman. You can also call ...</p>\n<p><strong>Docker Container Solutions: A Complete Guide to Docker, Colima, and ...</strong><br>\n<a href=\"https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4\" target=\"_blank\">https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4</a><br>\n In this comprehensive guide, we’ll explore Docker itself, Colima, and other popular container solutions with real-world examples and practical implementation guides. Before diving into...</p>\n<p><strong>The Great Container Debate: Docker vs Podman - Medium</strong><br>\n<a href=\"https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2\" target=\"_blank\">https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2</a><br>\n In this article, we’ll delve into the pros and cons of Podman and Docker, exploring their differences, similarities, and use cases. By the end of this comparison, you’ll have a better...</p>\n<p><strong>Apple just killed Docker Desktop (or did they?) | by BuildShift</strong><br>\n<a href=\"https://medium.com/@devlinktips/apple-just-killed-docker-desktop-or-did-they-75b912b61d3a\" target=\"_blank\">https://medium.com/@devlinktips/apple-just-killed-docker-desktop-or-did-they-75b912b61d3a</a><br>\nOct 13, 2025 Apple quietly dropped native container support. Here's what it means for devs, why Docker might be sweating, and whether you should actually ...</p>\n<p><strong>Run Docker Containers Without Admin Rights and... | Medium</strong><br>\n<a href=\"https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9\" target=\"_blank\">https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9</a><br>\nMay 16, 2025 Colima vs. Podman: Feature Comparison. Press enter or click to view image in full size. Podman has even podman-desktop as docker-desktop replacement, but Colima is a more native solution for MacOS.Apple’s Native Containers Explained for Beginners: From Brew to “Hello World”. Faster, Lighter, and Finally Native: Why Apple’s Containers Deserve a Spot on Your Mac.</p>\n<p><strong>Free Docker Desktop Alternative for macOS | by Wei Kang | Medium</strong><br>\n<a href=\"https://medium.com/javarevisited/free-docker-desktop-alternative-for-mac-c3845d8a2345\" target=\"_blank\">https://medium.com/javarevisited/free-docker-desktop-alternative-for-mac-c3845d8a2345</a><br>\nFeb 02, 2022 Note: Uninstalling Docker Desktop destroys Docker containers, images, volumes, and other Docker related data local to the machine, and removes the files generated by the application. Refer to the back up and restore data section to learn how to preserve important data before uninstalling.The Combination of Lima & Colima has a killer feature that Docker still does not offer: They support using Rosetta 2 for Containers on M1 Macs. This e.g. enables us to run SQL Server for Linux as a Container on a M1 mac without the need for the very slow QEMU CPU Emulation.</p>\n<p><strong>Apple Native Containers vs Docker: A Game-Changer or Just Hype?</strong><br>\n<a href=\"https://medium.com/@dileepapraveen32/apple-native-containers-vs-docker-a-game-changer-or-just-hype-dbab18a675b3\" target=\"_blank\">https://medium.com/@dileepapraveen32/apple-native-containers-vs-docker-a-game-changer-or-just-hype-dbab18a675b3</a><br>\n Apple Native Containers vs Docker: A Game-Changer or Just Hype? As containers dominate modern development workflows, running them efficiently on macOS has always required clever...</p>\n<p><strong>My first deep dive with Apple Containerization on macOS 15.5 ... - Medium</strong><br>\n<a href=\"https://medium.com/@guillem.riera/my-first-deep-dive-with-apple-containerization-on-macos-15-5-and-how-i-started-7bdfb275c34a\" target=\"_blank\">https://medium.com/@guillem.riera/my-first-deep-dive-with-apple-containerization-on-macos-15-5-and-how-i-started-7bdfb275c34a</a><br>\n So what is the difference between this and Docker, Podman, Colima and the like? Well, Apple has its own opinion on how containerization should be done properly. Some of the...</p>\n<p><strong>Docker Desktop Alternatives 2025: Podman, OrbStack, Colima ...</strong><br>\n<a href=\"https://fsck.sh/en/blog/docker-desktop-alternatives-2025/\" target=\"_blank\">https://fsck.sh/en/blog/docker-desktop-alternatives-2025/</a><br>\nJul 15, 2025 Podman (Pod Manager) is Red Hat's answer to Docker, and it's genuinely excellent. If you've been burned by Docker's daemon architecture or need ...</p>\n<p><strong>Podman and Colima as docker desktop alternatives for ... - Mushycode</strong><br>\n<a href=\"https://mushycode.in/docker-desktop-alternative-podman-colima.html\" target=\"_blank\">https://mushycode.in/docker-desktop-alternative-podman-colima.html</a><br>\n Replacing Docker Desktop with Podman or Colima on a Mac is relatively easy, and both tools offer certain pros and cons. Podman is a lightweight tool that provides a Docker-compatible CLI, while Colima provides a native, web-based interface for managing containers.</p>\n<p><strong>First Hands-On Experience with Apple Containers!</strong><br>\n<a href=\"https://alain-airom.medium.com/first-hands-on-experience-with-apple-containers-191bffa0e829\" target=\"_blank\">https://alain-airom.medium.com/first-hands-on-experience-with-apple-containers-191bffa0e829</a><br>\nSep 13, 2025 This is poised to dramatically improve performance, streamline developer workflows, and usher in a new era of seamless, efficient development.</p>\n<p><strong>Apple’s New Containerization Framework: A Deep Dive into macOS’s Future ...</strong><br>\n<a href=\"https://chamodshehanka.medium.com/apples-new-containerization-framework-a-deep-dive-into-macos-s-future-for-developers-cf102643394a\" target=\"_blank\">https://chamodshehanka.medium.com/apples-new-containerization-framework-a-deep-dive-into-macos-s-future-for-developers-cf102643394a</a><br>\nJun 15, 2025 At WWDC 2025, Apple unveiled a significant new offering for developers: “Containerization,” an open-source Swift framework, and “container,” its accompanying command-line interface (CLI).1 The primary purpose of these tools is to empower developers to create, run, and deploy Linux containers directly on macOS, with a design specifically optimized for Apple Silicon Macs.</p>\n<p><strong>GitHub - apple/container: A tool for creating and running Linux...</strong><br>\n<a href=\"https://github.com/apple/container\" target=\"_blank\">https://github.com/apple/container</a><br>\nJun 09, 2025 You need a Mac with Apple silicon to run container. To build it, see the BUILDING document. container is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the container maintainers typically will not address issues that cannot be reproduced on the macOS 26.</p>\n<p><strong>2025-10 · Milestone #3 · apple/container</strong><br>\n<a href=\"https://github.com/apple/container/milestone/3\" target=\"_blank\">https://github.com/apple/container/milestone/3</a><br>\nOct 23, 2025 A tool for creating and running Linux containers using lightweight virtual machines on a Mac. It is written in Swift, and optimized for Apple silicon. - apple/container.You can’t perform that action at this time. 2025-10 · Milestone #3 · apple/container.</p>\n<p><strong>What You Need To Know About Apple's New Container ...</strong><br>\n<a href=\"https://thenewstack.io/what-you-need-to-know-about-apples-new-container-framework/\" target=\"_blank\">https://thenewstack.io/what-you-need-to-know-about-apples-new-container-framework/</a><br>\nJun 12, 2025 The Developer Experience Revolution. For macOS developers wrestling with Docker Desktop’s licensing costs, performance issues and VM overhead, Apple’s Containerization framework offers a compelling native alternative.For organizations prioritizing security without compromising developer experience, that transition begins now. Apple has solved half the equation by making hypervisor-isolated containers accessible for development.</p>\n<p><strong>Apple Containers on macOS: A Technical... - The New Stack</strong><br>\n<a href=\"https://thenewstack.io/apple-containers-on-macos-a-technical-comparison-with-docker/\" target=\"_blank\">https://thenewstack.io/apple-containers-on-macos-a-technical-comparison-with-docker/</a><br>\nJul 21, 2025 Development Experience and Ecosystem. Apple Container CLI and Workflow. The Container CLI tool offers familiar command-line operations for managing containers.The Swift-based toolchain integrates naturally with Xcode and other Apple development tools, potentially providing a more cohesive development experience for iOS and macOS developers.</p>\n<p><strong>Tutorial: Setting Up and Exploring Apple... - The New Stack</strong><br>\n<a href=\"https://thenewstack.io/tutorial-setting-up-and-exploring-apple-containerization-on-macos/\" target=\"_blank\">https://thenewstack.io/tutorial-setting-up-and-exploring-apple-containerization-on-macos/</a><br>\nJul 22, 2025 Jul 22nd, 2025 6:00am by Janakiram MSV. Featued image for: Tutorial: Setting Up and Exploring Apple Containerization on macOS. In a previous post , I introduced Apple Containers and compared it with Docker Desktop for macOS . In this tutorial, we will explore the CLI to run containers using native Apple Containerization technology on macOS 15 Sequoia. Step 1 – Installing the Container CLI.</p>\n<p><strong>Apple announces Foundation Models and Containerization ...</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44226978\" target=\"_blank\">https://news.ycombinator.com/item?id=44226978</a><br>\n The new foundation frameworks around generative language model stuff looks very swift-y and nice for Apple developers. And it's local and on device.</p>\n<p><strong>Second Experience with Apple Containers!</strong><br>\n<a href=\"https://dev.to/aairom/second-experience-with-apple-containers-53o1\" target=\"_blank\">https://dev.to/aairom/second-experience-with-apple-containers-53o1</a><br>\nOct 17, 2025 Another step with Apple containers! Introduction. My initial blog post detailing my first practical experience with Apple containerization technology sparked a flurry of discussion and significant inquiries from my colleagues. The central question raised — and the point of subsequent internal debate — was whether this capability possessed the necessary maturity and reliability for industrial-scale deployment. My answer to that is an unequivocal “YES.”</p>\n<p><strong>WWDC 2025 - Meet Containerization from Apple - DEV Community</strong><br>\n<a href=\"https://dev.to/arshtechpro/wwdc-2025-meet-containerization-eei\" target=\"_blank\">https://dev.to/arshtechpro/wwdc-2025-meet-containerization-eei</a><br>\nJun 13, 2025 Developer Experience. Apple has also released a companion container command-line tool that demonstrates the framework's capabilities. The tool supports standard container operations like pulling images and running interactive sessions, with containers starting in just hundreds of milliseconds. Open Source Availability. Both the Containerization framework and container tool are available on GitHub, complete with source code, documentation, and example projects.</p>\n</details>\n<details><summary>Contemplated</summary>\n<p>Good initial findings. The Apple container project was announced at WWDC 2025 and is quite new. Key findings so far:</p>\n<ul>\n<li>Written in Swift, optimized for Apple Silicon</li>\n<li>Uses OCI-compatible images</li>\n<li>Requires macOS 26 (Tahoe) - this is significant as it's a future macOS version</li>\n<li>Sub-second container start times</li>\n<li>Uses lightweight VMs via Apple's Virtualization framework</li>\n<li>Currently pre-1.0, stability only guaranteed within patch versions</li>\n<li>53 open issues on GitHub</li>\n</ul>\n<p>I need to dig deeper into:</p>\n<ol>\n<li>The technical architecture (the containerization Swift package, vminitd)</li>\n<li>Community reception on Hacker News and Reddit</li>\n<li>Specific comparisons with Docker/colima/Podman</li>\n<li>Release history and development velocity</li>\n<li>Known limitations and gaps</li>\n<li>The technical overview document</li>\n</ol>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://github.com/apple/container/blob/main/docs/technical-overview.md\" target=\"_blank\">github.com</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>What is the technical architecture of Apple's container project? How does it work under the hood - the virtualization approach, vminitd init system, networking, storage, and how containers are isolated? What are the key architectural differences from Docker?</p>\n<h3>Response</h3>\n<p>Many operating systems support containers, but the most commonly encountered containers are those that run on the Linux operating system. With macOS, the typical way to run Linux containers is to launch a Linux virtual machine (VM) that hosts all of your containers.</p>\n<p><code>container</code> runs containers differently. Using the open source <a href=\"https://github.com/apple/containerization\" target=\"_blank\">Containerization</a> package, it runs a lightweight VM for each container that you create. This approach has the following properties:</p>\n<p>Context: The document explains how 'container' runs containers, contrasting it with typical Linux container setups on macOS.</p>\n<hr>\n<ul>\n<li>Security: Each container has the isolation properties of a full VM, using a minimal set of core utilities and dynamic libraries to reduce resource utilization and attack surface.</li>\n<li>Privacy: When sharing host data using <code>container</code>, you mount only necessary data into each VM. With a shared VM, you need to mount all data that you may ever want to use into the VM, so that it can be mounted selectively into containers.</li>\n</ul>\n<p>Context: This section details the security and privacy benefits of the virtualization approach used by 'container'.</p>\n<hr>\n<p><code>container</code> and the underlying Containerization package integrate with many of the key technologies and frameworks of macOS:</p>\n<ul>\n<li>The Virtualization framework for managing Linux virtual machines and their attached devices.</li>\n<li>The vmnet framework for managing the virtual network to which the containers attach.</li>\n<li>XPC for interprocess communication.</li>\n<li>Launchd for service management.</li>\n<li>Keychain services for access to registry credentials.</li>\n<li>The unified logging system for application logging.</li>\n</ul>\n<p>Context: This describes how 'container' integrates with macOS technologies, including networking and service management.</p>\n<hr>\n<p>The <code>container-apiserver</code> is a launch agent that launches when you run the <code>container system start</code> command, and terminates when you run <code>container system stop</code>. It provides the client APIs for managing container and network resources.</p>\n<p>When <code>container-apiserver</code> starts, it launches an XPC helper <code>container-core-images</code> that exposes an API for image management and manages the local content store, and another XPC helper <code>container-network-vmnet</code> for the virtual network. For each container that you create, <code>container-apiserver</code> launches a container runtime helper <code>container-runtime-linux</code> that exposes the management API for that specific container.</p>\n<p>Context: This explains the core components of the 'container' system, including the API server, helper processes, and runtime.</p>\n<hr>\n<h3>Container to host networking</h3>\n<p>In the initial release, there is no way to route traffic directly from a client in a container to a host-based application listening on the loopback interface at 127.0.0.1. If you were to configure the application in your container to connect to 127.0.0.1 or <code>localhost</code>, requests would simply go to the loopback interface in the container, rather than your host-based service.</p>\n<p>You can work around this limitation by configuring the host-based application to listen on the wildcard address 0.0.0.0, but this practice is insecure and not recommended because, without firewall rules, this exposes the application to external requests.</p>\n<p>A more secure approach uses <code>socat</code> to redirect traffic from the container network gateway to the host-based service. For example, to forward traffic for port 8000, configure your containerized application to connect to <code>192.168.64.1:8000</code> instead of <code>127.0.0.1:8000</code>, and then run the following command in a terminal on your Mac to forward the port traffic from the gateway to the host:</p>\n<pre><code>socat TCP-LISTEN:8000,fork,bind=192.168.64.1 TCP:127.0.0.1:8000\n</code></pre>\n<p>Context: This section addresses limitations and workarounds for container-to-host networking.</p>\n<hr>\n<h4>Network isolation</h4>\n<p>The vmnet framework in macOS 15 can only provide networks where the attached containers are isolated from one another. Container-to-container communication over the virtual network is not possible.</p>\n<h4>Multiple networks</h4>\n<p>In macOS 15, all containers attach to the default vmnet network. The <code>container network</code> commands are not available on macOS 15, and using the <code>--network</code> option for <code>container run</code> or <code>container create</code> will result in an error.</p>\n<h4>Container IP addresses</h4>\n<p>In macOS 15, limitations in the vmnet framework mean that the container network can only be created when the first container starts. Since the network XPC helper provides IP addresses to containers, and the helper has to start before the first container, it is possible for the network helper and vmnet to disagree on the subnet address, resulting in containers that are completely cut off from the network.</p>\n<p>Context: This details network isolation and multi-network limitations specific to macOS 15, which are relevant to understanding the networking architecture.</p>\n<hr>\n<p>images<code>that exposes an API for image management and manages the local content store, and another XPC helper</code>container-network-vmnet` for the virtual network.</p>\n<p>Context: This mentions the 'container-core-images' helper which manages the local content store, relevant to storage.</p>\n<hr>\n<p>Links from Source - Can be extracted on follow up librarian calls:</p>\n<p>Link: https://github.com/apple/containerization<br>\nContext: The 'container' project uses the open source <a href=\"https://github.com/apple/containerization\" target=\"_blank\">Containerization</a> package.<br>\nLink: https://github.com/apple/container/tree/0.4.1<br>\nContext: Example link to a specific release tag for documentation.<br>\nLink: https://github.com/apple/container/releases<br>\nContext: Link to the Release Page for official release documentation.</p>\n<p></details></p>\n<p><details><summary>Gathered key details from:</p>\n<ul>\n<li><a href=\"https://github.com/apple/container/releases\" target=\"_blank\">Releases · apple/container · GitHub</a></summary></li>\n</ul>\n<h3>Query</h3>\n<p>What are the release versions, release dates, and changelog/release notes for the Apple container project? What features have been added over time?</p>\n<h3>Response</h3>\n<p>08 Dec 20:52</p>\n<p><img alt=\"@github-actions\" src=\"IMAGE\"> github-actions</p>\n<p>0.7.1 </p>\n<p><code>420be74</code> </p>\n<p>Compare </p>\n<h1>Choose a tag to compare</h1>\n<p>View all tags</p>\n<p>0.7.1 Latest </p>\n<p>Latest </p>\n<p>This release includes changes to address data integrity issues reported in #614.</p>\n<p>Context: This chunk contains the release date, version number, and a summary of the release notes for version 0.7.1.</p>\n<hr>\n<ul>\n<li>Core <ul>\n<li>Add <code>--max-concurrent-downloads</code> for <code>image pull</code></li>\n</ul>\n</li>\n<li>Storage <ul>\n<li>Use containerization 0.16.1 with fs fix, and set default sync mode to <code>fsync</code></li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core and storage highlights for the 0.7.1 release.</p>\n<hr>\n<h2>What's Changed</h2>\n<ul>\n<li>Add --max-concurrent-downloads flag for parallel layer downloads by @sbhavani in #716</li>\n<li>Data integrity: bump to cz 0.16.1, adjust sync mode. by @jglogan in #939</li>\n</ul>\n<p>Context: This chunk lists the specific changes and contributions for the 0.7.1 release.</p>\n<hr>\n<p>03 Dec 01:24</p>\n<p>0.7.0 </p>\n<p><code>1e19a4d</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.7.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.7.0.</p>\n<hr>\n<h2>Highlights</h2>\n<ul>\n<li>Core <ul>\n<li>⌨️ Replace <code>--disable-progress-updates</code> with <code>--progress none</code> </li>\n<li>Use Rosetta for image builds </li>\n<li>Show image download progress during builds </li>\n<li>Allow use of stdio for image save and load </li>\n<li>Allow reading of Dockerfile from stdin for build </li>\n<li>Add <code>container stats</code></li>\n</ul>\n</li>\n<li>Network <ul>\n<li>Fix HTTPClient crash when download fails before shutdown </li>\n<li>Add support for publish port ranges</li>\n</ul>\n</li>\n<li>Storage <ul>\n<li>Translate block mount options correctly, use sync mode by default </li>\n<li>Add <code>container system df</code> </li>\n<li>Update <code>container image prune</code> to remove unused images as well as content</li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core, network, and storage highlights for the 0.7.0 release.</p>\n<hr>\n<ul>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>h</mi><mi>o</mi><mi>w</mi><mo>−</mo><mi>t</mi><mi>o</mi><mo>−</mo><mi>d</mi><mi>o</mi><mi>c</mi><mi>s</mi></mrow></math></div>: Add steps for installation of completion scripts by @saehejkang in #799</li>\n<li>Update documentation by @dkovba in #805</li>\n<li>Improvements to <code>Makefile</code> by @dkovba in #822</li>\n<li>Improvements to <code>Protobuf.Makefile</code> by @dkovba in #821</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>b</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi><mo>−</mo><mi>c</mi><mi>o</mi><mi>m</mi><mi>m</mi><mi>a</mi><mi>n</mi><mi>d</mi></mrow></math></div>: refactor --progress option by @saehejkang in #810</li>\n<li>Add --mac-address flag to set custom MAC addresses for containers by @DSS3113 in #753</li>\n<li>Update builder-shim to 0.6.3 for metadata only Dockerfile support by @realrajaryan in #825</li>\n<li>Fix container DNS resolution broken by AAAA/IPv6 NXDOMAIN handling by @radoxtech in #786</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>o</mi><mi>p</mi><mi>t</mi><mi>i</mi><mi>o</mi><mi>n</mi><mi>s</mi></mrow></math></div>: Replace --disable-progress-updates with --progress (none | ansi) by @saehejkang in #808</li>\n<li>Fix HTTPClient crash when download fails before shutdown by @realrajaryan in #837</li>\n<li>Clarify container list abstract to mention it shows running containers by @realrajaryan in #840</li>\n<li>Deps: Bump Containerization to 0.13.0 by @dcantah in #848</li>\n<li>UX: fix typos, grammar and consistency issues by @realrajaryan in #845</li>\n<li>Use container-builder-shim 0.7.0, ensures use of Rosetta. by @jglogan in #858</li>\n<li>Fix Info.plist system properties for symlinked <code>container</code>. by @jglogan in #859</li>\n<li>CLI: Implement exec -d by @dcantah in #852</li>\n<li>Add --rosetta option for arm64 images by @rgov in #846</li>\n<li>Actually resolve symlink when loading bundle Info.plist. by @jglogan in #864</li>\n<li>Add support for publish port ranges by @caztanj in #801</li>\n<li>Show image download progress during builds by @realrajaryan in #850</li>\n<li>Proxy refinements (thanks to @Lukasa). by @jglogan in #873</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>t</mi><mi>e</mi><mi>s</mi><mi>t</mi><mi>s</mi></mrow></math></div>: refactor run function for stdin/stdout support by @saehejkang in #830</li>\n<li>Fixes translation from Filesystem props to Mount runtimeOptions. by @jglogan in #877</li>\n<li>Fix progress bar crash on cached image rebuilds by @realrajaryan in #894</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>i</mi><mi>m</mi><mi>a</mi><mi>g</mi><mi>e</mi><mo>−</mo><mi>s</mi><mi>a</mi><mi>v</mi><mi>e</mi><mo>−</mo><mi>l</mi><mi>o</mi><mi>a</mi><mi>d</mi></mrow></math></div>: support for stdin/stdout by @saehejkang in #734</li>\n<li>Import <code>--publish</code> checks and data representation. by @jglogan in #872</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>c</mi><mi>o</mi><mi>n</mi><mi>t</mi><mi>a</mi><mi>i</mi><mi>n</mi><mi>e</mi><mi>r</mi><mo>−</mo><mi>b</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi></mrow></math></div>: Support inline Dockerfile from stdin by @saehejkang in #827</li>\n<li>Fix TestCLICreateCommand failing test by @tico88612 in #897</li>\n<li>Implement container stats by @dcantah in #851</li>\n<li>Fix container stats build break by @dcantah in #898</li>\n<li>Adds client uid validation to XPC server. by @jglogan in #896</li>\n<li>Updates to CZ 0.14.0. by @jglogan in #903</li>\n<li>Added the split method for labeler workflow by @Ronitsabhaya75 in #788</li>\n<li>Add <code>container system df</code> command for disk usage reporting by @realrajaryan in #902</li>\n<li>Build input file cannot be found: '.../CAuditToken.o' by @dkovba in #908</li>\n<li>Fix <code>container image prune</code> to actually remove images, add <code>-a</code> flag support, and bump cz to 0.15.0 by @realrajaryan in #909</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>d</mi><mi>o</mi><mi>c</mi><mi>s</mi></mrow></math></div>: add volume prune to command reference by @saehejkang in #910</li>\n<li>fix: connect to backend immediately on channel active for server-first protocols(#794) by @Ronitsabhaya75 in #813</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>d</mi><mi>o</mi><mi>c</mi><mi>s</mi></mrow></math></div>: move callout regarding documentation revisions by @saehejkang in #921</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>n</mi><mi>e</mi><mi>t</mi><mi>w</mi><mi>o</mi><mi>r</mi><mi>k</mi><mi>s</mi></mrow></math></div>: Add creationDate field by @saehejkang in #791</li>\n<li>Fix incorrect creationDate for networks. by @jglogan in #926</li>\n<li>Updates CZ to 0.16.0. by @jglogan in #927</li>\n</ul>\n<p>Context: This chunk lists the specific changes and contributions for the 0.7.0 release.</p>\n<hr>\n<p>27 Oct 23:08</p>\n<p>0.6.0 </p>\n<p><code>a23bcf0</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.6.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.6.0.</p>\n<hr>\n<h2>Highlights</h2>\n<p><strong>IMPORTANT</strong> The fix for issue #416 changes the location of the image store for <code>container</code> from <code>~/Library/Application\\ Support/com.apple.container/.build</code> to <code>~/Library/Application\\ Support/com.apple.container/builder</code>. If you want to retain the content of your old store, stop <code>container</code>, move the old directory to the new pathname (replacing the <code>.build</code> directory if necessary), and start the application again. Or, you can delete the unused <code>.build</code> directory when you want to recover the storage capacity.</p>\n<p>Context: This chunk provides important release notes regarding a directory change for version 0.6.0.</p>\n<hr>\n<ul>\n<li>Core <ul>\n<li>Rename <code>.build</code> directory to <code>builder</code> in application data </li>\n<li>Recognize multiple <code>build --tag</code> options </li>\n<li>Correct behavior in env files</li>\n</ul>\n</li>\n<li>Network <ul>\n<li>Add <code>network create --subnet</code> </li>\n<li>Add <code>container run --network none</code> for containers with no network connectivity </li>\n<li>Correct behavior for proxy environment variables for image fetch </li>\n<li>Correct behavior for proxy environment variables for kernel fetch</li>\n</ul>\n</li>\n<li>Storage <ul>\n<li>Add anonymous volumes </li>\n<li>Implicit creation of named volumes </li>\n<li>Add <code>volume --prune</code></li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core, network, and storage highlights for the 0.6.0 release.</p>\n<hr>\n<p><strong>Full Changelog</strong>: 0.4.1...0.5.0</p>\n<ul>\n<li>Removes \"all rights reserved\" from license header. by @jglogan in #711</li>\n<li>CLI: Fix env-file parsing by @dcantah in #707</li>\n<li>Remove StandardErrorPath and StandardOutPath from launchd plists by @katiewasnothere in #742</li>\n<li>Fix race condition in ContainersService.create() by @bismansahni in #721</li>\n<li>Fix broken proxy configuration for default kernel fetch. by @jglogan in #747</li>\n<li>Moves <code>.build</code> directory to <code>builder</code>. by @jglogan in #749</li>\n<li>make: add coverage target by @egernst in #685</li>\n<li>Support --subnet in network create by @siikamiika in #737</li>\n<li>Add image env variables to builder start command by @katiewasnothere in #756</li>\n<li>Add app bundle Info.plist as a system property source. by @jglogan in #764</li>\n<li>Add support for anonymous volumes by @realrajaryan in #768</li>\n<li>Implicitly create named volumes by @realrajaryan in #769</li>\n<li>Update make-docs.sh to prevent HTML errors by @GenkaOk in #771</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>c</mi><mi>o</mi><mi>n</mi><mi>t</mi><mi>a</mi><mi>i</mi><mi>n</mi><mi>e</mi><mi>r</mi><mo>−</mo><mi>s</mi><mi>y</mi><mi>s</mi><mi>t</mi><mi>e</mi><mi>m</mi><mo>−</mo><mi>d</mi><mi>n</mi><mi>s</mi><mo>−</mo><mi>l</mi><mi>s</mi></mrow></math></div>: add --format and --quiet options by @saehejkang in #720</li>\n<li>added the new workflow that automatically puts the labels in PR by @Ronitsabhaya75 in #741</li>\n<li>Revert \"added the new workflow that automatically puts the labels in PR\" by @katiewasnothere in #776</li>\n<li>chore: restrict GitHub workflow permissions - future-proof by @incertum in #781</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>c</mi><mi>o</mi><mi>n</mi><mi>t</mi><mi>a</mi><mi>i</mi><mi>n</mi><mi>e</mi><mi>r</mi><mo>−</mo><mi>r</mi><mi>u</mi><mi>n</mi><mo>−</mo><mi>c</mi><mi>r</mi><mi>e</mi><mi>a</mi><mi>t</mi><mi>e</mi></mrow></math></div>: add support for --network none by @saehejkang in #739</li>\n<li>add support for multiple --tag flags in build by @realrajaryan in #785</li>\n<li>Integration: Fix image inspect error message by @dcantah in #795</li>\n<li>Deps: Bump Containerization to 0.11.0 by @dcantah in #796</li>\n<li>Make container start idempotent by @dcantah in #792</li>\n<li>add volume prune command by @realrajaryan in #783</li>\n<li>Raise createEndpoint response timeout by @dcantah in #797</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>c</mi><mi>o</mi><mi>m</mi><mi>m</mi><mi>a</mi><mi>n</mi><mi>d</mi><mo>−</mo><mi>r</mi><mi>e</mi><mi>f</mi><mi>e</mi><mi>r</mi><mi>e</mi><mi>n</mi><mi>c</mi><mi>e</mi></mrow></math></div>: Document what \"auto\" means in container run by @saehejkang in #765</li>\n<li>Bump Containerization to 0.12.0. by @jglogan in #802</li>\n<li>Dns: Fix delete error message by @dcantah in #803</li>\n<li>CZ 0.12.1 - pick up relay fixes, other goodies. by @jglogan in #804</li>\n<li>Use a consistent capitalization in log and error messages by @dkovba in #806</li>\n<li>Lowercase stdin, stdout, stderr by @dkovba in #807</li>\n<li>Build: Fallback to Containerfile if Dockerfile not found by @dcantah in #812</li>\n<li>\n<p>Propagate host ssh socket permissions to relay socket in guest. by @jglogan in #811</p>\n</li>\n<li>\n<p>@bismansahni made their first contribution in #721</p>\n</li>\n<li>@siikamiika made their first contribution in #737</li>\n<li>@GenkaOk made their first contribution in #771</li>\n<li>@saehejkang made their first contribution in #720</li>\n<li>@Ronitsabhaya75 made their first contribution in #741</li>\n<li>@incertum made their first contribution in #781</li>\n</ul>\n<p><strong>Full Changelog</strong>: 0.5.0...0.6.0</p>\n<p>Context: This chunk lists the specific changes and contributions for the 0.6.0 release.</p>\n<hr>\n<p>02 Oct 18:03</p>\n<p>0.5.0 </p>\n<p><code>48230f3</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.5.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.5.0.</p>\n<hr>\n<h2>Highlights</h2>\n<ul>\n<li>Core <ul>\n<li>⌨️ Remove <code>images</code> alias for <code>container image</code>. </li>\n<li>⌨️ <code>container system property</code> commands for managing settings. </li>\n<li>⌨️ Use com.apple.container.registry as keychain ID.. You will need to perform <code>container registry login</code> again for your registries to establish new keychain entries. You can delete the old <code>com.apple.container</code> keychain entries using the Keychain Access tool. </li>\n<li>👩💻 Expose <code>ContainerCommands</code> for external use. </li>\n<li>👩💻 Use APIServer for sandbox management operations.. This PR includes significant changes to the ContainerClient API. </li>\n<li><code>container image save</code> can save multiple images. </li>\n<li>Revert inadvertent pull platform filtering. Note that this will cause image pull times to be longer for now, as observed in the original issue. </li>\n<li>Cleaned up help output for commands.</li>\n</ul>\n</li>\n<li>Network <ul>\n<li>Add --labels for networks.</li>\n</ul>\n</li>\n<li>Storage <ul>\n<li>Fixed regression on relative path as a virtiofs mount source.</li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core, network, and storage highlights for the 0.5.0 release.</p>\n<hr>\n<ul>\n<li>Create command-reference.md by @wlan0 in #445</li>\n<li>Uninstaller: call usage if incorrect number of options are provided by @katiewasnothere in #556</li>\n<li>Fix relative path bind mounts regression by @realrajaryan in #572</li>\n<li>Support following symlinks in tar when setting default kernel by @katiewasnothere in #575</li>\n<li>Add force option to kernel set and add tests for kernel setting by @katiewasnothere in #579</li>\n<li>Allow kernel set with tar to use relative paths to tar file by @katiewasnothere in #582</li>\n<li>Remove description field in PR template by @katiewasnothere in #583</li>\n<li>DefaultCommand signal behavior improvements for plugins by @mazdak in #570</li>\n<li>Package.swift: Bump CZ to 0.7.0 by @dcantah in #584</li>\n<li>Make \"Plugin not found\" message more descriptive by @mazdak in #569</li>\n<li>Adds multiple image save to tarfile. by @jglogan in #560</li>\n<li>Add a build parameter to handle warnings as errors by @dkovba in #591</li>\n<li>Remove images alias for image subcommand. by @jglogan in #597</li>\n<li>Docs: Update upgrade process in <code>README.md</code>. by @jglogan in #595</li>\n<li>Pass DNS integration tests when default domain is set. by @jglogan in #594</li>\n<li>Revert inadvertent pull platform filtering from #545. by @jglogan in #593</li>\n<li>Remove per-target concurrency checking by @dkovba in #601</li>\n<li>Use containerization 0.7.1. by @jglogan in #606</li>\n<li>Update builder shim version to 0.6.1 to support default global args by @katiewasnothere in #605</li>\n<li>Bump containerization dependency to 0.7.2. by @jglogan in #610</li>\n<li>Add <code>--labels</code> for networks. by @jglogan in #600</li>\n<li>Relocates API server to Helpers, service to Services. by @jglogan in #616</li>\n<li>Enumerate using relative paths to avoid mismatch with symlink resolution of special paths like /tmp by @katiewasnothere in #613</li>\n<li>Replace scattered defaults subcommands with <code>system property</code>. by @jglogan in #604</li>\n<li>Use a lock consistently in the <code>ExecutionContext</code> class by @dkovba in #619</li>\n<li>Fix failing network tests by @dkovba in #620</li>\n<li>Expose Command Structs for Plugins by @Mcrich23 in #603</li>\n<li>Rename CLI and ExecutableCLI folders by @Mcrich23 in #635</li>\n<li>Bump CZ to 0.8.0 by @dcantah in #648</li>\n<li>SandboxService: Turn off RunAtLoad for the default plugin by @dcantah in #649</li>\n<li>CLI: Skip stopping containers in system stop if APIServer is down by @dcantah in #650</li>\n<li>Use com.apple.container.registry as keychain ID. by @jglogan in #652</li>\n<li>Swap to APIServer for all communications by @dcantah in #628</li>\n<li>Remove Native Builder from the <code>main</code> branch by @dkovba in #634</li>\n<li>Clarify memory units in help and documentation. by @jglogan in #657</li>\n<li>Cleans up system subcommand options. by @jglogan in #662</li>\n<li>Cleans up network and volume subcommands. by @jglogan in #661</li>\n<li>Cleans up build subcommand options. by @jglogan in #658</li>\n<li>Cleans up registry subcommand options. by @jglogan in #660</li>\n<li>ClientContainer: Remove response timeout from <code>stop</code> by @dcantah in #667</li>\n<li>Cleans up option groups, container subcommand help. by @jglogan in #647</li>\n<li>Add and use <code>container-apiserver start</code>. by @jglogan in #655</li>\n<li>Add and use <code>container-runtime-linux start</code>. by @jglogan in #654</li>\n<li>Cleans up image subcommand options. by @jglogan in #659</li>\n<li>Bumps containerization to 0.8.1. by @jglogan in #674</li>\n</ul>\n<p>Context: This chunk lists the specific changes and contributions for the 0.5.0 release.</p>\n<hr>\n<p>28 Aug 01:55</p>\n<p><img alt=\"@jglogan\" src=\"IMAGE\"> jglogan</p>\n<p>0.4.1 </p>\n<p><code>4ac18b5</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>Context: This chunk contains the release date and version number for version 0.4.1.</p>\n<hr>\n<p>More fixes and features in the August release...thank you for all of the contributions!</p>\n<p>The most notable feature in this release are named volumes (<code>container volume create</code>). One difference between named volumes in <code>container</code> and in other systems is that you can't read-write a named volume across multiple running containers (VMs).</p>\n<p>Why no 0.4.0? We had to discard that tag due to a couple test regressions.</p>\n<p>Context: This chunk provides a summary and explanation for the 0.4.1 release, including the absence of 0.4.0.</p>\n<hr>\n<h2>Highlights</h2>\n<ul>\n<li>Core <ul>\n<li><code>systemd</code> can run in containers </li>\n<li>Unified <code>--platform</code>, <code>--os</code>, <code>--arch</code> flag support </li>\n<li>Improved interactive input handling (<code>-i</code> flag) </li>\n<li>Consistent <code>--version</code> output</li>\n</ul>\n</li>\n<li>Network <ul>\n<li>Automatic <code>/etc/hosts</code> generation </li>\n<li>DNS hostname conflict prevention </li>\n<li>Prevent deletion of referenced networks </li>\n<li>SSH auth socket forwarding for <code>run</code> and <code>exec</code> commands</li>\n</ul>\n</li>\n<li>Storage <ul>\n<li>Create and manage named volumes with <code>container volume</code>.</li>\n</ul>\n</li>\n<li>Plugins <ul>\n<li>Custom application data root support with <code>--app-root</code></li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core, network, storage, and plugin highlights for the 0.4.1 release.</p>\n<hr>\n<ul>\n<li>Add initial native builder code by @katiewasnothere in #399</li>\n<li>Transition to <code>Mutex</code> by @dkovba in #364</li>\n<li>Optionally resolve wrapper index to single-platform manifest based on <code>com.apple.containerization.index.indirect</code> annotation by @stevapple in #397</li>\n<li>Do not print task descriptions with disabled progress updates by @dkovba in #444</li>\n<li>Generate /etc/hosts by default by @dcantah in #423</li>\n<li>Native Builder: Add parser support for CMD and LABEL instructions by @katiewasnothere in #448</li>\n<li>Native builder: remove option token in favor of string literals by @katiewasnothere in #450</li>\n<li>Named Volumes by @realrajaryan in #362</li>\n<li>Select alternate data path with <code>container system start --app-root path</code>. by @jglogan in #419</li>\n<li>Native builder parser support for EXPOSE by @katiewasnothere in #465</li>\n<li>Prevent removal of network with container references. by @jglogan in #470</li>\n<li>Relocate and rename <code>ClientDefaults</code>. by @jglogan in #474</li>\n<li>Fixes for install root and plugin detection. by @jglogan in #467</li>\n<li>Clarify macOS version support and minor style tweaks by @timsneath in #485</li>\n<li>CLI (run): Only ask for stdin for -i by @dcantah in #483</li>\n<li>Native Builder: DiffKey and Differ Procol by @wlan0 in #482</li>\n<li>Native Builder: Define Snapshotter protocol by @wlan0 in #491</li>\n<li>Native Builder: Build Cache to use new snapshotter by @wlan0 in #492</li>\n<li>CLI: Defer tty reset immediately by @dcantah in #488</li>\n<li>Make Parser functions public for CLI plugins by @Reneechang17 in #494</li>\n<li>Fixes builder compiler errors and warnings. by @jglogan in #495</li>\n<li>Preserve permissions by default and fix warnings by @dkovba in #496</li>\n<li>Ensure two containers cannot use the same DNS hostname. by @jglogan in #490</li>\n<li>Add SSH auth socket forwarding by @Reneechang17 in #502</li>\n<li>Adds how-to section for <code>--ssh</code>. by @jglogan in #503</li>\n<li>Adds <code>container builder rm</code> alias. by @jglogan in #505</li>\n<li>Fix SSH forwarding for exec process by @Reneechang17 in #506</li>\n<li>Docs: clarify Xcode 26 beta must be the active developer directory by @unitof in #238</li>\n<li>Extract version output logic so <code>--version</code> is consistent. by @jglogan in #517</li>\n<li>Bump containerization dependency to 0.6.0 by @jglogan in #526</li>\n<li>Add the support for ARG in the native builder parser by @dkovba in #516</li>\n<li>Allow traversing symlink when checking for builtin plugins. by @jglogan in #528</li>\n<li>Fix a warning when testing by @dkovba in #531</li>\n<li>Bump CZ to 0.6.1 by @dcantah in #540</li>\n<li>Bump CZ to 0.6.2 by @dcantah in #543</li>\n<li>Integration: Log container bootlog in run test failures by @dcantah in #541</li>\n<li>ContainerService: Move force delete logic to daemon by @dcantah in #536</li>\n<li>ContainerService: Remove lock from list() by @dcantah in #537</li>\n<li>CLI: Send logs to stderr by @dcantah in #544</li>\n<li>Revert \"Integration: Log container bootlog in run test failures (#541)\" by @dcantah in #548</li>\n<li>\n<p>Uniform support for <code>--platform</code>, <code>--os</code>, <code>--arch</code>. by @jglogan in #545</p>\n</li>\n<li>\n<p>@stevapple made their first contribution in #397</p>\n</li>\n<li>@timsneath made their first contribution in #485</li>\n<li>@unitof made their first contribution in #238</li>\n</ul>\n<p><strong>Full Changelog</strong>: 0.3.0...0.4.0</p>\n<h3>Contributors</h3>\n<ul>\n<li><img alt=\"@jglogan\" src=\"IMAGE\"></li>\n<li><img alt=\"@wlan0\" src=\"IMAGE\"></li>\n<li><img alt=\"@timsneath\" src=\"IMAGE\"></li>\n<li><img alt=\"@unitof\" src=\"IMAGE\"></li>\n<li><img alt=\"@katiewasnothere\" src=\"IMAGE\"></li>\n<li><img alt=\"@stevapple\" src=\"IMAGE\"></li>\n<li><img alt=\"@dcantah\" src=\"IMAGE\"></li>\n<li><img alt=\"@realrajaryan\" src=\"IMAGE\"></li>\n<li><img alt=\"@Reneechang17\" src=\"IMAGE\"></li>\n<li><img alt=\"@dkovba\" src=\"IMAGE\"></li>\n</ul>\n<p>jglogan, wlan0, and 8 other contributors</p>\n<p>Context: This chunk lists the specific changes and contributions for the 0.4.1 release.</p>\n<hr>\n<p>30 Jul 22:22</p>\n<p>0.3.0 </p>\n<p><code>3fcf647</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.3.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.3.0.</p>\n<hr>\n<p>Beginning with the 0.3.0 release, we're aiming to release on a monthly cycle. For now, each monthly release will increment the minor version. Should we need to create an off cycle patch release, we'll bump the patch version.</p>\n<p>Context: This chunk mentions the release cycle aim and versioning strategy for the 0.3.0 release.</p>\n<hr>\n<h2>Highlights</h2>\n<ul>\n<li>Core <ul>\n<li>Enumerate a well known path where user-installed plugins can be found </li>\n<li>Fix output of plugin details in CLI help </li>\n<li>Fix handling of process options in <code>container create</code> </li>\n<li>Enable nested virtualization in containers </li>\n<li>Several fixes for thread safety</li>\n</ul>\n</li>\n<li>Network <ul>\n<li>Publish TCP and UDP ports on localhost</li>\n</ul>\n</li>\n<li>Builder <ul>\n<li>Fixed build hangs/crashes </li>\n<li>Use previous build stage names as image in subsequent <code>FROM</code> statements </li>\n<li>Fix output for builds with <code>--output type=tar</code> </li>\n<li>Support building with <code>--output local</code> </li>\n<li>Improved options for specifying build platforms</li>\n</ul>\n</li>\n</ul>\n<p>Context: This chunk details the core, network, and builder highlights for the 0.3.0 release.</p>\n<hr>\n<ul>\n<li>Use a consistent capitalization in a bug report template by @dkovba in #269</li>\n<li>Adds next step link for building the project. by @jglogan in #278</li>\n<li>Docs for shell completion by @adityaramani in #275</li>\n<li>Add unpack strategy to SnapshotStore by @adityaramani in #274</li>\n<li>Use enum for ClientHealthCheck namespace by @eliseomartelli in #225</li>\n<li>Assigns default nameserver in sandbox service. by @jglogan in #276</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>B</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi></mrow></math></div> Disable rosetta during builds with a UserDefault by @wlan0 in #273</li>\n<li>Cleanups for CI by @adityaramani in #287</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>B</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi></mrow></math></div> update builder shim to 0.3.0 by @wlan0 in #288</li>\n<li>Fix build with local images test by @katiewasnothere in #285</li>\n<li>Updates SPI manifest to build on 6.2 only. by @jglogan in #297</li>\n<li>Mark SandboxSnapshot init as public for sandbox plugins by @ArnavReddy in #309</li>\n<li>Flush output when following logs. by @jglogan in #316</li>\n<li>ProcessIO: Don't error if stdin isn't a pty and !-i by @dcantah in #312</li>\n<li>Use <code>swift package edit</code> instead of <code>CONTAINERIZATION_PATH</code>. by @jglogan in #318</li>\n<li>fix typo in local package path for building by @Typ0genius in #327</li>\n<li>Handle when keychain query returns an unhandled error by @katiewasnothere in #331</li>\n<li>Use <code>Mutex</code> for thread-safe access to structs by @dkovba in #325</li>\n<li>Use the new <code>@SendablePropertyUnchecked</code> macro by @dkovba in #332</li>\n<li>Docs: Add macOS 15 container-to-container communication limitation note to the tutorial by @zdk in #328</li>\n<li>Use <code>{install-root}/libexec/container-plugins</code> for plugins. by @jglogan in #341</li>\n<li>Add test for using previous stages as FROM source by @katiewasnothere in #342</li>\n<li>Make image details public by @Typ0genius in #335</li>\n<li>Quote paths in Makefile by @realrajaryan in #350</li>\n<li>Fix subcommand groups in top level help. by @jglogan in #351</li>\n<li>Adds TCP and UDP port forwarders. by @jglogan in #338</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>B</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi></mrow></math></div> fixes for tar output mode by @wlan0 in #353</li>\n<li>Fix broken link to tutorial.md by @sbehnke in #358</li>\n<li>Use wildcard IP for UDP backend local address. by @jglogan in #359</li>\n<li>Add cause string to error message sent with xpc by @katiewasnothere in #361</li>\n<li>CLI: Handle stdin stream if it's a regular file by @dcantah in #322</li>\n<li>Adds <code>--publish</code> flag for forwarding traffic to container ports. by @jglogan in #352</li>\n<li>Applies feedback for PR #352. by @jglogan in #365</li>\n<li>add support for local build output by @wlan0 in #369</li>\n<li>Update xcode developer version to new symlink by @katiewasnothere in #374</li>\n<li>Clarified documentation by @sam-lord in #388</li>\n<li>Bump Containerization to 0.5.0 by @dcantah in #363</li>\n<li>Fix user arg passthrough for container create by @katiewasnothere in #393</li>\n<li>Explain how to install a release build in BUILDING.md by @justinyaodu in #379</li>\n<li>\n<p>Add virtualization support for containers by @dcantah in #377</p>\n</li>\n<li>\n<p>@Typ0genius made their first contribution in #327</p>\n</li>\n<li>@zdk made their first contribution in #328</li>\n<li>@realrajaryan made their first contribution in #350</li>\n<li>@sbehnke made their first contribution in #358</li>\n<li>@sam-lord made their first contribution in #388</li>\n<li>@justinyaodu made their first contribution in #379</li>\n</ul>\n<p><strong>Full Changelog</strong>: 0.2.0...0.3.0</p>\n<p>Context: This chunk lists the specific changes and contributions for the 0.3.0 release.</p>\n<hr>\n<p>27 Jun 22:06</p>\n<p>0.2.0 </p>\n<p><code>3b5c253</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.2.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.2.0.</p>\n<hr>\n<p>This release includes a wide range of improvements across the repository. Thanks to all contributors for your work to improve container!</p>\n<p>Context: This chunk provides a general statement about the improvements in the 0.2.0 release.</p>\n<hr>\n<h2>Highlights:</h2>\n<ul>\n<li>Clean up spelling errors and temporary test logic after launch</li>\n<li>Improve documentation content and build process</li>\n<li>Github runners now build the project with swift 6.2 and Xcode 26 beta</li>\n<li>Add ability to add multiple network interfaces in single container (on MacOS 26) (see here)</li>\n<li>Add a new <code>container system status</code> command (see here)</li>\n<li>Remove the <code>container system restart</code> command (see here)</li>\n<li>Add support for publishing sockets from container to host</li>\n</ul>\n<p>Context: This chunk details the highlights for the 0.2.0 release, including documentation, build process, network interfaces, and commands.</p>\n<hr>\n<ul>\n<li>Fix small typo in README by @owenarthur in #56</li>\n<li>Fix typo in Parser.swift by @sadikkuzu in #64</li>\n<li>Publish docs from main by @katiewasnothere in #67</li>\n<li>Adds base path for GitHub Pages publishing. by @jglogan in #69</li>\n<li>Clean up typos in docs, fix reference to default subnet by @owenarthur in #71</li>\n<li>Add local docsite directory to .gitignore. by @jglogan in #73</li>\n<li>Remove use of REPO_READ token by @katiewasnothere in #124</li>\n<li>Append <code>.git</code> for <code>dependencies</code> in <code>Package.swift</code> for consistency. by @lamtrinhdev in #82</li>\n<li>Skip unpacking unsupported platforms by @adityaramani in #127</li>\n<li>Remove unused flags from registry login by @katiewasnothere in #128</li>\n<li>Add new <code>system status</code> command by @gonzolino in #118</li>\n<li>Update technical-overview.md doc with current code by @vadikgo in #86</li>\n<li>Add the option to disable progress updates on image CLI calls by @katiewasnothere in #146</li>\n<li>Removes build variable that is not needed after launch. by @jglogan in #151</li>\n<li>Remove trailing whitespace from GitHub workflows by @pstoeckle in #154</li>\n<li>Add issue templates for bugs and features by @katiewasnothere in #152</li>\n<li>Updated gitignore: .idea by @KeoFoxy in #138</li>\n<li>Update protos and add builder shim version in Package.swift by @katiewasnothere in #176</li>\n<li>Add missing link to repo CoC in issue template by @katiewasnothere in #157</li>\n<li>Remove temporary workaround for image auth to ghcr by @katiewasnothere in #155</li>\n<li>define JSONDecoder() outside of for loop in load() by @elijah-wright in #159</li>\n<li>fix: typo by @umitdemirci in #153</li>\n<li>Adds Swift Package Index crawler metadata. by @jglogan in #181</li>\n<li>Fix: consolidate UserDefaults service name by @yibozhuang in #161</li>\n<li>Improve accuracy of progress updates by @dkovba in #144</li>\n<li>container registry login host:port error fix by @makhov in #170</li>\n<li>Update issue templates by @dkovba in #184</li>\n<li>Add default year for hawkeye formatting by @katiewasnothere in #180</li>\n<li>Fix release workflow: tag regex, artifact validation, and token usage by @Thedarkmatter10 in #187</li>\n<li>Fix typos by @pstoeckle in #122</li>\n<li>README: Add project status by @dcantah in #192</li>\n<li>Remove the system restart command by @adityaramani in #196</li>\n<li>fix(common.yml): globalize CURRENT_SDK, improve shell safety and imp… by @Thedarkmatter10 in #178</li>\n<li>Remove editor specific git ignore rules by @katiewasnothere in #197</li>\n<li>refactor: fix typos by @noritaka1166 in #77</li>\n<li>Update the names of Xcode and macOS by @dkovba in #123</li>\n<li>Throw errors in ServiceManager by @eliseomartelli in #188</li>\n<li>Update to Swift 6.2 by @dkovba in #195</li>\n<li>Plugins: Remove unused devnull var by @dcantah in #214</li>\n<li>Spelling by @jsoref in #207</li>\n<li>use rotatingAllocator for ipam by @crosbymichael in #217</li>\n<li>Require having a Mac with Apple silicon and Xcode 26 beta by @dkovba in #125</li>\n<li>Make test suites run sequentially with respect to other test suites by @katiewasnothere in #200</li>\n<li>Wait for IO streams to complete before a process exits by @adityaramani in #198</li>\n<li>Fix warnings in <code>make docs</code> by @dkovba in #220</li>\n<li>makefile: Change build_bin_dir to be lazily evaluated by @dcantah in #221</li>\n<li>Fix Race Condition in Container Removal (#130) by @ramsyana in #218</li>\n<li>provide suggestion if xpc 'Connection invalid' error encountered by @heywoodlh in #179</li>\n<li>Add socket publishing functionality by @Reneechang17 in #236</li>\n<li>limit build and test for runners to Apple repository by @heckj in #228</li>\n<li>Redirect to the documentation from the homepage by @dkovba in #245</li>\n<li>Fix typo in technical-overview.md by @johnspurlock in #253</li>\n<li>Remove <code>@unchecked Sendable</code> by @dkovba in #250</li>\n<li>Regenerate documentation on <code>make docs</code> by @dkovba in #246</li>\n<li>Add test that we replace meta args in builder correctly by @katiewasnothere in #255</li>\n<li>\n<div class=\"math-box\"><math xmlns=\"http://www.w3.org/1998/Math/MathML\" display=\"block\"><mrow><mi>B</mi><mi>u</mi><mi>i</mi><mi>l</mi><mi>d</mi></mrow></math></div> Do not use unbounded DispatchIO readers for tar tranfers by @wlan0 in #257</li>\n<li>Move github issues to use feature and bug Types instead of Labels by @katiewasnothere in #258</li>\n<li>Remove the support for <code>CURRENT_SDK</code> by @dkovba in #251</li>\n<li>Improve error handling in answerHost by @eliseomartelli in #226</li>\n<li>Remove use of triage label by @katiewasnothere in #262</li>\n<li>Add version info to package installer by @katiewasnothere in #249</li>\n<li>\n<p>Adds <code>container network</code> for macOS 26. by @jglogan in #243</p>\n</li>\n<li>\n<p>@owenarthur made their first contribution in #56</p>\n</li>\n<li>@sadikkuzu made their first contribution in #64</li>\n<li>@lamtrinhdev made their first contribution in #82</li>\n<li>@gonzolino made their first contribution in #118</li>\n<li>@vadikgo made their first contribution in #86</li>\n<li>@pstoeckle made their first contribution in #154</li>\n<li>@KeoFoxy made their first contribution in #138</li>\n<li>@elijah-wright made their first contribution in #159</li>\n<li>@umitdemirci made their first contribution in #153</li>\n<li>@yibozhuang made their first contribution in #161</li>\n<li>@makhov made their first contribution in #170</li>\n<li>@Thedarkmatter10 made their first contribution in #187</li>\n<li>@dcantah made their first contribution in #192</li>\n<li>@noritaka1166 made their first contribution in #77</li>\n<li>@eliseomartelli made their first contribution in #188</li>\n<li>@jsoref made their first contribution in #207</li>\n<li>@ramsyana made their first contribution in #218</li>\n<li>@heywoodlh made their first contribution in #179</li>\n<li>@Reneechang17 made their first contribution in #236</li>\n<li>@johnspurlock made their first contribution in #253</li>\n</ul>\n<p><strong>Full Changelog</strong>: 0.1.0...0.2.0</p>\n<p>Context: This chunk lists the specific changes and contributions for the 0.2.0 release.</p>\n<hr>\n<p>09 Jun 22:22</p>\n<p><img alt=\"@egernst\" src=\"IMAGE\"> egernst</p>\n<p>0.1.0 </p>\n<p><code>0fd8692</code> </p>\n<p>Compare </p>\n<p>View all tags</p>\n<p>0.1.0 </p>\n<p>Context: This chunk contains the release date and version number for version 0.1.0.</p>\n<hr>\n<p>🎉 Initial release of container</p>\n<p><code>container</code> is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.</p>\n<p>The tool consumes and produces OCI-compliant container images, so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compliant application.</p>\n<p><code>container</code> uses the Containerization Swift package for low level container, image, and process management.</p>\n<p>Context: This chunk provides a description of the initial release (0.1.0) of the container project, its purpose, and its underlying technology.</p>\n<hr>\n<p>Links from Source - Can be extracted on follow up librarian calls:</p>\n<p>Link: https://github.com/apple/container/releases<br>\nContext: This is the GitHub releases page for the apple/container project, which contains the information about all releases, their dates, and changelogs.<br>\nLink: https://github.com/apple/container/blob/main/CHANGELOG.md<br>\nContext: While not directly provided in the text, a CHANGELOG.md file is a common place to find detailed release notes for projects on GitHub. This link would likely lead to such a file if it exists.</p>\n<p></details></p>\n<p><details><summary>Contemplated</summary></p>\n<p>Excellent release history data. The project has been actively developed since June 2025 (WWDC 2025 announcement). Key observations:</p>\n<p>Release timeline:</p>\n<ul>\n<li>0.1.0: June 9, 2025 (initial release)</li>\n<li>0.2.0: June 27, 2025</li>\n<li>0.3.0: July 30, 2025 (monthly release cycle announced)</li>\n<li>0.4.1: August 28, 2025</li>\n<li>0.5.0: October 2, 2025</li>\n<li>0.6.0: October 27, 2025</li>\n<li>0.7.0: December 3, 2025</li>\n<li>0.7.1: December 8, 2025 (latest, addressing data integrity issues)</li>\n</ul>\n<p>Development velocity is high - 7 releases in ~6 months with significant feature additions. Many external contributors are joining.</p>\n<p>Key features added over time:</p>\n<ul>\n<li>Named volumes</li>\n<li>Port publishing (TCP/UDP)</li>\n<li>Network isolation and custom networks (macOS 26)</li>\n<li>systemd support</li>\n<li>Rosetta support for arm64 images</li>\n<li>SSH auth socket forwarding</li>\n<li>container stats</li>\n<li>container system df</li>\n<li>Plugin architecture</li>\n</ul>\n<p>Now I need to:</p>\n<ol>\n<li>Get community reception from Hacker News</li>\n<li>Get detailed technical comparison with Docker/colima/Podman</li>\n<li>Look at the issues to understand stability concerns</li>\n<li>Check the containerization package for more technical details</li>\n</ol>\n<p></details></p>\n<p><details><summary>Searched with Kagi</p>\n<ul>\n<li>Apple container WWDC 2025</li>\n<li>Apple containerization framework developer review experience</summary><br>\n Sources (20):<br>\n<strong>Apple announces Foundation Models and Containerization ...</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44226978\" target=\"_blank\">https://news.ycombinator.com/item?id=44226978</a><br>\n The thing macOS really painfully lacks is not ergonomic ways to run Linux VMs, but actual, native containers-- macOS containers. And third parties can't really implement this well without Apple's cooperation.</li>\n</ul>\n<p><strong>Containerization is a Swift package for running Linux containers on...</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44229348\" target=\"_blank\">https://news.ycombinator.com/item?id=44229348</a><br>\nJun 10, 2025 This a feature targeting developers or perhaps apps running on end-user machine where page cache sharing between applications or container does not typically get much of RAM saving. Linux kernel overhead itself while non-trivial is still very manageable in those settings. AWS Nitro stripped down VM kernel is about 40 MB, I suppose for Apple solution it will be similar.</p>\n<p><strong>Okay, the AI stuff is cool, but that \"Containerization framework ...</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44227240\" target=\"_blank\">https://news.ycombinator.com/item?id=44227240</a><br>\n Running Docker in a VM always has been quite painful on Mac due to the excess amount of memory it uses, and Macs not really having a lot of RAM. It's still a problem for containers-in-VMs.</p>\n<p><strong>Apple Is on Defense at WWDC | Hacker News</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44216113\" target=\"_blank\">https://news.ycombinator.com/item?id=44216113</a><br>\nJun 08, 2025 You could be right. You would have to weigh that against devs that are not even testing the iOS waters because they see Xcode as a barrier, are more familiar with their VSCode Cmake ecosystem. A new framework like SpriteKit requires at least a year (an iOS release cycle) before it sees WWDC ... and then a shipping iOS. My recollection is that this is pretty close to the timeline I described where Cocos starts to show up in abundance in the iOS apps submitted and as a result a team is spun up at Apple to create what ends up being SpriteKit.</p>\n<p><strong>Apple WWDC 2025: the 13 biggest announcements | Hacker News</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44228717\" target=\"_blank\">https://news.ycombinator.com/item?id=44228717</a><br>\nJun 09, 2025 Apple's implementation of things like containerization are going to be kneecapped in unimaginable small but important ways, making it unlikely me or anyone I dev with will be using them in the first few iterations, but if I stay on macOS that is something to look forward to.</p>\n<p><strong>Apple's Software Quality Crisis</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=43243075\" target=\"_blank\">https://news.ycombinator.com/item?id=43243075</a><br>\n > Apple felt compelled to publish a video. Context is important. This was a WWDC session and Apple records & publishes all WWDC sessions. hu3 10 months ago ...</p>\n<p><strong>WWDC 2025: Apple Says Personalized Siri Features... | Hacker News</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44226973\" target=\"_blank\">https://news.ycombinator.com/item?id=44226973</a><br>\nJun 09, 2025 Apple has let the control of the narrative slip through their fingers today, and it will continue from here. Giving WWDC a typical smarmy marketing video was not what developers wanted. This was Apple's chance to step up, take accountability and show initiative.I would not want a deeply embedded personal assistant that’s always on and learning from me only to get things wrong and frustrate me. Apple’s users are grandparents and newbies who will have even higher standards for Siri than experienced developers who might be more lenient.</p>\n<p><strong>Ask HN: Why is virtualization still not solved?</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44688849\" target=\"_blank\">https://news.ycombinator.com/item?id=44688849</a><br>\n It's 2025, and virtualization is still a headache, even for casual use. I use a MacBook Air M1 as my dev laptop, and I just wanted to have a reproducible ...</p>\n<p><strong>Liquid Glass – WWDC25 [video] | Hacker News</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44235612\" target=\"_blank\">https://news.ycombinator.com/item?id=44235612</a><br>\nJun 10, 2025 Everyone at Apple knows WWDC is in June, and WWDC is the event where Apple show off the new stuff and deliver a public beta.One of the lead designers on Liquid Glass is Chan Karunamuni, who's been at Apple since the early 2010s. If you search for more of the names of the design presenters at this WWDC, you'll find a lot of people with similarly long tenure.</p>\n<p><strong>Apple WWDC 2025 | Hacker News</strong><br>\n<a href=\"https://news.ycombinator.com/item?id=44224499\" target=\"_blank\">https://news.ycombinator.com/item?id=44224499</a><br>\n Apple WWDC 2025 (apple.com) 1 point by Bogdanp 21 minutes ago | hide | past | favorite | discuss</p>\n<p><strong>Second Experience with Apple Containers!</strong><br>\n<a href=\"https://dev.to/aairom/second-experience-with-apple-containers-53o1\" target=\"_blank\">https://dev.to/aairom/second-experience-with-apple-containers-53o1</a><br>\nOct 17, 2025 Posted on Oct 17. Second Experience with Apple Containers!Another step with Apple containers! Introduction. My initial blog post detailing my first practical experience with Apple containerization technology sparked a flurry of discussion and significant inquiries from my colleagues. The central question raised — and the point of subsequent internal debate — was whether this capability possessed the necessary maturity and reliability for industrial-scale deployment. My answer to that is an unequivocal “YES.”</p>\n<p><strong>First Hands-On Experience with Apple Containers! - DEV Community</strong><br>\n<a href=\"https://dev.to/aairom/first-hands-on-experience-with-apple-containers-12a7\" target=\"_blank\">https://dev.to/aairom/first-hands-on-experience-with-apple-containers-12a7</a><br>\nSep 08, 2025 A very first test with Apple containers! Introduction. In the world of software development, few concepts have been as transformative as containerization. For years, developers have battled the infamous “works on my machine” problem — a frustrating situation where code functions perfectly in one environment but fails to run in another. Containers emerged as the ultimate solution, providing a consistent, isolated, and portable environment that bundles an application and all its dependencies, ensuring it runs the same way everywhere.</p>\n<p><strong>WWDC 2025 - Meet Containerization from Apple - DEV Community</strong><br>\n<a href=\"https://dev.to/arshtechpro/wwdc-2025-meet-containerization-eei\" target=\"_blank\">https://dev.to/arshtechpro/wwdc-2025-meet-containerization-eei</a><br>\nJun 13, 2025 Developer Experience. Apple has also released a companion container command-line tool that demonstrates the framework's capabilities. The tool supports standard container operations like pulling images and running interactive sessions, with containers starting in just hundreds of milliseconds. Open Source Availability. Both the Containerization framework and container tool are available on GitHub, complete with source code, documentation, and example projects.</p>\n<p><strong>Apple Containers on macOS: A Technical Comparison With Docker</strong><br>\n<a href=\"https://thenewstack.io/apple-containers-on-macos-a-technical-comparison-with-docker/\" target=\"_blank\">https://thenewstack.io/apple-containers-on-macos-a-technical-comparison-with-docker/</a><br>\nJul 21, 2025 Apple's new containerization framework introduces a novel \"VM-per-container\" architecture, optimized for security and Apple silicon.Apple’s approach emphasizes simplicity and native integration with macOS development environments. The Swift-based toolchain integrates naturally with Xcode and other Apple development tools, potentially providing a more cohesive development experience for iOS and macOS developers. Docker Ecosystem Maturity.</p>\n<p><strong>What You Need To Know About Apple's New Container ...</strong><br>\n<a href=\"https://thenewstack.io/what-you-need-to-know-about-apples-new-container-framework/\" target=\"_blank\">https://thenewstack.io/what-you-need-to-know-about-apples-new-container-framework/</a><br>\nJun 12, 2025 The Developer Experience Revolution. For macOS developers wrestling with Docker Desktop’s licensing costs, performance issues and VM overhead, Apple’s Containerization framework offers a compelling native alternative.Apple’s Containerization framework represents more than just another container runtime option. It’s a statement about the direction of container security and a validation of approaches that prioritize isolation without sacrificing performance.</p>\n<p><strong>Tutorial: Setting Up and Exploring Apple Containerization on macOS</strong><br>\n<a href=\"https://thenewstack.io/tutorial-setting-up-and-exploring-apple-containerization-on-macos/\" target=\"_blank\">https://thenewstack.io/tutorial-setting-up-and-exploring-apple-containerization-on-macos/</a><br>\nJul 22, 2025 In this tutorial, we will explore the CLI to run containers using native Apple Containerization technology on macOS 15 Sequoia.Join our community of software engineering leaders and aspirational developers. Always stay in-the-know by getting the most important news and exclusive content delivered fresh to your inbox to learn more about at-scale software development.</p>\n<p><strong>GitHub - apple/containerization: Containerization is a Swift package...</strong><br>\n<a href=\"https://github.com/apple/containerization\" target=\"_blank\">https://github.com/apple/containerization</a><br>\nJun 10, 2025 Containerization is written in Swift and uses Virtualization.framework on Apple silicon. Looking for command line binaries for running containers? They are available in the dedicated apple/container repository.The kernel configuration is a minimal set of features to support fast start times and a light weight environment. While this configuration will work for the majority of workloads we understand that some will need extra features. To solve this Containerization provides first class APIs to use different kernel configurations and versions on a per container basis.</p>\n<p><strong>GitHub - apple/container: A tool for creating and running Linux...</strong><br>\n<a href=\"https://github.com/apple/container\" target=\"_blank\">https://github.com/apple/container</a><br>\nJun 09, 2025 It's written in Swift, and optimized for Apple silicon. The tool consumes and produces OCI-compatible container images, so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compatible application. container uses the Containerization Swift package for low level container, image, and process management.</p>\n<p><strong>What does Apple's Containerization framework mean for orbstack...</strong><br>\n<a href=\"https://github.com/orgs/orbstack/discussions/1986\" target=\"_blank\">https://github.com/orgs/orbstack/discussions/1986</a><br>\nSep 08, 2025 - Don't really have any complaints about Orbstack at its current state. But curios what does Apple's release of Containerization framework means for Orbstack. Beta Was this translation helpful?- This was what I was thinking and I do believe it would be a nice option. Definitely looking forward to this for further improvements in experience.</p>\n<p><strong>First Hands-On Experience with Apple Containers!</strong><br>\n<a href=\"https://alain-airom.medium.com/first-hands-on-experience-with-apple-containers-191bffa0e829\" target=\"_blank\">https://alain-airom.medium.com/first-hands-on-experience-with-apple-containers-191bffa0e829</a><br>\nSep 13, 2025 This is poised to dramatically improve performance, streamline developer workflows, and usher in a new era of seamless, efficient development.</p>\n<p></details></p>\n<p><details><summary>Gathered key details from:</p>\n<ul>\n<li><a href=\"https://news.ycombinator.com/item?id=44229348\" target=\"_blank\">Containerization is a Swift package for running Linux containers on macOS | Hacker News</a></summary></li>\n</ul>\n<h3>Query</h3>\n<p>What are the community reactions, opinions, and discussions about Apple's containerization framework? What do developers think about it compared to Docker? What are the concerns, criticisms, and praise?</p>\n<h3>Response</h3>\n<p>The community reactions to Apple's containerization framework are varied, with discussions focusing on its potential impact, comparisons to Docker, and its technical implementation.</p>\n<p><strong>Comparisons to Docker and Developer Experience:</strong><br>\nMany developers see Apple's containerization as a potential alternative or complement to Docker Desktop on macOS. Some believe it could simplify the developer experience by offering a native solution, potentially reducing the need for third-party tools like Docker Desktop or OrbStack. There's a sentiment that it could eat into Docker Desktop's market share, especially for users who prefer a standalone CLI tool. However, some express concern that its platform-specific nature might be a limitation for cross-platform development, and that it might not fully replace Docker's ecosystem, particularly Docker Compose, without further development.</p>\n<p><strong>Technical Aspects and Performance:</strong><br>\nThe framework's approach of running each container in its own lightweight Linux VM via the <code>Virtualization.framework</code> is noted for its security benefits, offering better isolation than shared kernel approaches. Discussions touch upon the performance implications, with some early impressions suggesting it might be slower than Docker for certain tasks like building images, while others are optimistic about its potential for fast VM boot times. The open-source nature of the project and Apple's willingness to accept contributions are seen as positive steps.</p>\n<p><strong>Concerns and Criticisms:</strong></p>\n<ul>\n<li><strong>Platform Lock-in:</strong> A primary concern is that it's an Apple-specific solution, which may not be ideal for developers working in heterogeneous environments.</li>\n<li><strong>Maturity and Feature Set:</strong> Some users question if it's a complete replacement for Docker, especially regarding features like seamless Docker Compose integration or specific workflow requirements.</li>\n<li><strong>Lack of Native macOS Containers:</strong> A recurring point is the absence of native macOS (Darwin) containers, with users wishing for a solution similar to BSD jails or Windows containers.</li>\n<li><strong>Performance Benchmarks:</strong> Initial comparisons suggest potential performance drawbacks in specific areas like image building compared to established tools like Docker.</li>\n</ul>\n<p><strong>Praise and Positive Opinions:</strong></p>\n<ul>\n<li><strong>Enhanced Security:</strong> The isolated VM approach is widely praised for its security advantages.</li>\n<li><strong>Native Integration:</strong> The potential for a more integrated and seamless developer experience on macOS is a significant positive.</li>\n<li><strong>Open Source Contribution:</strong> Apple's decision to open-source the project and encourage community involvement is viewed favorably.</li>\n<li><strong>Potential for Simplification:</strong> It's seen as a way to potentially reduce the complexity of setting up container environments on macOS.</li>\n</ul>\n<p>Overall, the framework is viewed with cautious optimism, with many recognizing its potential benefits for macOS developers while also highlighting areas that require further development and consideration, particularly concerning its integration with existing container ecosystems and its platform-agnostic capabilities.</p>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://thenewstack.io/apple-containers-on-macos-a-technical-comparison-with-docker/\" target=\"_blank\">Apple Containers on macOS: A Technical Comparison With Docker - The New Stack</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>What is the detailed technical comparison between Apple Containers and Docker? What are the architectural differences, performance characteristics, feature gaps, and use case recommendations?</p>\n<h3>Response</h3>\n<h1>Apple Containers on macOS: A Technical Comparison With Docker</h1>\n<p>Apple's new containerization framework introduces a novel \"VM-per-container\" architecture, optimized for security and Apple silicon. </p>\n<p>Jul 21st, 2025 10:05am by Janakiram MSV </p>\n<p><img alt=\"Featued image for: Apple Containers on macOS: A Technical Comparison With Docker\" src=\"IMAGE\"> </p>\n<p>Feature image via Unsplash.</p>\n<p>Apple’s announcement of native containerization support in macOS 26 Tahoe marks a significant shift in the containerization landscape. The new Containerization framework and accompanying Container CLI tool officially mark Apple’s entry into the container runtime ecosystem. This Swift-based, open source solution aims to provide developers with a native alternative to traditional containerization tools, such as Docker, specifically optimized for Apple Silicon and macOS environments.</p>\n<p>The framework introduces a fundamentally different architectural approach to container isolation. Unlike conventional solutions that rely on shared virtual machines, Apple’s implementation creates dedicated, lightweight virtual machines for each container. This technical innovation addresses long-standing performance and security challenges that have plagued containerization on macOS platforms.</p>\n<p>The idea of mapping each container to a dedicated VM is not entirely new. Hyper (now defunct), one of the startups, attempted this approach a few years ago. The same is true for the Intel Clear Containers (now deprecated) project. Both projects are now merged into Kata Containers, which forms the basis for Apple Containerization project’s core architecture.</p>\n<p>Let’s take a closer look at the Containerization framework and compare it with Docker Desktop.</p>\n<p>Context: This section introduces Apple's new containerization framework and its comparison with Docker Desktop.</p>\n<hr>\n<h2>Architectural Foundation</h2>\n<h3>Apple’s VM-per-Container Model</h3>\n<p>Apple’s Containerization framework implements a unique one-VM-per-container architecture. Each Linux container operates within its own dedicated lightweight virtual machine, leveraging the macOS Virtualization framework for hardware-level isolation. This approach contrasts sharply with traditional containerization models, where multiple containers share a single large virtual machine.</p>\n<p>The framework creates these VMs using an optimized Linux kernel configuration specifically designed for rapid boot times. Containers achieve sub-second startup times through careful kernel optimization and a minimal root filesystem containing only essential components. The system eliminates unnecessary core utilities, dynamic libraries, and libc implementations to reduce attack surface and improve performance.</p>\n<h3>The vminitd Init System</h3>\n<p>At the heart of each container, VM runs vminitd, a custom init system written entirely in Swift. This minimalist init process handles critical virtualization tasks, including IP address assignment to network interfaces, filesystem mounting of container block devices, process launching and supervision, and API management for host-container communication.</p>\n<p>The vminitd system operates in an extremely constrained environment by design. It runs without standard core utilities, dynamic libraries, or traditional libc implementations. This stripped-down approach significantly reduces the potential attack surface while maintaining essential functionality for container operations.</p>\n<h3>Swift-Native Implementation</h3>\n<p>The entire framework leverages Swift’s capabilities extensively, including the Swift Static Linux SDK, which enables cross-compiling static Linux binaries directly from macOS. The system uses musl for static linking support, enabling the creation of self-contained binaries that don’t require external dependencies. This approach allows for truly portable container implementations while maintaining performance optimization for Apple Silicon architectures.</p>\n<p>Context: Details Apple's VM-per-container architecture, including its Linux kernel optimization and Swift-native implementation.</p>\n<hr>\n<h2>Docker Desktop Architecture on macOS</h2>\n<h3>Traditional Virtualization Approach</h3>\n<p>Docker Desktop on macOS operates through a fundamentally different architectural model. The system creates a single large Linux virtual machine that hosts all containers simultaneously. This shared VM approach requires Docker to use either the hyperkit hypervisor (being deprecated) or Apple’s Virtualization.framework for creating the underlying Linux environment.</p>\n<p>The Docker architecture includes multiple virtualization management options. Users can choose between Docker VMM , Apple Virtualization Framework, or QEMU (being deprecated on Apple Silicon). Each option provides different performance characteristics and feature sets, but all maintain the shared VM model for container execution.</p>\n<h3>Resource Management Challenges</h3>\n<p>Docker’s shared VM architecture creates several resource management complexities. The Linux VM must be allocated sufficient resources to handle all concurrent containers, which can lead to potentially inefficient resource utilization. When containers aren’t actively running, the background VM continues consuming system resources, impacting overall system performance.</p>\n<p>File system synchronization between macOS and the Linux VM has historically been a significant performance bottleneck. While recent Docker Desktop versions have improved with features such as VirtioFS and Resource Saver mode, the fundamental architectural limitations of the shared VM model remain.</p>\n<p>Context: Explains Docker Desktop's traditional virtualization approach on macOS and its associated resource management challenges.</p>\n<hr>\n<h2>Security Architecture Comparison</h2>\n<h3>Apple’s Hypervisor-Level Isolation</h3>\n<p>Apple’s per-container VM approach provides each container with the same level of isolation as a traditional virtual machine. This hypervisor-level isolation ensures that containers cannot access each other’s memory spaces or interfere with host system operations. The architecture eliminates the kernel-sharing vulnerabilities common in traditional containerization approaches.</p>\n<p>The framework implements privacy by design principles through granular directory sharing, where only the specific container requesting access to host directories receives that access, thereby preventing other containers from inadvertently accessing shared resources. This fine-grained privacy control surpasses traditional container isolation mechanisms.</p>\n<h3>Network Security and Isolation</h3>\n<p>Each Apple container receives its own dedicated IP address, eliminating the need for port forwarding and reducing network-based attack vectors. This approach simplifies network configuration while providing stronger network isolation between containers. Developers can access services directly via container IP addresses rather than managing complex port mapping schemes.</p>\n<p>The dedicated networking model also improves performance by reducing network translation overhead. Applications can bind to standard ports within their containers without conflicts, simplifying deployment configurations and reducing potential security misconfigurations.</p>\n<p>Context: Compares the security architectures, focusing on Apple's hypervisor-level isolation and network security versus Docker's model.</p>\n<hr>\n<h3>Docker Security Model</h3>\n<p>Docker’s security model relies primarily on Linux kernel namespaces and cgroups for container isolation. While effective, this approach means all containers share the same kernel, potentially creating security vulnerabilities if kernel exploits are discovered. The shared VM architecture also requires careful management of file system permissions and network access controls.</p>\n<p>Recent Docker versions have implemented additional security features including image scanning, signed images, and runtime monitoring. However, these improvements operate at the application layer rather than providing the hardware-level isolation offered by Apple’s hypervisor approach.</p>\n<p>Context: Details Docker's security model, which relies on Linux kernel namespaces and cgroups, and its limitations compared to Apple's approach.</p>\n<hr>\n<h2>Development Experience and Ecosystem</h2>\n<h3>Apple Container CLI and Workflow</h3>\n<p>The Container CLI tool offers familiar command-line operations for managing containers. Developers can pull images from standard OCI-compliant registries, run interactive sessions, and manage container lifecycles using straightforward commands. The tool maintains compatibility with existing container image formats, ensuring seamless integration with existing development workflows.</p>\n<p>Apple’s approach emphasizes simplicity and native integration with macOS development environments. The Swift-based toolchain integrates naturally with Xcode and other Apple development tools, potentially providing a more cohesive development experience for iOS and macOS developers.</p>\n<h3>Docker Ecosystem Maturity</h3>\n<p>Docker maintains a substantial ecosystem advantage with extensive tooling, orchestration platforms, and third-party integrations. The Docker ecosystem includes Docker Compose for multicontainer applications, Docker Swarm for orchestration, and comprehensive CI/CD pipeline integrations.</p>\n<p>The mature Docker ecosystem provides enterprise-grade features including centralized management consoles, comprehensive security scanning, and professional support options. These enterprise capabilities currently exceed what Apple’s nascent containerization framework offers.</p>\n<p>Context: Discusses the development experience and ecosystem, highlighting Apple's Container CLI and Docker's mature ecosystem advantage.</p>\n<hr>\n<h2>Limitations and Considerations</h2>\n<h3>Apple Container Constraints</h3>\n<p>Apple’s containerization framework currently requires macOS 26 Tahoe for optimal functionality. While basic operations work on macOS 15 Sequoia, significant networking limitations impact usability on older systems. The framework also requires Apple Silicon hardware for optimal performance, which limits its adoption on Intel-based Macs.</p>\n<p>The ecosystem around Apple containers remains limited compared to Docker’s extensive tooling landscape. Missing features include orchestration tools equivalent to Docker Compose, comprehensive monitoring solutions, and enterprise management capabilities.</p>\n<h3>Docker’s Ongoing Challenges</h3>\n<p>Despite improvements, Docker on macOS still faces architectural limitations. The shared VM model creates resource overhead and potential performance bottlenecks, particularly for development workflows involving multiple concurrent containers. Battery life and thermal management remain concerns for intensive containerized development work.</p>\n<p>Cross-platform compatibility issues persist, particularly when comparing ARM and x86 architectures. While Rosetta 2 translation helps, performance penalties can be significant for computationally intensive workloads.</p>\n<p>Context: Outlines the limitations and ongoing challenges for both Apple's containerization framework and Docker on macOS.</p>\n<hr>\n<h2>Conclusion</h2>\n<p>Apple’s Containerization framework represents a significant technical innovation in container runtime architecture. The VM-per-container model provides superior security isolation and eliminates many performance challenges associated with traditional containerization on macOS. The Swift-native implementation and optimization for Apple Silicon demonstrate Apple’s commitment to platform-specific performance optimization.</p>\n<p>However, Docker’s ecosystem maturity and cross-platform compatibility continue to provide substantial advantages for most development scenarios. The extensive tooling, enterprise features, and broad industry adoption make Docker the safer choice for production deployments and complex development workflows.</p>\n<p>The choice between Apple containers and Docker ultimately depends on specific use cases, security requirements, and ecosystem dependencies. Organizations prioritizing security and performance on Apple platforms may find Apple’s approach compelling, while those requiring extensive tooling and cross-platform compatibility will likely continue relying on Docker’s mature ecosystem.</p>\n<p>As Apple’s containerization framework matures and its ecosystem develops, it may become a viable alternative for macOS-focused development workflows. The technical foundation is solid, but widespread adoption will require significant ecosystem development and community engagement to match Docker’s comprehensive capabilities.</p>\n<p>Context: Provides a conclusion that summarizes the technical innovation of Apple's framework, Docker's ecosystem advantages, and use case recommendations based on priorities.</p>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://github.com/apple/container/issues\" target=\"_blank\">GitHub · Where software is built</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>What are the current open issues, bugs, and known problems with the Apple container project? What stability issues have been reported? What features are missing or requested?</p>\n<h3>Response</h3>\n<p>Using full content.</p>\n</details>\n<details><summary>Contemplated</summary>\n<p>Good data on current issues. The project has 23.2k stars which is significant community interest. Current open issues include:</p>\n<ul>\n<li>Networking issues (IPv6, DNS, routing)</li>\n<li>Docker daemon inside containers (nf_tables not initialized)</li>\n<li>Image push/pull issues</li>\n<li>Segmentation faults with amd64 emulation</li>\n<li>Container removal behavior bugs</li>\n</ul>\n<p>I should also look at the containerization package for more technical depth, and check for any discussions about Docker Compose compatibility and production readiness. Let me also get more details on the dev.to articles about real-world experience.</p>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://dev.to/aairom/second-experience-with-apple-containers-53o1\" target=\"_blank\">Second Experience with Apple Containers! - DEV Community</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>What is the detailed experience of using Apple containers in practice? What worked well, what were the challenges, and is it ready for industrial/production use? What specific tests were performed?</p>\n<h3>Response</h3>\n<p>My initial blog post detailing my first practical experience with Apple containerization technology sparked a flurry of discussion and significant inquiries from my colleagues. The central question raised — and the point of subsequent internal debate — was whether this capability possessed the necessary maturity and reliability for industrial-scale deployment. My answer to that is an unequivocal “YES.” This certainty stems from further comprehensive testing, which has solidified my conviction that this capacity provided by Apple is not only viable today but is also poised for accelerated development and is undeniably here to stay.</p>\n<p>Context: The introduction sets the stage for the author's experience and opinion on Apple containerization technology, addressing its maturity and reliability for industrial-scale deployment.</p>\n<hr>\n<p>For my first (new) test, I wrote a vey basic “Hello World” app in Go. </p>\n<pre><code>package main\n\nimport (\n \"fmt\"\n)\n\nfunc main() {\n // Simple application logic\n fmt.Println(\"Hello from the Go container!\")\n}\n</code></pre>\n<p>Then I made a Dockerfile to build an image which runs this code. </p>\n<pre><code>FROM golang:1.22-alpine AS builder\n\nENV CGO_ENABLED=0\n\nWORKDIR /app\n\nCOPY go-hello.go .\n\nRUN go build -o app -ldflags \"-s -w\" go-hello.go\n\nFROM scratch\n\nENTRYPOINT [\"/app\"]\n\nCOPY --from=builder /app/app /app\n\n</code></pre>\n<p>For the first step, I used Podman to build an image 👇 </p>\n<pre><code>podman build -t go-hello .\npodman run go-hello\n# for Docker\ndocker build -t go-hello .\ndocker run go-hello\n</code></pre>\n<p>Running the image gives the following output; </p>\n<pre><code>Hello from the Go container! \n</code></pre>\n<p>Context: This section details the first practical test performed: creating a basic 'Hello World' app in Go, writing a Dockerfile, and building/running the image using Podman and Docker.</p>\n<hr>\n<p>OK, now I build the same image with the “container” from Apple on my MacOS. </p>\n<pre><code># start the engine\ncontainer system start\ncontainer builder start --cpus 8 --memory 32g\n\n# build the image\ncontainer build --tag go-test --file Dockerfile .\n...\n\n[+] Building 8.2s (9/9) FINISHED \n => [resolver] fetching image...docker.io/library/golang:1.22-alpine 0.0s\n => [internal] load .dockerignore 0.0s\n => => transferring context: 2B 0.0s\n => oci-layout://docker.io/library/golang:1.22-alpine@sha256:1699c10032ca2582ec89a24a1312d986a3f094aed3d5c1147b19880afe40e052 2.2s\n => => resolve docker.io/library/golang:1.22-alpine@sha256:1699c10032ca2582ec89a24a1312d986a3f094aed3d5c1147b19880afe40e052 0.1s\n => => sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 32B / 32B 0.0s\n => => sha256:4861bab1ea04dbb3dd5482b1705d41beefe250163e513588e8a7529ed76d351c 127B / 127B 0.0s\n => => sha256:fa1868c9f11e67c6a569d83fd91d32a555c8f736e46d134152ae38157607d910 297.86kB / 297.86kB 0.0s\n => => sha256:52f827f723504aa3325bb5a54247f0dc4b92bb72569525bc951532c4ef679bd4 3.99MB / 3.99MB 0.0s\n => => extracting sha256:52f827f723504aa3325bb5a54247f0dc4b92bb72569525bc951532c4ef679bd4 0.1s\n => => extracting sha256:fa1868c9f11e67c6a569d83fd91d32a555c8f736e46d134152ae38157607d910 0.0s\n => => sha256:90fc70e12d60da9fe07466871c454610a4e5c1031087182e69b164f64aacd1c4 66.29MB / 66.29MB 0.3s\n => => extracting sha256:90fc70e12d60da9fe07466871c454610a4e5c1031087182e69b164f64aacd1c4 1.8s\n => => extracting sha256:4861bab1ea04dbb3dd5482b1705d41beefe250163e513588e8a7529ed76d351c 0.0s\n => => extracting sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 0.0s\n => [internal] load build context 0.0s\n => => transferring context: 159B 0.0s\n => [linux/arm64/v8 builder 1/4] WORKDIR /app 0.4s\n => [linux/arm64/v8 builder 2/4] COPY go-hello.go . 0.0s\n => [linux/arm64 builder 3/4] RUN go build -o app -ldflags \"-s -w\" go-hello.go 1.8s\n => [linux/arm64/v8 stage-1 1/1] COPY --from=builder /app/app /app 0.0s\n => exporting to oci image format 0.1s\n => => exporting layers 0.1s\n => => exporting manifest sha256:4357214a4637b5297da08bb3cc84ebcdd0fa89b9b4208cb60bbba859faa1ef04 0.0s\n => => exporting config sha256:7d618301e78cf16c98f0d472556bb8c883bbf4d87ea675811716385c041fbdd0 0.0s\n => => exporting manifest list sha256:1c9e4da40926ae74bc397abd23acf07ee2dfb28ee0c14f275b960ba1a695e32d 0.0s\n => => sending tarball 0.0s\nSuccessfully built go-test:latest \n</code></pre>\n<p>Let’s run it 🏃♀️ </p>\n<pre><code>container run --rm go-test\nHello from the Go container! \n</code></pre>\n<p>Context: This part describes building and running the same Go 'Hello World' image using Apple's 'container' tool on macOS, detailing the commands and the successful output.</p>\n<hr>\n<p>Nice, now let’s build a Java application! Below is the simple version of “Hello World” written in the most simple Java application ever 😶 </p>\n<pre><code>public class HelloWorld {\n public static void main(String[] args) {\n // Print the greeting to standard output\n System.out.println(\"Hello, Java World from the container!\");\n }\n}\n</code></pre>\n<p>And the adequate Dockerfile 🧺 </p>\n<pre><code>FROM eclipse-temurin:21-jdk-alpine AS builder\n\nWORKDIR /app\n\nCOPY HelloWorld.java .\n\nRUN javac HelloWorld.java\n\nFROM eclipse-temurin:21-jre-alpine\n\nWORKDIR /app\n\nCOPY --from=builder /app/HelloWorld.class .\n\nCMD java -cp . HelloWorld\n</code></pre>\n<p>Now let us build and run this code! </p>\n<pre><code>container build --tag java-hello --file Dockerfile .\n\n...\n[+] Building 2.2s (12/12) FINISHED \n => [resolver] fetching image...docker.io/library/eclipse-temurin:21-jdk-alpine 0.0s\n => [resolver] fetching image...docker.io/library/eclipse-temurin:21-jre-alpine 0.0s\n => [internal] load .dockerignore 0.0s\n => => transferring context: 2B 0.0s\n => oci-layout://docker.io/library/eclipse-temurin:21-jdk-alpine@sha256:89517925fa675c6c4b770bee7c44d38a7763212741b0d6fca5a5103caab21a97 0.0s\n => => resolve docker.io/library/eclipse-temurin:21-jdk-alpine@sha256:89517925fa675c6c4b770bee7c44d38a7763212741b0d6fca5a5103caab21a97 0.0s\n => oci-layout://docker.io/library/eclipse-temurin:21-jre-alpine@sha256:990397e0495ac088ab6ee3d949a2e97b715a134d8b96c561c5d130b3786a489d 0.0s\n => => resolve docker.io/library/eclipse-temurin:21-jre-alpine@sha256:990397e0495ac088ab6ee3d949a2e97b715a134d8b96c561c5d130b3786a489d 0.0s\n => [internal] load build context 0.0s\n => => transferring context: 297B 0.0s\n => CACHED [linux/arm64/v8 stage-1 1/3] WORKDIR /app 0.0s\n => CACHED [linux/arm64/v8 builder 1/4] WORKDIR /app 0.0s\n => CACHED [linux/arm64/v8 builder 2/4] COPY HelloWorld.java . 0.0s\n => CACHED [linux/arm64 builder 3/4] RUN javac HelloWorld.java 0.0s\n => CACHED [linux/arm64/v8 stage-1 2/3] COPY --from=builder /app/HelloWorld.class . 0.0s\n => exporting to oci image format 0.3s\n => => exporting layers 0.0s\n => => exporting manifest sha256:f468154e8f4d3d7830c0a9294df9a518004c2b5e431b28a41eb12cbf9ac1f006 0.0s\n => => exporting config sha256:0aac090feabd2c49d6de93877ac5029dc5ae0ba39df3c343e27e286385d42fa5 0.0s\n => => exporting manifest list sha256:c004a43800e34f66948cf45a56dcb6b484e7ade4c8dd510c3c0d6ea20a3d3b81 0.0s\n => => sending tarball 0.3s\nSuccessfully built java-hello:latest \n\n\n> container run --rm java-hello\nHello, Java World from the container!\n</code></pre>\n<p>Context: This section covers the second practical test: building a Java 'Hello World' application, including the Java code, Dockerfile, and the process of building and running the container image using Apple's 'container' tool.</p>\n<hr>\n<h2>Conclusion</h2>\n<p>As established through my initial and subsequent testing, I am convinced that Apple containerization is a fundamental game-changer in the deployment landscape. This technology doesn’t just offer an interesting alternative; it delivers the operational flexibility and robust architecture required to build and confidently deploy industry-grade applications, signaling a significant shift in how we approach enterprise development.</p>\n<p>Context: The conclusion summarizes the author's conviction that Apple containerization is a fundamental game-changer, offering the operational flexibility and robust architecture required for industry-grade applications and enterprise development.</p>\n<hr>\n<p>Links from Source - Can be extracted on follow up librarian calls:</p>\n<p>Link: https://github.com/apple/container<br>\nContext: The document mentions Apple Container technology and provides a link to its GitHub repository.<br>\nLink: https://github.com/apple/container/releases<br>\nContext: A link is provided for package installation related to Apple Container technology.</p>\n</details>\n<details><summary>Gathered key details from:<p></p>\n<ul>\n<li><a href=\"https://github.com/apple/containerization\" target=\"_blank\">containerization GitHub Repo</a></li></ul></summary>\n\n<h3>Query</h3>\n<p>What are the key features, architecture details, and capabilities of the Containerization Swift package? How does it handle VM management, networking, storage, and process isolation?</p>\n<h3>Response</h3>\n<p>The Containerization package allows applications to use Linux containers.<br>\nContainerization is written in <a href=\"https://www.swift.org\" target=\"_blank\">Swift</a> and uses <a href=\"https://developer.apple.com/documentation/virtualization\" target=\"_blank\">Virtualization.framework</a> on Apple silicon.</p>\n<p>Context: This section provides a general overview of the Containerization package and its core purpose.</p>\n<hr>\n<p>Containerization provides APIs to:</p>\n<ul>\n<li><a href=\"./Sources/ContainerizationOCI/\" target=\"_blank\">Manage OCI images</a>.</li>\n<li><a href=\"./Sources/ContainerizationOCI/Client/\" target=\"_blank\">Interact with remote registries</a>.</li>\n<li>\n<p><a href=\"./Sources/ContainerizationEXT4/\" target=\"_blank\">Create and populate ext4 file systems</a>.</p>\n</li>\n<li>\n<p><a href=\"./Sources/ContainerizationNetlink/\" target=\"_blank\">Interact with the Netlink socket family</a>.</p>\n</li>\n<li>\n<p><a href=\"./kernel/\" target=\"_blank\">Create an optimized Linux kernel for fast boot times</a>.</p>\n</li>\n<li>\n<p><a href=\"./Sources/Containerization/LinuxContainer.swift\" target=\"_blank\">Spawn lightweight virtual machines and manage the runtime environment</a>.</p>\n</li>\n<li><a href=\"./Sources/Containerization/LinuxProcess.swift\" target=\"_blank\">Spawn and interact with containerized processes</a>.</li>\n<li>Use Rosetta 2 for running linux/amd64 containers on Apple silicon.</li>\n</ul>\n<p>Context: This list details the specific functionalities and APIs offered by the Containerization package.</p>\n<hr>\n<h2>Design</h2>\n<p>Containerization executes each Linux container inside of its own lightweight virtual machine. Clients can create dedicated IP addresses for every container to remove the need for individual port forwarding. Containers achieve sub-second start times using an optimized <a href=\"/kernel\" target=\"_blank\">Linux kernel configuration</a> and a minimal root filesystem with a lightweight init system.</p>\n<p>Context: This section describes the architectural design, including how containers are executed and optimized for performance.</p>\n<hr>\n<p><a href=\"/vminitd\" target=\"_blank\">vminitd</a> is a small init system, which is a subproject within Containerization.<br>\n<code>vminitd</code> is spawned as the initial process inside of the virtual machine and provides a GRPC API over vsock.<br>\nThe API allows the runtime environment to be configured and containerized processes to be launched.<br>\n<code>vminitd</code> provides I/O, signals, and events to the calling process when a process is run.</p>\n<p>Context: This explains the role of vminitd, the init system used within the virtual machine, for managing the runtime environment and launching processes.</p>\n<hr>\n<p>A Linux kernel is required for spawning lightweight virtual machines on macOS.<br>\nContainerization provides an optimized kernel configuration located in the <a href=\"./kernel\" target=\"_blank\">kernel</a> directory.</p>\n<p>This directory includes a containerized build environment to easily compile a kernel for use with Containerization.</p>\n<p>The kernel configuration is a minimal set of features to support fast start times and a light weight environment.</p>\n<p>Context: This section details the Linux kernel's role in Containerization, focusing on optimization for fast boot times and a lightweight environment.</p>\n<hr>\n<p>To solve this Containerization provides first class APIs to use different kernel configurations and versions on a per container basis.<br>\nThis enables containers to be developed and validated across different kernel versions.</p>\n<p>Context: This highlights the flexibility in using different kernel configurations and versions on a per-container basis.</p>\n<hr>\n<p>If you wish to consume a pre-built kernel, make sure it has <code>VIRTIO</code> drivers compiled into the kernel (not merely as modules).</p>\n<p>The <a href=\"https://github.com/kata-containers/kata-containers\" target=\"_blank\">Kata Containers</a> project provides a Linux kernel that is optimized for containers, with all required configuration options enabled. The <a href=\"https://github.com/kata-containers/kata-containers/releases/\" target=\"_blank\">releases</a> page contains downloadable artifacts, and the image itself (<code>vmlinux.container</code>) can be found in the <code>/opt/kata/share/kata-containers/</code> directory. </p>\n<p>Context: This provides information on pre-built kernels and their requirements, mentioning Kata Containers as a source.</p>\n<hr>\n<p>Containerization executes each Linux container inside of its own lightweight virtual machine. Clients can create dedicated IP addresses for every container to remove the need for individual port forwarding. Containers achieve sub-second start times using an optimized <a href=\"/kernel\" target=\"_blank\">Linux kernel configuration</a> and a minimal root filesystem with a lightweight init system.</p>\n<p>Context: This section describes the architecture, specifically how containers are executed in lightweight virtual machines and how networking is handled.</p>\n<hr>\n<p>Containerization provides APIs to:</p>\n<ul>\n<li><a href=\"./Sources/ContainerizationOCI/\" target=\"_blank\">Manage OCI images</a>.</li>\n<li><a href=\"./Sources/ContainerizationOCI/Client/\" target=\"_blank\">Interact with remote registries</a>.</li>\n<li><a href=\"./Sources/ContainerizationEXT4/\" target=\"_blank\">Create and populate ext4 file systems</a>.</li>\n</ul>\n<p>Context: This lists the capabilities, including managing OCI images and creating file systems, which are relevant to storage.</p>\n<hr>\n<ul>\n<li><a href=\"./Sources/ContainerizationNetlink/\" target=\"_blank\">Interact with the Netlink socket family</a>.</li>\n</ul>\n<p>Context: This API relates to interacting with the Netlink socket family, which is relevant to networking.</p>\n<hr>\n<ul>\n<li><a href=\"./Sources/Containerization/LinuxContainer.swift\" target=\"_blank\">Spawn lightweight virtual machines and manage the runtime environment</a>.</li>\n<li><a href=\"./Sources/Containerization/LinuxProcess.swift\" target=\"_blank\">Spawn and interact with containerized processes</a>.</li>\n</ul>\n<p>Context: These APIs are directly related to spawning virtual machines and managing containerized processes, covering VM management and process isolation.</p>\n<hr>\n<p>Links from Source - Can be extracted on follow up librarian calls:</p>\n<p>Link: https://www.swift.org<br>\nContext: The programming language used for Containerization.<br>\nLink: https://developer.apple.com/documentation/virtualization<br>\nContext: The framework Containerization uses on Apple silicon for virtualization.<br>\nLink: https://github.com/apple/container<br>\nContext: Repository for command line binaries for running containers.<br>\nLink: https://apple.github.io/containerization/documentation/<br>\nContext: API documentation for the Swift packages provided by Containerization.<br>\nLink: /kernel<br>\nContext: Directory containing the optimized Linux kernel configuration for Containerization.<br>\nLink: /kernel/README.md<br>\nContext: Instructions on how to compile the optimized kernel.<br>\nLink: https://github.com/kata-containers/kata-containers<br>\nContext: Project providing a Linux kernel optimized for containers.<br>\nLink: https://github.com/kata-containers/kata-containers/releases/<br>\nContext: Releases page for Kata Containers, containing downloadable kernel artifacts.</p>\n</details>\n<details><summary>Searched with Kagi<p></p>\n<ul>\n<li>Apple container Docker Compose support alternative</li>\n<li>Apple container vs OrbStack vs colima performance benchmark</li></ul></summary><br>\n Sources (20):<br>\n<strong>native support for containers on Mac is game changing, or ' ...</strong><br>\n<a href=\"https://www.reddit.com/r/devops/comments/1lk5wmp/apple_container_native_support_for_containers_on/\" target=\"_blank\">https://www.reddit.com/r/devops/comments/1lk5wmp/apple_container_native_support_for_containers_on/</a><br>\nJul 13, 2025 Apple recently released native support for containers. I've been trying it for local dev stuff like Postgres and Redis, and it is looking ...\n\n<p><strong>noghartt/container-compose | DeepWiki</strong><br>\n<a href=\"https://deepwiki.com/noghartt/container-compose\" target=\"_blank\">https://deepwiki.com/noghartt/container-compose</a><br>\n Container-compose is a Rust-based command-line utility that bridges the gap between Docker Compose workflows and Apple's native container runtime. It allows developers to define multi-service applications using familiar docker-compose.yaml syntax while leveraging Apple's container technology instead of Docker.</p>\n<p><strong>compose support? · apple container · Discussion #194 · GitHub</strong><br>\n<a href=\"https://github.com/apple/container/discussions/194\" target=\"_blank\">https://github.com/apple/container/discussions/194</a><br>\nJul 07, 2025 - Without compose support i will just keep using docker desktop for now. What would be the advantage of this new system? Beta Was this translation helpful?Setting the hostname of the container is not supported. But that's because it's not supported by Apples container system. At least not at the moment. It's the same as the container name.</p>\n<p><strong>GitHub - Mcrich23/Container-Compose: A docker-compose clone for Apple ...</strong><br>\n<a href=\"https://github.com/mcrich23/container-compose\" target=\"_blank\">https://github.com/mcrich23/container-compose</a><br>\n Container-Compose brings (limited) Docker Compose support to Apple Container, allowing you to define and orchestrate multi-container applications on Apple platforms using familiar Compose files.</p>\n<p><strong>compose support? · Issue #55 · apple/container</strong><br>\n<a href=\"https://github.com/apple/container/issues/55\" target=\"_blank\">https://github.com/apple/container/issues/55</a><br>\nSep 02, 2025 Without compose support i will just keep using docker desktop for now. What would be the advantage of this new system?According to docker/compose#12934, it could be done if the apple container runtime supports the Moby API (https://github.com/moby/moby/blob/master/api/README.md).</p>\n<p><strong>A docker-compose clone for Apple Container</strong><br>\n<a href=\"https://github.com/Mcrich23/Container-Compose\" target=\"_blank\">https://github.com/Mcrich23/Container-Compose</a><br>\n Container-Compose brings (limited) Docker Compose support to Apple Container, allowing you to define and orchestrate multi-container applications on Apple ...</p>\n<p><strong>GitHub - dockur/macos: MacOS inside a Docker container.</strong><br>\n<a href=\"https://github.com/dockur/macos\" target=\"_blank\">https://github.com/dockur/macos</a><br>\nJun 02, 2024 MacOS inside a Docker container. Contribute to dockur/macos development by creating an account on GitHub.After configuring the container for macvlan, it is possible for macOS to become part of your home network by requesting an IP from your router, just like your other devices. To enable this mode, in which the container and macOS will have separate IP addresses, add the following lines to your compose file</p>\n<p><strong>A docker-compose like tool for Apple Containers - GitHub</strong><br>\n<a href=\"https://github.com/noghartt/container-compose\" target=\"_blank\">https://github.com/noghartt/container-compose</a><br>\n If you want to use a maintained tool, I recommend: container-compose. A CLI to let you use the Apple container like a docker-compose config file. This tool is on \"alpha\" mode, which means that you can find a lot of bugs or missing features. If you find anything, feel free to open an issue. Thank you! :)</p>\n<p><strong>GitHub - container-compose/cli: A wrapper around Apple's Container ...</strong><br>\n<a href=\"https://github.com/container-compose/cli\" target=\"_blank\">https://github.com/container-compose/cli</a><br>\n This project provides developer ergonomics to start using Apple's Container. Inspired by Docker Compose, this CLI offers a similar experience for managing containerised applications - without the need for Docker Desktop.</p>\n<p><strong>GitHub - apple/container: A tool for creating and running Linux ...</strong><br>\n<a href=\"https://github.com/apple/container\" target=\"_blank\">https://github.com/apple/container</a><br>\n container is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the container maintainers typically will not address issues that cannot be reproduced on the macOS 26.</p>\n<p><strong>native support for containers on Mac is game changing, or ' ...</strong><br>\n<a href=\"https://www.reddit.com/r/devops/comments/1lk5wmp/apple_container_native_support_for_containers_on/\" target=\"_blank\">https://www.reddit.com/r/devops/comments/1lk5wmp/apple_container_native_support_for_containers_on/</a><br>\nJul 13, 2025 The difference is that Apple container doesn't even share the kernel, it launches one MicroVM per container. They take a different approach for ...</p>\n<p><strong>GitHub - nemirlev/docker-engines-benchmark: A comprehensive ...</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark</a><br>\nOct 31, 2024 A comprehensive benchmarking tool for comparing performance characteristics of different Docker-like container engines (Docker Desktop, Podman Desktop, Colima, OrbStack, Rancher Desktop).</p>\n<p><strong>Issues</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark/issues\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark/issues</a><br>\n Issues - GitHub - nemirlev/docker-engines-benchmark: A comprehensive ...</p>\n<p><strong>Pull requests</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark/pulls\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark/pulls</a><br>\n Pull requests - GitHub - nemirlev/docker-engines-benchmark: A comprehensive ...</p>\n<p><strong>Projects</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark/projects\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark/projects</a><br>\n GitHub is where people build software. More than 150 million people use GitHub to discover, fork, and contribute to over 420 million projects.</p>\n<p><strong>Security</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark/security\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark/security</a><br>\n GitHub is where people build software. More than 100 million people use GitHub to discover, fork, and contribute to over 420 million projects.</p>\n<p><strong>docker-engines-benchmark/README.md at main - GitHub</strong><br>\n<a href=\"https://github.com/nemirlev/docker-engines-benchmark/blob/main/README.md\" target=\"_blank\">https://github.com/nemirlev/docker-engines-benchmark/blob/main/README.md</a><br>\n A comprehensive benchmarking tool for comparing performance characteristics of different Docker-like container engines (Docker Desktop, Podman Desktop, Colima, OrbStack, Rancher Desktop).</p>\n<p><strong>GitHub - abiosoft/colima: Container runtimes on macOS (and Linux)...</strong><br>\n<a href=\"https://github.com/abiosoft/colima\" target=\"_blank\">https://github.com/abiosoft/colima</a><br>\nSep 06, 2021 When you run the colima template command, Colima opens the default configuration in a temporary file using your editor (VS Code by default, if installed). For example, you might see something likeYou can use the incus client on macOS after colima start with no additional setup. Note: Running virtual machines on Incus is only supported on m3 or newer Apple Silicon devices.</p>\n<p><strong>Running Docker containers on colima on Mac M1 is very very slow...</strong><br>\n<a href=\"https://github.com/abiosoft/colima/issues/204\" target=\"_blank\">https://github.com/abiosoft/colima/issues/204</a><br>\nMar 02, 2022 Versus container (same container, as it is available in both arm64 and amd64)I can confirm the challenges of the Issue. I used Colima with my Intel MacBook Pro (15\" 2018) quite well. I switched now to a new MacBook Pro (16\" 2021) with the Apple M1 Pro Silicon. One of my main development work is to write AWS CDK Apps. The local build/synth process uses docker container.</p>\n<p><strong>Top 8 OrbStack Alternatives: Choosing the Right Tool for ...</strong><br>\n<a href=\"https://www.qovery.com/blog/orbstack-alternatives\" target=\"_blank\">https://www.qovery.com/blog/orbstack-alternatives</a><br>\nDec 15, 2025 Top OrbStack alternatives for developers and teams. Compare Qovery, Rancher Desktop, Podman, and Colima to find the best tool for performance, cross-platform stability, and K8s integration.Your time is too valuable to be spent debugging local vs. cloud configuration issues. Get off the container runtime merry-go-round and adopt a platform that ensures production parity from the first commit.</p>\n</details>\n<details><summary>Response planned</summary>\n<p>The research has gathered comprehensive information about Apple's container project:</p>\n<ol>\n<li><strong>Official GitHub repo</strong> - Project status, architecture, requirements (macOS 26, Apple Silicon)</li>\n<li><strong>Technical overview</strong> - VM-per-container architecture, vminitd init system, macOS framework integration, networking limitations</li>\n<li><strong>Release history</strong> - 7 releases from June 2025 to December 2025, active development with monthly releases</li>\n<li><strong>Community reception</strong> - Hacker News discussions showing cautious optimism, concerns about platform lock-in and ecosystem maturity</li>\n<li><strong>Technical comparison with Docker</strong> - The New Stack article providing detailed architectural comparison</li>\n<li><strong>Current issues</strong> - 53 open issues including networking, DNS, Docker-in-Docker limitations</li>\n<li><strong>Real-world experience</strong> - Developer blog posts showing successful basic usage</li>\n<li><strong>Containerization Swift package</strong> - Low-level architecture details</li>\n<li><strong>Docker Compose alternatives</strong> - Community projects like container-compose providing limited support</li>\n</ol>\n<p>Key findings:</p>\n<ul>\n<li>Project is pre-1.0, actively developed, 23.2k GitHub stars</li>\n<li>Requires macOS 26 (Tahoe) for full functionality</li>\n<li>VM-per-container architecture provides better security isolation</li>\n<li>Sub-second container start times</li>\n<li>Missing Docker Compose native support (community alternatives exist)</li>\n<li>No container-to-container networking on macOS 15</li>\n<li>Cannot fully replace Docker/colima/Podman for complex workflows yet</li>\n</ul>\n<ol>\n<li>Introduction - What Apple container is and when it was announced</li>\n<li>Architecture - VM-per-container model, vminitd, Virtualization.framework integration</li>\n<li>Development Progress - Release history, velocity, feature additions</li>\n<li>Stability & Reliability - Pre-1.0 status, known issues, data integrity fixes</li>\n<li>Community Acceptance - GitHub metrics, HN reception, developer experiences</li>\n<li>Comparison with Docker/colima/Podman - Architectural differences, feature gaps</li>\n<li>Current Limitations - macOS 26 requirement, networking constraints, missing features</li>\n<li>Replacement Viability Assessment - When it can/cannot replace alternatives</li>\n<li>Conclusion - Recommendations for different use cases</li>\n</ol>\n</details><h2>Apple <code>container</code> Project: Development Progress, Stability, and Viability as a Docker Alternative</h2>\n<h3>Overview</h3>\n<p>Apple's <code>container</code> project is a Swift-based CLI tool for running Linux containers on macOS, announced at <strong>WWDC 2025</strong> (June 2025). It leverages the companion <strong>Containerization</strong> Swift package for low-level VM, image, and process management. The project is open-source under the Apache 2.0 license and specifically optimized for Apple Silicon. <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\"># `container` `container` is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.</span></span></sup></p>\n<p>The tool produces and consumes <strong>OCI-compatible container images</strong>, ensuring interoperability with standard container registries and other OCI-compliant runtimes. <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\"># `container` `container` is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.</span></span></sup></p>\n<hr>\n<h3>Architectural Design: VM-per-Container Model</h3>\n<p>Unlike Docker Desktop, colima, or Podman Desktop—which run all containers inside a single shared Linux VM—Apple's approach creates a <strong>dedicated lightweight VM for each container</strong>. This architecture draws inspiration from projects like Kata Containers (which merged Intel Clear Containers and Hyper).</p>\n<p><strong>Key architectural components:</strong></p>\n<table>\n<thead>\n<tr>\n<th>Component</th>\n<th>Description</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td><strong>Virtualization.framework</strong></td>\n<td>Apple's native hypervisor for managing Linux VMs on Apple Silicon</td>\n</tr>\n<tr>\n<td><strong>vmnet framework</strong></td>\n<td>Manages virtual networking; each container gets its own IP address</td>\n</tr>\n<tr>\n<td><strong>vminitd</strong></td>\n<td>A minimal init system written in Swift, spawned as PID 1 inside each VM; provides a gRPC API over vsock for runtime configuration and process management</td>\n</tr>\n<tr>\n<td><strong>XPC</strong></td>\n<td>Inter-process communication between CLI, API server, and helper processes</td>\n</tr>\n<tr>\n<td><strong>Launchd</strong></td>\n<td>Service management for the <code>container-apiserver</code> launch agent</td>\n</tr>\n<tr>\n<td><strong>Keychain Services</strong></td>\n<td>Secure storage for registry credentials</td>\n</tr>\n</tbody>\n</table>\n<p>The <code>container-apiserver</code> runs as a launch agent and spawns helper processes: <code>container-core-images</code> for image management, <code>container-network-vmnet</code> for networking, and <code>container-runtime-linux</code> for each running container. <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">`container` uses the [Containerization](https://github.com/apple/containerization) Swift package for low level container, image, and process management.</span></span></sup></p>\n<p><strong>Security benefits of VM-per-container:</strong></p>\n<ul>\n<li><strong>Hypervisor-level isolation</strong>: Each container has full VM isolation, eliminating kernel-sharing vulnerabilities</li>\n<li><strong>Granular privacy</strong>: Only the specific container requesting host directory access receives it</li>\n<li><strong>Dedicated IP addresses</strong>: Eliminates port forwarding complexity and reduces network attack vectors <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%23%20%60container%60,Apple%20silicon.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\"># `container` `container` is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.</span></span></sup></li>\n</ul>\n<p><strong>Performance characteristics:</strong></p>\n<ul>\n<li>Sub-second container start times via optimized Linux kernel configuration and minimal root filesystem</li>\n<li>The kernel is stripped down to essential VIRTIO drivers; Kata Containers kernels are compatible <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=The%20tool,OCI-compatible%20application.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=The%20tool,OCI-compatible%20application.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">The tool consumes and produces [OCI-compatible container images](https://github.com/opencontainers/image-spec), so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compatible application.</span></span></sup></li>\n</ul>\n<hr>\n<h3>Development Progress and Release Velocity</h3>\n<p>The project has demonstrated <strong>aggressive development velocity</strong> since its June 2025 launch:</p>\n<table>\n<thead>\n<tr>\n<th>Version</th>\n<th>Release Date</th>\n<th>Notable Features</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td>0.1.0</td>\n<td>June 9, 2025</td>\n<td>Initial release</td>\n</tr>\n<tr>\n<td>0.2.0</td>\n<td>June 27, 2025</td>\n<td>Multiple network interfaces, <code>system status</code> command, socket publishing</td>\n</tr>\n<tr>\n<td>0.3.0</td>\n<td>July 30, 2025</td>\n<td>TCP/UDP port publishing, nested virtualization, plugin system</td>\n</tr>\n<tr>\n<td>0.4.1</td>\n<td>August 28, 2025</td>\n<td>Named volumes, systemd support, SSH auth socket forwarding</td>\n</tr>\n<tr>\n<td>0.5.0</td>\n<td>October 2, 2025</td>\n<td><code>system property</code> commands, multi-image save, API server refactoring</td>\n</tr>\n<tr>\n<td>0.6.0</td>\n<td>October 27, 2025</td>\n<td>Anonymous volumes, <code>--network none</code>, custom subnets, volume pruning</td>\n</tr>\n<tr>\n<td>0.7.0</td>\n<td>December 3, 2025</td>\n<td><code>container stats</code>, <code>system df</code>, Rosetta for builds, port ranges</td>\n</tr>\n<tr>\n<td>0.7.1</td>\n<td>December 8, 2025</td>\n<td><strong>Data integrity fixes</strong> (issue #614), <code>--max-concurrent-downloads</code></td>\n</tr>\n</tbody>\n</table>\n<p>Beginning with 0.3.0, the team committed to a <strong>monthly release cycle</strong>. <sup class=\"trigger\"><a href=\"https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4#:~:text=In%20this,diving%20into\">5</a><span class=\"tooltip top center citation\"><a href=\"https://medium.com/@sergey.prusov/docker-container-solutions-a-complete-guide-to-docker-colima-and-popular-alternatives-c3de44a9bdf4#:~:text=In%20this,diving%20into\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJBGQH74Q81gRS6YwzivL6uub9-AAfvy0RHe-vtiCjq5U%3D\"> medium.com</span><b>5. Docker Container Solutions: A Complete Guide to Docker, Colima, and ...</b></a><span class=\"passage\">In this comprehensive guide, we’ll explore Docker itself, Colima, and other popular container solutions with real-world examples and practical implementation guides. Before diving into...</span></span></sup><sup class=\"trigger\"><a href=\"https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2#:~:text=In%20this,a%20better\">6</a><span class=\"tooltip top center citation\"><a href=\"https://medium.com/@saimouli.bandari/the-great-container-debate-docker-vs-podman-e1d7d93949d2#:~:text=In%20this,a%20better\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJBGQH74Q81gRS6YwzivL6uub9-AAfvy0RHe-vtiCjq5U%3D\"> medium.com</span><b>6. The Great Container Debate: Docker vs Podman - Medium</b></a><span class=\"passage\">In this article, we’ll delve into the pros and cons of Podman and Docker, exploring their differences, similarities, and use cases. By the end of this comparison, you’ll have a better...</span></span></sup></p>\n<p><strong>Contributor activity</strong>: The changelog shows a healthy mix of Apple engineers (jglogan, dcantah, katiewasnothere, wlan0) and external contributors, with many \"first contribution\" acknowledgments in each release. <sup class=\"trigger\"><a href=\"https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9#:~:text=Colima%20vs.,Your%20Mac.\">2</a><span class=\"tooltip top center citation\"><a href=\"https://medium.com/codex/run-docker-containers-without-admin-rights-and-license-free-2212952160a9#:~:text=Colima%20vs.,Your%20Mac.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJBGQH74Q81gRS6YwzivL6uub9-AAfvy0RHe-vtiCjq5U%3D\"> medium.com</span><b>2. Run Docker Containers Without Admin Rights and... | Medium</b></a><span class=\"passage\">Colima vs. Podman: Feature Comparison. Press enter or click to view image in full size. Podman has even podman-desktop as docker-desktop replacement, but Colima is a more native solution for MacOS.Apple’s Native Containers Explained for Beginners: From Brew to “Hello World”. Faster, Lighter, and Finally Native: Why Apple’s Containers Deserve a Spot on Your Mac.</span></span></sup><sup class=\"trigger\"><a href=\"https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/#:~:text=Podman%20tries,also%20call\">4</a><span class=\"tooltip top center citation\"><a href=\"https://www.reddit.com/r/podman/comments/1j4026j/podman_v_colima_2025_on_apple_silicon/#:~:text=Podman%20tries,also%20call\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJ-2ZqqXgwT-m6vcvZX_2cUpJsqUJgY5hpLDppjAB8i98%3D\"> www.reddit.com</span><b>4. Podman v Colima 2025, on Apple Silicon</b></a><span class=\"passage\">Podman tries very hard to be as Docker-compatible as possible, so Dockerfiles generally work exactly the same with Podman. You can also call ...</span></span></sup></p>\n<hr>\n<h3>Stability and Reliability Assessment</h3>\n<p><strong>Official project status</strong> (from README):</p>\n<p>> \"The container project is currently under active development. Its stability, both for consuming the project as a Swift package and the <code>container</code> tool, is only guaranteed within patch versions, such as between 0.1.1 and 0.1.2. Minor version number releases may include breaking changes until we achieve a 1.0.0 release.\" <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=You%20need,macOS%2026.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=You%20need,macOS%2026.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">You need a Mac with Apple silicon to run `container`. To build it, see the [BUILDING](./BUILDING.md) document. `container` is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the `container` maintainers typically will not address issues that cannot be reproduced on the macOS 26.</span></span></sup></p>\n<p><strong>Known stability concerns:</strong></p>\n<ol>\n<li>\n<p><strong>Data integrity issues</strong>: Version 0.7.1 was specifically released to address data integrity problems reported in issue #614, with changes to sync mode defaults (<code>fsync</code>)</p>\n</li>\n<li>\n<p><strong>Current open issues</strong> (53 as of January 2026):</p>\n<ul>\n<li>Networking: IPv6 support incomplete, DNS resolution issues, container-to-host routing limitations</li>\n<li>Docker-in-Docker: <code>nf_tables</code> not initialized, preventing Docker daemon inside containers</li>\n<li>Image handling: Push failures with OCI Index manifest digests, auth issues with public GCP Artifact Registry</li>\n<li>Emulation: Segmentation faults when running <code>linux/amd64</code> images via Rosetta on certain workloads</li>\n</ul>\n</li>\n<li>\n<p><strong>macOS 15 (Sequoia) limitations</strong>:</p>\n<ul>\n<li>Container-to-container communication over vmnet is <strong>not possible</strong></li>\n<li>All containers attach to a single default network; custom networks unavailable</li>\n<li>Potential subnet disagreement between network helper and vmnet, causing network isolation <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%23%23%20Project,1.0.0%20release.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%23%23%20Project,1.0.0%20release.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">## Project Status The container project is currently under active development. Its stability, both for consuming the project as a Swift package and the `container` tool, is only guaranteed within patch versions, such as between 0.1.1 and 0.1.2. Minor version number releases may include breaking changes until we achieve a 1.0.0 release.</span></span></sup></li>\n</ul>\n</li>\n<li>\n<p><strong>Container-to-host networking workaround</strong>: No direct routing to <code>127.0.0.1</code> from containers; requires <code>socat</code> relay or binding host services to <code>0.0.0.0</code> (insecure) <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=You%20need,macOS%2026.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=You%20need,macOS%2026.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">You need a Mac with Apple silicon to run `container`. To build it, see the [BUILDING](./BUILDING.md) document. `container` is supported on macOS 26, since it takes advantage of new features and enhancements to virtualization and networking in this release. We do not support older versions of macOS and the `container` maintainers typically will not address issues that cannot be reproduced on the macOS 26.</span></span></sup></p>\n</li>\n</ol>\n<hr>\n<h3>Community Acceptance and Reception</h3>\n<p><strong>GitHub metrics</strong> (as of January 2026):</p>\n<ul>\n<li><strong>23.2k stars</strong> — significant interest for a 7-month-old project</li>\n<li><strong>584 forks</strong></li>\n<li><strong>53 open issues</strong>, <strong>5 open PRs</strong></li>\n<li>Active GitHub Discussions forum<br>\n<strong>Hacker News sentiment</strong> (from WWDC 2025 announcement thread):</li>\n</ul>\n<p>The community response has been <strong>cautiously optimistic</strong>:</p>\n<ul>\n<li><strong>Positive</strong>: Security benefits of VM isolation, native macOS integration, open-source commitment, potential to simplify Docker Desktop licensing concerns</li>\n<li><strong>Concerns</strong>: Platform lock-in (Apple-only), ecosystem immaturity, missing Docker Compose equivalent, potential performance overhead for certain workloads</li>\n<li><strong>Criticism</strong>: \"Apple's implementation of things like containerization are going to be kneecapped in unimaginable small but important ways\" — skepticism about first-iteration completeness<br>\n<strong>Developer experience reports</strong>:</li>\n</ul>\n<p>One practitioner's assessment after extensive testing:</p>\n<p>> \"The central question raised — and the point of subsequent internal debate — was whether this capability possessed the necessary maturity and reliability for industrial-scale deployment. My answer to that is an unequivocal 'YES.'\"<br>\nTesting demonstrated successful builds and runs for Go and Java applications with standard multi-stage Dockerfiles, with build times comparable to Docker/Podman.</p>\n<hr>\n<h3>Comparison with Docker, colima, and Podman Desktop</h3>\n<table>\n<thead>\n<tr>\n<th>Aspect</th>\n<th>Apple <code>container</code></th>\n<th>Docker Desktop</th>\n<th>colima</th>\n<th>Podman Desktop</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td><strong>Architecture</strong></td>\n<td>VM-per-container</td>\n<td>Shared VM (all containers)</td>\n<td>Shared VM (Lima-based)</td>\n<td>Shared VM (Podman machine)</td>\n</tr>\n<tr>\n<td><strong>Isolation</strong></td>\n<td>Hypervisor-level</td>\n<td>Kernel namespaces/cgroups</td>\n<td>Kernel namespaces/cgroups</td>\n<td>Kernel namespaces/cgroups</td>\n</tr>\n<tr>\n<td><strong>macOS requirement</strong></td>\n<td>macOS 26 (Tahoe)</td>\n<td>macOS 12+</td>\n<td>macOS 10.15+</td>\n<td>macOS 13+</td>\n</tr>\n<tr>\n<td><strong>Hardware</strong></td>\n<td>Apple Silicon only</td>\n<td>Intel + Apple Silicon</td>\n<td>Intel + Apple Silicon</td>\n<td>Intel + Apple Silicon</td>\n</tr>\n<tr>\n<td><strong>Compose support</strong></td>\n<td>None (community alternatives)</td>\n<td>Native Docker Compose</td>\n<td>Docker Compose compatible</td>\n<td>Podman Compose</td>\n</tr>\n<tr>\n<td><strong>Licensing</strong></td>\n<td>Apache 2.0 (free)</td>\n<td>Subscription for enterprise</td>\n<td>MIT (free)</td>\n<td>Apache 2.0 (free)</td>\n</tr>\n<tr>\n<td><strong>Startup time</strong></td>\n<td>Sub-second</td>\n<td>Seconds (VM already running)</td>\n<td>Seconds</td>\n<td>Seconds</td>\n</tr>\n<tr>\n<td><strong>Resource overhead</strong></td>\n<td>Per-container VM overhead</td>\n<td>Single VM overhead</td>\n<td>Single VM overhead</td>\n<td>Single VM overhead</td>\n</tr>\n<tr>\n<td><strong>Ecosystem maturity</strong></td>\n<td>Nascent</td>\n<td>Extensive</td>\n<td>Moderate</td>\n<td>Growing</td>\n</tr>\n</tbody>\n</table>\n<p><strong>Docker Compose gap</strong>: This is the most significant barrier to adoption. Apple's <code>container</code> has no native Compose support. Community projects have emerged:</p>\n<ul>\n<li><strong>container-compose</strong> (Rust-based): \"A CLI to let you use the Apple container like a docker-compose config file. This tool is on 'alpha' mode.\"- <strong>Container-Compose</strong> (by Mcrich23): \"Brings (limited) Docker Compose support to Apple Container\"<br>\nThe official Docker Compose team has indicated support could be added if Apple implements the <strong>Moby API</strong>.<br>\n<strong>OrbStack consideration</strong>: The OrbStack community has discussed what Apple's framework means for their product, with users noting potential for OrbStack to leverage Apple's Containerization framework for further performance improvements.</li>\n</ul>\n<hr>\n<h3>Current Limitations and Gaps</h3>\n<ol>\n<li>\n<p><strong>macOS 26 requirement</strong>: Full functionality requires macOS Tahoe (26); macOS 15 Sequoia has significant networking limitations. The maintainers explicitly state they \"will not address issues that cannot be reproduced on macOS 26.\" <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">`container` uses the [Containerization](https://github.com/apple/containerization) Swift package for low level container, image, and process management.</span></span></sup></p>\n</li>\n<li>\n<p><strong>Apple Silicon only</strong>: No Intel Mac support. <sup class=\"trigger\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\">1</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/#:~:text=%60container%60%20uses,process%20management.\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>1. container GitHub Repo</b></a><span class=\"passage\">`container` uses the [Containerization](https://github.com/apple/containerization) Swift package for low level container, image, and process management.</span></span></sup></p>\n</li>\n<li>\n<p><strong>No Docker Compose</strong>: Multi-container orchestration requires third-party tools or manual scripting.</p>\n</li>\n<li>\n<p><strong>No Kubernetes integration</strong>: No built-in K8s support (unlike Docker Desktop's Kubernetes or colima's K3s).</p>\n</li>\n<li>\n<p><strong>Named volume limitation</strong>: \"You can't read-write a named volume across multiple running containers (VMs)\" — a consequence of the VM-per-container model. <sup class=\"trigger\"><a href=\"https://github.com/apple/container/actions#:~:text=Actions%20-,running%20Linux\">3</a><span class=\"tooltip top center citation\"><a href=\"https://github.com/apple/container/actions#:~:text=Actions%20-,running%20Linux\"><span class=\"source\"><img alt=\"\" src=\"https://p.kagi.com/proxy/favicons?c=lQ30-cxV_E2Vdyqb6hrbuYgId7qu7hecjO7o1T7aqQDFc7XpcLttL1Ryala-GNHJye4yFtnhZ7b3uL_uDtQjv6zCLPFWusm4lvLb6SKPCfI%3D\"> github.com</span><b>3. Actions</b></a><span class=\"passage\">Actions - GitHub - apple/container: A tool for creating and running Linux ...</span></span></sup></p>\n</li>\n<li>\n<p><strong>Missing features</strong>:</p>\n<ul>\n<li><code>container image commit</code> (requested)</li>\n<li>Full IPv6 support (in progress)</li>\n<li>zstd-compressed image support (requested)</li>\n</ul>\n</li>\n<li>\n<p><strong>Docker-in-Docker</strong>: Running Docker daemon inside containers fails due to missing <code>nf_tables</code> kernel module initialization.</p>\n</li>\n</ol>\n<hr>\n<h3>Viability as a Docker/colima/Podman Replacement</h3>\n<p><strong>Can replace for:</strong></p>\n<ul>\n<li>Simple single-container development workflows</li>\n<li>Security-sensitive workloads requiring strong isolation</li>\n<li>Developers already on macOS 26 with Apple Silicon</li>\n<li>Teams wanting to avoid Docker Desktop licensing costs</li>\n<li>Swift/Xcode-centric development environments</li>\n</ul>\n<p><strong>Cannot yet replace for:</strong></p>\n<ul>\n<li>Multi-container applications requiring Docker Compose (without third-party tools)</li>\n<li>Teams requiring Intel Mac support</li>\n<li>Production-parity testing with Kubernetes</li>\n<li>Workloads requiring Docker-in-Docker</li>\n<li>Cross-platform development teams</li>\n<li>Organizations on macOS 15 or earlier</li>\n</ul>\n<p><strong>Recommended adoption strategy:</strong></p>\n<ol>\n<li><strong>Evaluate on macOS 26 beta</strong> if you have Apple Silicon hardware</li>\n<li><strong>Start with simple, single-container workloads</strong> (databases, caches, single services)</li>\n<li><strong>Monitor the 1.0.0 milestone</strong> for stability guarantees</li>\n<li><strong>Watch for Moby API implementation</strong> which would unlock Docker Compose compatibility</li>\n<li><strong>Consider hybrid approach</strong>: Use Apple <code>container</code> for isolated, security-sensitive containers; keep Docker/colima for complex orchestration</li>\n</ol>\n<hr>\n<h3>Conclusion</h3>\n<p>Apple's <code>container</code> project represents a <strong>technically innovative approach</strong> to containerization on macOS, with its VM-per-container architecture providing superior security isolation compared to traditional shared-kernel models. The development velocity is impressive—7 releases in 6 months with substantial feature additions and active community contribution.</p>\n<p>However, the project is <strong>explicitly pre-1.0</strong> with stability guarantees only within patch versions. The macOS 26 requirement, Apple Silicon exclusivity, and lack of native Compose support are significant barriers to wholesale replacement of Docker, colima, or Podman Desktop for most development workflows.</p>\n<p>For experienced developers and architects, the recommendation is to <strong>track the project closely</strong> and experiment with it for appropriate workloads, but <strong>maintain existing container tooling</strong> for production-critical and complex multi-container development until the ecosystem matures and a 1.0 release provides stronger stability guarantees.</p>","md":"## Apple `container` Project: Development Progress, Stability, and Viability as a Docker Alternative\n\n### Overview\n\nApple's `container` project is a Swift-based CLI tool for running Linux containers on macOS, announced at **WWDC 2025** (June 2025). It leverages the companion **Containerization** Swift package for low-level VM, image, and process management. The project is open-source under the Apache 2.0 license and specifically optimized for Apple Silicon. [^1]\n\nThe tool produces and consumes **OCI-compatible container images**, ensuring interoperability with standard container registries and other OCI-compliant runtimes. [^1]\n\n---\n\n### Architectural Design: VM-per-Container Model\n\nUnlike Docker Desktop, colima, or Podman Desktop—which run all containers inside a single shared Linux VM—Apple's approach creates a **dedicated lightweight VM for each container**. This architecture draws inspiration from projects like Kata Containers (which merged Intel Clear Containers and Hyper). \n\n**Key architectural components:**\n\n| Component | Description |\n|-----------|-------------|\n| **Virtualization.framework** | Apple's native hypervisor for managing Linux VMs on Apple Silicon |\n| **vmnet framework** | Manages virtual networking; each container gets its own IP address |\n| **vminitd** | A minimal init system written in Swift, spawned as PID 1 inside each VM; provides a gRPC API over vsock for runtime configuration and process management |\n| **XPC** | Inter-process communication between CLI, API server, and helper processes |\n| **Launchd** | Service management for the `container-apiserver` launch agent |\n| **Keychain Services** | Secure storage for registry credentials |\n\nThe `container-apiserver` runs as a launch agent and spawns helper processes: `container-core-images` for image management, `container-network-vmnet` for networking, and `container-runtime-linux` for each running container. [^1]\n\n**Security benefits of VM-per-container:**\n- **Hypervisor-level isolation**: Each container has full VM isolation, eliminating kernel-sharing vulnerabilities\n- **Granular privacy**: Only the specific container requesting host directory access receives it\n- **Dedicated IP addresses**: Eliminates port forwarding complexity and reduces network attack vectors [^1]\n\n**Performance characteristics:**\n- Sub-second container start times via optimized Linux kernel configuration and minimal root filesystem\n- The kernel is stripped down to essential VIRTIO drivers; Kata Containers kernels are compatible [^1]\n\n---\n\n### Development Progress and Release Velocity\n\nThe project has demonstrated **aggressive development velocity** since its June 2025 launch:\n\n| Version | Release Date | Notable Features |\n|---------|--------------|------------------|\n| 0.1.0 | June 9, 2025 | Initial release |\n| 0.2.0 | June 27, 2025 | Multiple network interfaces, `system status` command, socket publishing |\n| 0.3.0 | July 30, 2025 | TCP/UDP port publishing, nested virtualization, plugin system |\n| 0.4.1 | August 28, 2025 | Named volumes, systemd support, SSH auth socket forwarding |\n| 0.5.0 | October 2, 2025 | `system property` commands, multi-image save, API server refactoring |\n| 0.6.0 | October 27, 2025 | Anonymous volumes, `--network none`, custom subnets, volume pruning |\n| 0.7.0 | December 3, 2025 | `container stats`, `system df`, Rosetta for builds, port ranges |\n| 0.7.1 | December 8, 2025 | **Data integrity fixes** (issue #614), `--max-concurrent-downloads` |\n\nBeginning with 0.3.0, the team committed to a **monthly release cycle**. [^5][^6]\n\n**Contributor activity**: The changelog shows a healthy mix of Apple engineers (jglogan, dcantah, katiewasnothere, wlan0) and external contributors, with many \"first contribution\" acknowledgments in each release. [^2][^4]\n\n---\n\n### Stability and Reliability Assessment\n\n**Official project status** (from README):\n\n> \"The container project is currently under active development. Its stability, both for consuming the project as a Swift package and the `container` tool, is only guaranteed within patch versions, such as between 0.1.1 and 0.1.2. Minor version number releases may include breaking changes until we achieve a 1.0.0 release.\" [^1]\n\n**Known stability concerns:**\n\n1. **Data integrity issues**: Version 0.7.1 was specifically released to address data integrity problems reported in issue #614, with changes to sync mode defaults (`fsync`) \n\n2. **Current open issues** (53 as of January 2026):\n - Networking: IPv6 support incomplete, DNS resolution issues, container-to-host routing limitations\n - Docker-in-Docker: `nf_tables` not initialized, preventing Docker daemon inside containers\n - Image handling: Push failures with OCI Index manifest digests, auth issues with public GCP Artifact Registry\n - Emulation: Segmentation faults when running `linux/amd64` images via Rosetta on certain workloads\n3. **macOS 15 (Sequoia) limitations**:\n - Container-to-container communication over vmnet is **not possible**\n - All containers attach to a single default network; custom networks unavailable\n - Potential subnet disagreement between network helper and vmnet, causing network isolation [^1]\n\n4. **Container-to-host networking workaround**: No direct routing to `127.0.0.1` from containers; requires `socat` relay or binding host services to `0.0.0.0` (insecure) [^1]\n\n---\n\n### Community Acceptance and Reception\n\n**GitHub metrics** (as of January 2026):\n- **23.2k stars** — significant interest for a 7-month-old project\n- **584 forks**\n- **53 open issues**, **5 open PRs**\n- Active GitHub Discussions forum\n**Hacker News sentiment** (from WWDC 2025 announcement thread):\n\nThe community response has been **cautiously optimistic**:\n\n- **Positive**: Security benefits of VM isolation, native macOS integration, open-source commitment, potential to simplify Docker Desktop licensing concerns\n- **Concerns**: Platform lock-in (Apple-only), ecosystem immaturity, missing Docker Compose equivalent, potential performance overhead for certain workloads\n- **Criticism**: \"Apple's implementation of things like containerization are going to be kneecapped in unimaginable small but important ways\" — skepticism about first-iteration completeness\n**Developer experience reports**:\n\nOne practitioner's assessment after extensive testing:\n\n> \"The central question raised — and the point of subsequent internal debate — was whether this capability possessed the necessary maturity and reliability for industrial-scale deployment. My answer to that is an unequivocal 'YES.'\"\nTesting demonstrated successful builds and runs for Go and Java applications with standard multi-stage Dockerfiles, with build times comparable to Docker/Podman.\n---\n\n### Comparison with Docker, colima, and Podman Desktop\n\n| Aspect | Apple `container` | Docker Desktop | colima | Podman Desktop |\n|--------|-------------------|----------------|--------|----------------|\n| **Architecture** | VM-per-container | Shared VM (all containers) | Shared VM (Lima-based) | Shared VM (Podman machine) |\n| **Isolation** | Hypervisor-level | Kernel namespaces/cgroups | Kernel namespaces/cgroups | Kernel namespaces/cgroups |\n| **macOS requirement** | macOS 26 (Tahoe) | macOS 12+ | macOS 10.15+ | macOS 13+ |\n| **Hardware** | Apple Silicon only | Intel + Apple Silicon | Intel + Apple Silicon | Intel + Apple Silicon |\n| **Compose support** | None (community alternatives) | Native Docker Compose | Docker Compose compatible | Podman Compose |\n| **Licensing** | Apache 2.0 (free) | Subscription for enterprise | MIT (free) | Apache 2.0 (free) |\n| **Startup time** | Sub-second | Seconds (VM already running) | Seconds | Seconds |\n| **Resource overhead** | Per-container VM overhead | Single VM overhead | Single VM overhead | Single VM overhead |\n| **Ecosystem maturity** | Nascent | Extensive | Moderate | Growing |\n\n**Docker Compose gap**: This is the most significant barrier to adoption. Apple's `container` has no native Compose support. Community projects have emerged:\n\n- **container-compose** (Rust-based): \"A CLI to let you use the Apple container like a docker-compose config file. This tool is on 'alpha' mode.\"- **Container-Compose** (by Mcrich23): \"Brings (limited) Docker Compose support to Apple Container\"\nThe official Docker Compose team has indicated support could be added if Apple implements the **Moby API**.\n**OrbStack consideration**: The OrbStack community has discussed what Apple's framework means for their product, with users noting potential for OrbStack to leverage Apple's Containerization framework for further performance improvements.\n---\n\n### Current Limitations and Gaps\n\n1. **macOS 26 requirement**: Full functionality requires macOS Tahoe (26); macOS 15 Sequoia has significant networking limitations. The maintainers explicitly state they \"will not address issues that cannot be reproduced on macOS 26.\" [^1]\n\n2. **Apple Silicon only**: No Intel Mac support. [^1]\n\n3. **No Docker Compose**: Multi-container orchestration requires third-party tools or manual scripting.\n\n4. **No Kubernetes integration**: No built-in K8s support (unlike Docker Desktop's Kubernetes or colima's K3s).\n\n5. **Named volume limitation**: \"You can't read-write a named volume across multiple running containers (VMs)\" — a consequence of the VM-per-container model. [^3]\n\n6. **Missing features**:\n - `container image commit` (requested)\n - Full IPv6 support (in progress)\n - zstd-compressed image support (requested)\n\n7. **Docker-in-Docker**: Running Docker daemon inside containers fails due to missing `nf_tables` kernel module initialization.\n---\n\n### Viability as a Docker/colima/Podman Replacement\n\n**Can replace for:**\n- Simple single-container development workflows\n- Security-sensitive workloads requiring strong isolation\n- Developers already on macOS 26 with Apple Silicon\n- Teams wanting to avoid Docker Desktop licensing costs\n- Swift/Xcode-centric development environments\n\n**Cannot yet replace for:**\n- Multi-container applications requiring Docker Compose (without third-party tools)\n- Teams requiring Intel Mac support\n- Production-parity testing with Kubernetes\n- Workloads requiring Docker-in-Docker\n- Cross-platform development teams\n- Organizations on macOS 15 or earlier\n\n**Recommended adoption strategy:**\n\n1. **Evaluate on macOS 26 beta** if you have Apple Silicon hardware\n2. **Start with simple, single-container workloads** (databases, caches, single services)\n3. **Monitor the 1.0.0 milestone** for stability guarantees\n4. **Watch for Moby API implementation** which would unlock Docker Compose compatibility\n5. **Consider hybrid approach**: Use Apple `container` for isolated, security-sensitive containers; keep Docker/colima for complex orchestration\n\n---\n\n### Conclusion\n\nApple's `container` project represents a **technically innovative approach** to containerization on macOS, with its VM-per-container architecture providing superior security isolation compared to traditional shared-kernel models. The development velocity is impressive—7 releases in 6 months with substantial feature additions and active community contribution.\n\nHowever, the project is **explicitly pre-1.0** with stability guarantees only within patch versions. The macOS 26 requirement, Apple Silicon exclusivity, and lack of native Compose support are significant barriers to wholesale replacement of Docker, colima, or Podman Desktop for most development workflows.\n\nFor experienced developers and architects, the recommendation is to **track the project closely** and experiment with it for appropriate workloads, but **maintain existing container tooling** for production-critical and complex multi-container development until the ecosystem matures and a 1.0 release provides stronger stability guarantees.","profile":{"id":null,"name":null,"accessible":true,"subtitle":"Experimental research engine, expensive","model":"ki_deep_research","deprecate":false,"retired":false,"successor_model":null,"model_name":"Research (Experimental)","model_provider":"kagi","model_input_limit":1000000,"recommended":false,"model_info":"\n\n\n\n<div class=\"heading\">\n <div class=\"left\">\n \n \n \n <svg class=\"model-icon icon-xs\" data-model=\"ki_deep_research\">\n <use href=\"#icon-kagi\"/>\n </svg>\n <h3>\n \n <span class=\"model-provider\">Kagi</span>\n \n <span class=\"model-name\">none</span>\n </h3>\n </div>\n\n \n <a href=\"/settings?p=custom_assistant&id=none\">\n <svg class=\"icon-sm edit-icon\" aria-hidden=\"true\">\n <use href=\"#icon-pencil\" />\n </svg>\n </a>\n \n</div>\n\n\n<hr />\n<ul>\n \n <li>\n <h4>\n Cost\n </h4>\n <span>\n \n \n \n\n \n \n \n\n <div class=\"score\" aria-label=\"Expensive\">\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-cost --high\"></div>\n \n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-cost --high\"></div>\n \n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-cost --high\"></div>\n \n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-cost --high\"></div>\n \n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-cost --high\"></div>\n \n \n </div>\n</span>\n </li>\n <li>\n <h4>\n Quality\n </h4>\n <span>\n \n \n \n\n \n \n \n\n <div class=\"score\" aria-label=\"Rated 5 out of 5\">\n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n </div>\n</span>\n </li>\n <li>\n <h4>\n Speed\n </h4>\n <span>\n \n \n \n\n \n \n \n\n <div class=\"score\" aria-label=\"Rated 2 out of 5\">\n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"unfilled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"unfilled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"unfilled-bubble\"></div>\n \n \n </div>\n</span>\n </li>\n <li>\n <h4>\n Privacy\n </h4>\n <span>\n \n \n \n\n \n \n \n\n <div class=\"score\" aria-label=\"Rated 4 out of 5\">\n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"filled-bubble\"></div>\n \n \n \n \n <div aria-hidden=\"true\" class=\"unfilled-bubble\"></div>\n \n \n </div>\n</span>\n </li>\n <hr />\n <li>\n <h4>Last updated</h4>\n <span class=\"date\">\n \n \n 2025-12-09\n \n \n </span>\n </li>\n \n</ul>\n\n\n","model_provider_name":"Kagi","internet_access":true,"personalizations":true,"shortcut":null,"is_default_profile":false},"metadata":"<li>\n <span class=\"attribute\">Model</span>\n <span class=\"value\"><i class=\"icon-xs mr-4\"><svg><use href=\"#icon-kagi\"></use></svg></i>Research (Experimental)</span>\n</li>\n<li>\n <span class=\"attribute\">Version</span>\n <span class=\"value\">ki_deep_research-2025-12-09</span>\n</li>\n<li>\n <span class=\"attribute\">Speed (tok/s)</span>\n <span class=\"value\">15</span>\n</li>\n<li>\n <span class=\"attribute\">Tokens</span>\n <span class=\"value\">47,682</span>\n</li>\n<li>\n <span class=\"attribute\">Cost / Total ($)</span>\n <span class=\"value\">0.47 / 0.47</span>\n</li>\n<li>\n <span class=\"attribute\">End to end time (s)</span>\n <span class=\"value\">369.32</span>\n</li>\n<li>\n <span class=\"attribute\">Submitted</span>\n <span class=\"value\">2026-01-12 21:06</span>\n</li>\n\n","documents":[]}]