Darwin native containers

Warning

This software is very alpha. Use at your own risk.

Installation

Prerequisites:

• Catalina or newer

• Disable System Integrity Protection. SIP doesn’t allow to chroot.

• Homebrew

# Install packages
brew install --cask macfuse
brew install docker docker-buildx darwin-containers/formula/dockerd

# Start services
sudo brew services start containerd
sudo brew services start dockerd

Then, add "cliPluginsExtraDirs" to ~/.docker/config.json, so Docker is able to find buildx plugin:

{
  "cliPluginsExtraDirs": [
      "/opt/homebrew/lib/docker/cli-plugins"
  ]
}

Usage

Authenticate to GitHub Container Registry using instructions.

echo <YOUR_ACCESS_TOKEN> | docker login ghcr.io -u <GITHUB_USERNAME> --password-stdin

Then, run your first Darwin container:

On Apple Silicon

sudo go run cmd/ctr/main.go run --rm -t --runtime "$(pwd)/../rund/bin/containerd-shim-rund-v1" ghcr.io/darwin-containers/darwin-jail/ventura-arm64:latest my_container /bin/sh -c 'echo "Hello from Darwin container ^_^"'

On Intel

sudo go run cmd/ctr/main.go run --rm -t --runtime "$(pwd)/../rund/bin/containerd-shim-rund-v1" ghcr.io/darwin-containers/darwin-jail/ventura-i386:latest my_container /bin/sh -c 'echo "Hello from Darwin container ^_^"'

How does it work?

See rund repository for under-the-hood machinery.