Get the top HN stories in your inbox every day.
gdubs
givemeethekeys
> And it's local and on device.
Does that explain why you don't have to worry about token usage? The models run locally?
hbcondo714
> You don’t have to worry about the exact tokens that Foundation Models operates with, the API nicely abstracts that away for you [1]
I have the same question. Their Deep dive into the Foundation Models framework video is nice for seeing code using the new `FoundationModels` library but for a "deep dive", I would like to learn more about tokenization. Hopefully these details are eventually disclosed unless someone else here already knows?
[1] https://developer.apple.com/videos/play/wwdc2025/301/?time=1...
refulgentis
I guess I'd say "mu", from a dev perspective, you shouldn't care about tokens ever - if your inference framework isn't abstracting that for you, your first task would be to patch it to do so.
To parent, yes this is for local models, so insomuch worrying about token implies financial cost, yes
rubicon33
The direction the software engineering is going in with this whole "vibe coding" thing is so depressing to me.
I went into this industry because I grew up fascinated by computers. When I learned how to code, it was about learning how to control these incredible machines. The joy of figuring something out by experimenting is quickly being replaced by just slamming it into some "generative" tool.
I have no idea where things go from here but hopefully there will still be a world where the craft of hand writing code is still valued. I for one will resist the "vibe coding" train for as long as I possibly can.
spagoop
To be meta about it, I would argue that thinking "generatively" is a craft in and of itself. You are setting the conditions for work to grow rather than having top-down control over the entire problem space.
Where it gets interesting is being pushed into directions that you wouldn't have considered anyway rather than expediting the work you would have already done.
I can't speak for engineers, but that's how we've been positioning it in our org. It's worth noting that we're finding GenAI less practical in design-land for pushing code or prototyping, but insanely helpful helping with research and discovery work.
We've been experimenting with more esoteric prompts to really challenge the models and ourselves.
Here's a tangible example: Imagine you have an enormous dataset of user-research, both qual and quant, and you have a few ideas of how to synthesize the overall narrative, but are still hitting a wall.
You can use a prompt like this to really get the team thinking:
"What empty spaces or absences are crucial here? Amplify these voids until they become the primary focus, not the surrounding substance. Describe how centering nothingness might transform your understanding of everything else. What does the emptiness tell you?"
or
"Buildings reveal their true nature when sliced open. That perfect line that exposes all layers at once - from foundation to roof, from public to private, from structure to skin.
What stories hide between your floors? Cut through your challenge vertically, ruthlessly. Watch how each layer speaks to the others. Notice the hidden chambers, the unexpected connections, the places where different systems touch.
What would a clean slice through your problem expose?"
LLM's have completely changed our approach to research and, I would argue, reinvigorated an alternate craftsmanship to the ways in which we study our products and learn from our users.
Of course the onus is on us to pick apart the responses for any interesting directions that are contextually relevant to the problem we're attempting to solve, but we are still in control of the work.
Happy to write more about this if folks are interested.
alt227
Reading this post is like playing buzz word bingo!
gdubs
Personally I still love the craft of software. But there are times where boilerplate really kills the fun of setting something up, to take one example.
Or like this week I was sick and didn't have the energy to work in my normal way and it was fun to just tell ChatGPT to build a prototype I had in mind.
We live in a world of IKEA furniture - yet people still desire handmade furniture, and people still enjoy and take deep satisfaction in making them.
All this to say I don't blame you for being dismayed. These are fairly earth shattering developments we're living through and if it doesn't cause people to occasionally feel uneasy or even nostalgia for simpler times, then they're not paying attention.
pyman
I share your frustration. But for better or worse, computer language will eventually be replaced by human language. It's inevitable :(
tansan
This sounds like a boomer trying to resist using Google in favor of encyclopedias.
Vibe coding can be whatever you want to make of it. If you want to be prescriptive about your instructions and use it as a glorified autocomplete, then do it. You can also go at it from a high-level point of view. Either way, you still need to code review the AI code as if it was a PR.
aziaziazi
Is any AI assisted coding === Vibe Coding now?
Coding with an AI can be whatever one can achieve, however I don’t see how vibe coding would be related to an autocomplete: with an autocomplete you type a bit of code that a program (AI or not) complete. In VC you almost doesn’t interact with the editor, perhaps only for copy/paste or some corrections. I’m not even sure for the manual "corrections" parts if we take Simon Willinson definition [0], which you’re not forced to obviously, however if there’s contradictory views I’ll be glad to read them.
0 > If an LLM wrote every line of your code, but you've reviewed, tested, and understood it all, that's not vibe coding in my book—that's using an LLM as a typing assistant
https://arstechnica.com/ai/2025/03/is-vibe-coding-with-ai-gn...
(Your may also consider rethinking your first paragraph up to HN standards because while the content is pertinent, the form sounds like a youngster trying to demo iKungFu on his iPad to Jackie Chan)
rubicon33
This sounds like someone who doesn't actually know how to code, doesn't enjoy the craft, and probably only got into the industry because it pays well and not because they actually enjoy it.
fragmede
No, that's what's separates the vibecoding from the glorified autocomplete. as originally defined, vibe coding doesn't include the final code review of the generated code, just a quick spot check, and then moving on to the next prompt.
msgodel
Karpathy's definition of vibe coding as I understood it was just verbally directing an agent based on vibes you got from the running app without actually seeing the code.
hooverd
You can take an augmented approach, a sort of capability fusion, or you can spam regenerate until it works.
swsieber
No, this sounds like an IC resisting becoming a manager.
pzo
I might we wrong but I guess this will only works on iphone 16 devices and iphone 15 pro - thus drastically limits your user base and you would still have to use online API for most apps. I was hoping they provide free ai api on their private cloud for other devices even if also running small models
jjcob
If you start writing an app now, by the time it's polished enough to release it, the iPhone 16 will already be a year old phone, and there will be plenty potential customers.
If your app is worthwhile, and gets popular in a few years, by that time iPhone 16 will be an old phone and a reasonable minimum target.
Skate to where the puck is going...
rs186
Developers could be adding a feature utilizing LLMs to their existing app that already has a large user base. This could be a matter of a few weeks from an idea ti shipping the feature. While competitors use API calls to just "get things done", you are trying to figure out how to serve both iPhone 16 and older users, and potentially Android/web users if your product is also available elsewhere. I don't see how an iPhone 16 only feature helps anyone's product development, especially when the quality still remains to be seen.
edude03
Basically this - network effects are huge. People will definitely by hardware if it solves a problem for them - so many people bought blackberries just for BBM.
geodel
Exactly, it can take at least a couple of years to get big/important apps to use iOS, macOS features. By that Iphone 16 would be quite common.
dangus
Drastically limits your user base for like 3 years.
Phones still get replaced often, and the people who don’t replace them are the type of people who won’t spend a lot of money on your app.
charliebwrites
If the new foundation models are on device, does that mean they’re limited to information they were trained on up to that point?
Or do have the ability to reach out to the internet for up to the moment information?
dwaite
In addition to context you provide, the API lets you programmatically declare tools
pxc
I hoped for a moment that "Containerization Framework" meant that macOS itself would be getting containers. Running Linux containers and VMs on macOS via virtualization is already pretty easy and has many good options. If you're willing to use proprietary applications to do this, OrbStack is the slickest, but Lima/Colima is fine, and Podman Desktop and Rancher Desktop work well, too.
The thing macOS really painfully lacks is not ergonomic ways to run Linux VMs, but actual, native containers-- macOS containers. And third parties can't really implement this well without Apple's cooperation. There have been some efforts to do this, but the most notable one is now defunct, judging by its busted/empty website[1] and deleted GitHub organization[2]. It required disabling SIP to work, back when it at least sort-of worked. There's one newer effort that seems to be alive, but it's also afflicted with significant limitations for want of macOS features[3].
That would be super useful and fill a real gap, meeting needs that third-party software can't. Instead, as wmf has noted elsewhere in these comments, it seems they've simply "Sherlock'd" OrbStack.
--
1: https://macoscontainers.org/
emadda
> The thing macOS really painfully lacks is not ergonomic ways to run Linux VMs, but actual, native containers-- macOS containers
Linux container processes run on the host kernel with extra sandboxing. The container image is an easily sharable and runnable bundle.
macOS .app bundles are kind of like container images.
You can sign them to ensure they are not modified, and put them into the “registry” (App Store).
The Swift ABI ensures it will likely run against future macOS versions, like the Linux system APIs.
There is a sandbox system to restrict file and network access. Any started processes inherit the sandbox, like containers.
One thing missing is fine grained network rules though - I think the sandbox can just define “allow outbound/inbound”.
Obviously “.app”s are not exactly like container images , but they do cover many of the same features.
xyzzy_plugh
You're kind of right. But at the same time they are nowhere close. The beauty of Linux containerization is that processes can be wholly ignorant that they are not in fact running as root. The containers get, what appear to them, to be the whole OS to themselves.
You don't get that in macOS. It's more of a jail than a sandbox. For example, as an app you can't, as far as I know, shell out and install homebrew and then invoke homebrew and install, say, postgres, and run it, all without affecting the user's environment. I think that's what people mean when they say macOS lacks native containers.
emadda
Good point, apps are missing the docker layered file system to isolate container file writes.
doctorpangloss
It's not that macoscontainers is empty, it's that the site is https://darwin-containers.github.io
Read more about it here - https://github.com/darwin-containers
The developer is very responsive.
One of Apple's biggest value props to other platforms is environment integrity. This is why their containerization / automation story is worse than e.g. Android.
pxc
Ah, that's great! I'd forgotten it moved and struggled to track it down.
griels
Hard same. I wonder if this does anything different to the existing projects that would mean one could use the WSL2 approach where containerd is running in the Linux micro-VM. A key component is the RPC framework - seems to be how orbstack's `macctl` command does it. I see mention of GRPC, sandboxes and containers in the binfmt_misc handling code, which is promising:
https://github.com/apple/containerization/blob/d1a8fae1aff6f...
NewJazz
What would these be useful for?
pxc
Providing isolated environments for CI machines and other build environments!
If the sandboxing features a native containerization system relied on were also exposed via public APIs, those could could also potentially be leveraged by developer tools that want to have/use better sandboxing on macOS. Docker and BuildKit have native support for Windows containers, for instance. If they could also support macOS the same way, that would be cool for facilitating isolated macOS builds without full fat VMs. Tools like Dagger could then support more reproducible build pipelines on macOS hosts.
It could also potentially provide better experiences for tools like devcontainers on macOS as well, since sharing portions of your filesystem to a VM is usually trickier and slower than just sharing those files with a container that runs under your same kernel.
For many of these use cases, Nix serves very well, giving "just enough" isolation for development tasks, but not too much. (I use devenv for this at work and at home.) But Nix implementations themselves could also benefit from this! Nix internally uses a sandbox to help ensure reproducible builds, but the implementation on macOS is quirky and incomplete compared to the one on Linux. (For reasons I've since forgotten, I keep it turned off on macOS.)
raydev
Clean build environments for CICD workflows, especially if you're building/deploying many separate projects and repos. Managing Macs as standalone build machines is still a huge headache in 2025.
BrandonSmith
What's wrong with Cirrus CLI and Tart built on Apple's Virtualization.framework?
wpm
Same thing containers/jails are useful for on Linux and *BSD, without needing to spin up an entirely separate kernel to run in a VM to handle it.
tensor
MacOS apps can already be sandboxed. In fact it's a requirement to publish them to the Mac App Store. I agree it'd be nice to see this extended to userland binaries though.
NewJazz
People use containers server side in Linux land mostly... Some desktop apps (flatpak is basically a container runtime) but the real draw is server code.
Do you think people would be developing and/or distributing end user apps via macOS containers?
itake
I might misunderstand the project, but I wish there was a secure way for me to execute github projects. Recently, the OS has provided some controls to limit access to files, etc. but I'd really like a "safe boot" version that doesn't allow the program to access the disk or network.
the firewall tools are too clunky (and imho unreliable).
doctorpangloss
Orchestrating macOS only software, like Xcode, and software that benefits from Environment integrity, like browsers.
csomar
ie: You want to build a binary for macOS from your Linux machine. Right now, it is possible but you still need a macOS license and to go through hoops. If you were able to containerize macOS, then you create a container and then compile your program inside it.
nixosbestos
No, that's not at all how that would work. You're not building a macOS binary natively under a Linux kernel.
dedicate
Okay, the AI stuff is cool, but that "Containerization framework" mention is kinda huge, right? I mean, native Linux container support on Mac could be a game-changer for my whole workflow, maybe even making Docker less of a headache.
12_throw_away
FWIW, here are the repos for the CLI tool [1] and backend [2]. Looks like it is indeed VM-based container support (as opposed to WSLv1-style syscall translation or whatever):
Containerization provides APIs to:
[...]
- Create an optimized Linux kernel for fast boot times.
- Spawn lightweight virtual machines.
- Manage the runtime environment of virtual machines.
torginus
I'm kinda ignorant about the current state of Linux VMs, but my biggest gripe with VMs is that OS kernels kind of assume they have access to all the RAM the hardware has - unlike the reserve/commit scheme processes use for memory.
Is there a VM technology that can make Linux aware that it's running in a VM, and be able to hand back the memory it uses to the host OS?
Or maybe could Apple patch the kernel to do exactly this?
Running Docker in a VM always has been quite painful on Mac due to the excess amount of memory it uses, and Macs not really having a lot of RAM.
rwmj
It's still a problem for containers-in-VMs. You can in theory do something with either memory ballooning or (more modern) memory hotplugging, but the dance between the OS and the hypervisor takes a relatively long time to complete, and Linux just doesn't handle it well (eg. it inevitably places unmovable pages into newly reserved memory, meaning it can never be unplugged). We never found a good way to make applications running inside the VM able to transparently allocate memory. You can overprovision memory, and hypervisors won't actually allocate it on the host, and that's the best you can do, but this also has problems since Linux tends to allocate a bunch of fixed data structures proportional to the size of memory it thinks it has available.
StopDisinfo910
That's called memory balooning and is supported by KVM on Linux. Proxmox for example can do that. It does need support on both the host and the guest.
HighGoldstein
> Is there a VM technology that can make Linux aware that it's running in a VM, and be able to hand back the memory it uses to the host OS?
Isn't this an issue of the hypervisor? The guest OS is just told it has X amount of memory available, whether this memory exists or not (hence why you can overallocate memory for VMs), whether the hypervisor will allocate the entire amount or just what the guest OS is actually using should depend on the hypervisor itself.
trws
The short answer is yes, Linux can be informed to some extent but often you still want a memory balloon driver so that the host can “allocate” memory out of the VM so the host OS can reclaim that memory. It’s not entirely trivial but the tools exist, and it’s usually not too bad on vz these days when properly configured.
Asmod4n
It’s one reason i don’t like WSL2. When you compile something which needs 30 GB RAM the only thing you can do is terminate the wsl2 vm to get that ram back.
geraneum
I just noticed the addition of container cask when I ran b”brew update”.
I chased the package’s source and indeed it’s pointing to this repo.
You can install and use it now on the latest macOS (not 26). I just ran “container run nginx” and it worked alright it seems. Haven’t looked deeper yet.
notpushkin
There’s some problem with networking: if you try to run multiple containers, they won’t see each other. Could probably be solved by running a local VPN or something.
cogman10
WSLv1 never supported a native docker (AFAIK, perhaps I'm wrong?)
That said, I'd think apple would actually be much better positioned to try the WSL1 approach. I'd assume apple OS is a lot closer to linux than windows is.
selkin
This doesn't look like WSL1. They're not running Linux syscalls to the macOS kernel, but running Linux in a VM, more like the WSL2[0] approach.
[0] https://devblogs.microsoft.com/commandline/announcing-wsl-2/...
mikepurvis
In the end they're probably run into the same issues that killed WSL1 for Microsoft— the Linux kernel has enormous surface area, and lots of pretty subtle behaviour, particularly around the stuff that is most critical for containers, like cgroups and user namespaces. There isn't an externally usable test suite that could be used to validate Microsoft's implementation of all these interfaces, because... well, why would there be?
Maintaining a working duplicate of the kernel-userspace interface is a monumental and thankless task, and especially hard to justify when the work has already been done many times over to implement the hardware-kernel interface, and there's literally Hyper-V already built into the OS.
fiddlerwoaroof
Yeah, it probably would be feasible to dust off the FreeBSD Linux compatibility layer[1] and turn that into native support for Linux apps on Mac.
I think Apple’s main hesitation would be that the Linux userland is all GPL.
paxys
It's impossible to have "native" support for Linux containers on macOS, since the technology inherently relies on Linux kernel features. So I'm guessing this is Apple rolling out their own Linux virtualization layer (same as WSL). Probably still an improvement over the current mess, but if they just support LXC and not Docker then most devs will still need to install Docker Desktop like they do today.
tensor
Apple has had a native hypervisor for some time now. This is probably a baked in clone of something like https://mac.getutm.app/ which provides the stuff on top of the hypervisor.
neuralkoi
In case you're wondering, the Hypervisor.framework C API is really neat and straightforward:
1. Creating and configuring a virtual machine:
hv_vm_create(HV_VM_DEFAULT);
void* memory = mmap(...);
hv_vm_map(memory, guest_physical_address, size, HV_MEMORY_READ | HV_MEMORY_WRITE | HV_MEMORY_EXEC);
hv_vcpu_create(&vcpu, HV_VCPU_DEFAULT);
hv_vcpu_write_register(vcpu, HV_X86_RIP, 0x1000); // Set instruction pointer
hv_vcpu_write_register(vcpu, HV_X86_RSP, 0x8000); // Stack pointer
hv_vcpu_run(vcpu);
hv_vcpu_exit_reason_t reason;
hv_vcpu_read_register(vcpu, HV_X86_EXIT_REASON, &reason);conradev
One of the reasons OrbStack is so great is because they implement their own hypervisor: https://orbstack.dev/
Apple’s stack gives you low-level access to ARM virtualization, and from there Apple has high-level convenience frameworks on top. OrbStack implements all of the high-level code themselves.
watermelon0
Using a hypervisor means just running a Linux VM, like WSL2 does on Windows. There is nothing native about it.
Native Linux (and Docker) support would be something like WSL1, where Windows kernel implemented Linux syscalls.
jzelinskie
The screenshot in TFA pretty clearly shows docker-like workflows pulling images, showing tags and digests and running what looks to be the official Docker library version of Postgres.
paxys
Every container system is "docker-like". Some (like Podman) even have a drop-in replacement for the Docker CLI. Ultimately there are always subtle differences which make swapping between Docker <> Podman <> LXC or whatever else impossible without introducing messy bugs in your workflow, so you need to pick one and stick to it.
darkwater
Yeah, from a quick glance the options are 1:1 mapped so an
alias docker='container'
bandoti
What about macOS being derived from BSD? Isn’t that where containers came from: BSD jails?
I know the container ecosystem largely targets Linux just curious what people’s thoughts are on that.
p_ing
OS X pulls some components of FreeBSD into kernel space, but not all (and those are very old at this point). It also uses various BSD bits for userspace.
Good read from horse mouth:
https://developer.apple.com/library/archive/documentation/Da...
formerly_proven
„Container“ is sort of synonymous with „OCI-compatible container“ these days, and OCI itself is basically a retcon standard for docker (runtime, images etc.). So from that perspective every „container system“ is necessarily „docker-like“ and that means Linux namespaces and cgroups.
hangonhn
Conceptually similar but different implementations. Containers uses cgroups in Linux and there is also file system and network virtualization as well. It's not impossible but it would require quite a bit of work.
sarlalian
Another really good read about containers, jails and zones.
McAlpine5892
BSD jails are architected wholly differently from what something like Docker provides.
Jails are first-class citizens that are baked deep into the system.
A tool like Docker relies using multiple Linux features/tools to assemble/create isolation.
Additionally, iirc, the logic for FreeBSD jails never made it into the Darwin kernel.
Someone correct me please.
enceladus06
WSL throughput is not enough for file intensive operations. It is much easier and straightforward to just delete windows and use Linux.
sarlalian
Unless you need to have a working video or audio config as well.
okanat
Using the Linux filesystem has almost no performance penalty under WSL2 since it is a VM. Docker Desktop automatically mounts the correct filesystem. Crossing the OS boundary for Windows files has some overhead of course but that's not the usecase WSL2 is optimized for.
With WSL2 you get the best of both worlds. A system with perfect driver and application support and a Linux-native environment. Hybrid GPUs, webcams, lap sensors etc. all work without any configuration effort. You get good battery life. You can run Autodesk or Photoshop but at the same time you can run Linux apps with almost no performance loss.
msgodel
If they implemented the Linux syscall interface in their kernel they absolutely could.
vips7L
Aren't the syscalls a constant moving target? Didn't even Microsoft fail at keeping up with them in WSL?
rjsw
FreeBSD and NetBSD do this.
NewJazz
They didn't.
sequence7
WSL doesn't have a virtualization layer, WSL1 did have but it wasn't a feasible approach so WSL2 is basically running VMs with the Hyper-V hypervisor.
Apple looks like it's skipped the failed WSL1 and gone straight for the more successful WSL2 approach.
DidYaWipe
I installed Orbstack without Docker Desktop.
pjmlp
WSL 1.0, given that WSL 2.0 is regular Linux VM running on HYPER-V.
thde
> Meet Containerization, an open source project written in Swift to create and run Linux containers on your Mac. Learn how Containerization approaches Linux containers securely and privately. Discover how the open-sourced Container CLI tool utilizes the Containerization package to provide simple, yet powerful functionality to build, run, and deploy Linux Containers on Mac.
shellac
> Containerization executes each Linux container inside of its own lightweight virtual machine.
That’s an interesting difference from other Mac container systems. Also (more obvious) use Rosetta 2.
selkin
Podman Desktop, and probably other Linux-containers on macOS tools, can already create multiple VMs, each hosting a subset of the containers you run on your Mac.
What seems to be different here, is that a VM per each container is the default, if not only, configuration. And that instead of mapping ports to containers (which was always a mistake in my opinion), it creates an externally routed interface per machine, similar to how it would work if you'd use macvlan as your network driver in Docker.
Both of those defaults should remove some sharp edges from the current Linux-containers on macOS workflows.
WhyNotHugo
The ground keeps shrinking for Docker Inc.
They sold Docker Desktop for Mac, but that might start being less relevant and licenses start to drop.
On Linux there’s just the cli, which they can’t afford to close since people will just move away.
Docker Hub likely can’t compete with the registries built into every other cloud provider.
aequitas
There is already a paid alternative, Orbstack, for macOS which puts Docker for Mac to shame in terms of usability, features and performance. And then there are open alternatives like Colima.
marcalc
Use OrbStack for sometime, made my dev team’s m1 run our kubernetes pods in a much lighter fashion. Love it.
cromka
How does it compare to Podman, though?
pjmlp
That is why they are now into the reinventing application servers with WebAssembly kind of vibe.
9dev
It’s really awful. There’s a certain size at which you can pivot and keep most of your dignity, but for Docker Inc., it’s just ridiculous.
amelius
They got Sherlocked.
mmcnl
It's cool but also not as revolutionary as you make it sound. You can already install Podman, Orbstack or Colima right? Not sure which open-source framework they are using, but to me it seems like an OS-level integration of one of these tools. That's definitely a big win and will make things easier for developers, but I'm not sure if it's a gamechanger.
rnubel
All those tools use a Linux VM (whether managed by Qemu or VZ) to run the actual containers, though, which comes with significant overhead. Native support for running containers -- with no need for a VM -- would be huge.
SpaceNugget
there's still a VM involved to run a Linux container on a Mac. I wouldn't expect any big performance gains here.
jemmyw
Still needs a VM. It'll be running more VMs than something like orbstack, which I believe runs just one for the docker implementation. Whether that means better or worse performance we'll find out.
mmcnl
Yes, it seems like it's actually a more refined implementation than what currently exists. Call me pleasantly surprised!
timsneath
The framework that container uses is built in Swift and also open sourced today, along with the CLI tool itself: https://github.com/apple/containerization
selkin
It looks like nothing here is new: we have all the building blocks already. What Apple done is packaged it all nicely, which is nothing to discount: there's a reason people buy managed services over just raw metal for hosting their services, and having a batteries included development environment is worth a premium over the need to assemble it on your own.
mrbonner
The containerization experience on macOS has historically been underwhelming in terms of performance. Using Docker or Podman on a Mac often feels sluggish and unnecessarily complex compared to native Linux environments. Recently, I experimented with Microsandbox, which was shared here a few weeks ago, and found its performance to be comparable to that of native containers on Linux. This leads me to hope that Apple will soon elevate the developer experience by integrating robust containerization support directly into macOS, eliminating the need for third-party downloads.
nottorp
Docker at least runs a linux vm that runs all those containers. Which is a lot of needless overhead.
The equivalent of Electron for containers :)
rcarmo
Use Colima.
marviel
yeah -- I saw it's built on "open source foundations", do you know what project this is?
mmcnl
My guess is Podman. They released native hypervisor support on macOS last year. https://devclass.com/2024/03/26/podman-5-0-released-with-nat...
stock_toaster
My guess is nerdctl and containerd.
underdeserver
The CLI sure looks a lot like Docker.
shellac
If I had to guess, colima? But there are a number of open source projects using Apple's virtualisation technologies to run a linux VM to host docker-type containers.
Once you have an engine podman might be the best choice to manage containers, or docker.
cmiles74
Being able to drop Docker Desktop would be great. We're using Podman on MacOS now in a couple places, it's pretty good but it is another tool. Having the same tool across MacOS and Linux would be nice.
9dev
Migrate to Orbstack now, and get a lot of sanity back immediately. It’s a drop-in replacement, much faster, and most importantly, gets out of your way.
mgreg
There's also Rancher Desktop (https://rancherdesktop.io/). Supports moby and containerd; also optionally runs kubernetes.
samgranieri
I have to drop docker desktop at work and move to podman.
I'm the primary author of amalgamation of GitHub's scripts to rule them all with docker compose so my colleagues can just type `script/setup` and `script/server` (and more!) and the underlying scripts handle the rest.
Apple including this natively is nice, but I won't be a able to use this because my scripts have to work on linux and probably WSL
jbverschoor
Orbstack
niteshade
Seems to be this: https://github.com/apple/containerization
sho_hn
vminitd is the most interesting part of this.
acedTrex
Colima is my guess, only thing that makes sense here if they are doing a qemu vm type of thing
mbreese
That's my guess too... Colima, but probably doing a VM using the Virtualization framework. I'll be more curious if you can select x86 containers, or if you'll be limited to arm64/aarch64. Not that it really makes that much of a difference anymore, you can get pretty far with Linux Arm containers and VMs.
WD-42
Should be easy enough, look for the one with upstream contributions from Apple.
Oh, wait.
chakintosh
Some 15 years ago, A friend of mine said to me "mark my words, Apple will eventually merge OSX with iOS on the iPad". And with every passing keynote since then, it seemed Apple's been inching towards that prophecy, and today, the iPad has become practically a MacBook Air with a touch screen. Unless you were a video editor, programmer who needs resources to compile or a 3D artist, I don't see how you'd need anything other than an iPad.
paxys
The fact that they haven't done it in 15 years should be an indication that they don't intend to do it at all. Remember that in the same time period Apple rebuilt every Macbook from scratch from the chipset up. Neither the hardware nor software is a barrier to them merging the two platforms. It's that the ecosystems are fundamentally incompatible. A true "professional" device needs to offer the user full control, and Apple isn't giving up this control on an i-Device. The 30% cut is simply too lucrative.
LoganDark
If anyone wants to read up on how much effort Apple actually went through to keep Apple Silicon Macs open, take a look here: https://asahilinux.org/docs/platform/security/#per-container...
Secure Boot on other platforms is all-or-nothing, but Apple recognizes that Mac users should have the freedom to choose exactly how much to peel back the security, and should never be forced to give up more than they need to. So for that reason, it's possible to have a trusted macOS installation next to a less-trusted installation of something else, such as Asahi Linux.
Contrast this with others like Microsoft who believe all platforms should be either fully trusted or fully unsupported. Google takes this approach with Android as well. You're either fully locked in, or fully on your own.
NotPractical
> You're either fully locked in, or fully on your own.
I'm not sure what you mean by that. You can trivially root a Pixel factory image. And if you're talking about how they will punish you for that by removing certain features: Apple does that too (but to a lesser extent).
https://github.com/cormiertyshawn895/RecordingIndicatorUtili...
bigyabai
If anyone wants to read up on all the features Apple didn't implement from Intel Macs that made Linux support take so long, here is a list of UEFI features that represents only a small subset of the missing support relative to AMD and Intel chipsets: https://en.wikipedia.org/wiki/UEFI#Features
Alternatively, read about iBoot. Haha, just kidding! There is no documentation for iBoot, unlike there is for uBoot and Clover and OpenCore and SimpleBoot and Freeloader and systemd-boot. You're just expected to... know. Yunno?
amoshebb
the only macbook I’ve tried to put linux on was a t2 machine, and it still doesn’t sleep/suspend right, so I’m a bit skeptical that apple is really leading the way here, but maybe I’ve just not touched any recent windows devices either
ivape
They don’t want to overtake their desktop device market. If the UI fully converges, then all you have a iPad with a keyboard across all devices (laptops, desktop).
burntalmonds
I think practically everyone is better off with a laptop. iPad is great if you're an artist using the pencil, or just consuming media on it. Otherwise a macbook is far more powerful and ergonomic to use.
poulsbohemian
I think perhaps you are overestimating the computing needs of the majority of the population. Get one of the iPad cases with a keyboard and an iPad is in many ways a better laptop.
nottorp
But the majority won't pay extra for an ipad and a keyboard, when they can pay less for an air with everything included...
NewJazz
Or maybe a stand and separate keyboard. Better ergonomics than a laptop that way with similar portability.
tiltowait
The problem is that almost everything, including basic web browsing, is straight-up worse on the iPad. Weird incompatibilities, sites that don’t honor desktop mode, tabs unloading from memory, random reloads, etc. all mar the experience.
lucasoshiro
I have an iPad and really like it, but no, it is not.
Several small things combined make it really different to the experience that I have with a desktop OS. But it is nice as side device
focusedone
I used to think that, not having used an iPad. Now I carry a work-issued iPad with 5G and it's actually pretty convenient for remote access to servers. I wouldn't want to spend a day working on it, but it's way faster than pulling out a laptop to make one tiny change on a server. It's also great for taking notes at meetings/conferences.
It's irritatingly bad at consuming media and browsing the web. No ad blocking, so every webpage is an ad-infested wasteland. There are so many ads in YouTube and streaming music. I had no idea.
It's also kindof a pain to connect to my media library. Need to figure out a better solution for that.
So, as a relatively new iPad user it's pleasantly useful for select work tasks. Not so great at doomscrolling or streaming media. Who knew?
pkage
There's native ad blocking on iOS and has been for a while—I've found that to significantly enhance the usability of the device. I use Wipr[0], other options are available.
poglet
Try the Brave browser for YouTube. I used Jellyfin for my media library and that seemed to work fine for tv and movies.
I just got a Macbook and haven't touched my iPad Pro since, I would think I could make a change faster on a Macbook then iPad if they were both in my bag. Although I do miss the cellular data that the iPad has.
e6quisitory
Use Orion Browser. It allows installing Firefox/Chrome extensions. Install Firefox unlock Origin.
threeseed
> practically everyone is better off with a laptop
The majority of the world are using their phones as a computing device.
And as someone with a MacBook and iPad the later is significantly more ergonomic.
solomatov
I prefer MacBook to iPad most of the time. The only use case for iPad for me where it shines is when I need to use a pencil.
ZeroTalent
I don't understand why my MacBook doesn't have a touchscreen. I'm switching to an iPad Pro tomorrow. I use Superwhisper to talk to it 90% of the time anyway.
dexwiz
My theory is because of the hinge, which is a common point of failure on laptops. Either you are putting extra strain on it by having someone constantly touching the screen, and some users just mash their fingers into touch screens. Or users want a fully openable screen to mimic a tablet format, and those hinges always seem to fail quicker. Every touchscreen laptop I've had eventually has had the hinge fail.
thetallguyyy
Because MacBooks have subpar displays, at least the M4 Air does. The iPad Pro is a better value.
dcchambers
> The iPad has become practically a MacBook Air with a touch screen. Unless you were a video editor, programmer who needs resources to compile or a 3D artist, I don't see how you'd need anything other than an iPad.
No! It's not - and it's dangerous to propagate this myth. There are so many arbitrary restrictions on iPad OS that don't exist on MacOS. Massive restrictions on background apps - things like raycast (MacOS version), Text Expander, cleanshot, popclip, etc just aren't possible in iPad OS. These are tools that anyone would find useful. No root/superuser access. I still can't install whatever apps I want from whatever sources I want. Hell, you can't even write and run iPadOS apps in a code editor on the iPad itself. Apple's own editor/development tool - Xcode - only runs on MacOS.
The changes to window management are great - but iPad and iPadOS are still extremely locked down.
losvedir
I don't use an iPad much, but it's been interesting to watch from afar how it's been changing over these years.
They could have gone the direction of just running MacOS on it, but clearly they don't want to. I have a feeling that the only reason MacOS is the way it is, is because of history. If they were building a laptop from scratch, they would want it more in their walled garden.
I'm curious to see what a "power user" desktop with windowing and files, and all that stuff that iPad is starting to get, ultimately looks like down this alternative evolutionary branch.
hamandcheese
Its obvious isn't it? It will look like a desktop, except Apple decides what apps you can run and takes their 30% tax on all commerce.
KolibriFly
Yeah, it's like we're watching two parallel evolution paths: macOS dragging its legacy along, and iPadOS trying to reinvent "productivity" from first principles, within Apple's tight design sandbox.
athenot
Whether or not they eventually fuse, I don't know—I doubt it. But the approach they've taken over the past 15 years to gradually increase the similarities in user experience, while not trying to force a square peg in a round hole, have been the best path in terms of usability.
I think Microsoft was a little too eager to fuse their tablet and desktop interface. It has produced some interesting innovations in the process but it's been nowhere near as polished as ipadOS/macOS.
jeron
ipad hardware is a full blown M chip. There's no real hardware limitation that stops the iPad from running macOS, but merging it cannibalizes each product line's sales
_ph_
Right. But as long as touch is the main interface to you tablet, at least the desktop UI should be designed for that. So in my eyes it totally makes sense not just to use plain MacOS for the iPad. Another item is that so far they resist giving users full control over their iPad.
chakintosh
The new windowing feature basically cannibalizes MacBook Air.
threetonesun
A Macbook Air is cheaper than an iPad Pro with a keyboard though. Not to mention you still can't run apps from outside the app store, and most of these new features we're hoping work as well as they do on MacOS, but given that background tasks had to be an API, I doubt they will.
tarentel
There's still software I can't run on an iPad which is basically the only reason I have a MacBook Air. Maybe for some a windowing system may be the push to switch but that seems doubtful to me.
nicbou
I really wish there was some sort of hybrid device. I often travel by foot/bike/motorbike and space comes at a premium. I'd have a Microsoft Surface if Windows was not so unbearable.
On the other hand, I have come to love having a reading/writing/sketching device that is completely separate from my work device. I can't get roped into work and emails and notifications when I just want to read in bed. My iPad Mini is a truly distraction-free device.
I also think it would be hard to have a user experience that works great both for mobile work and sitting-at-a-desk work. I returned my Microsoft Surface because of a save dialog in a sketching app. I did not want to do file management because drawing does not feel like a computing task. On the other hand, I do want to deal with files when I'm using 3 different apps to work on a website's files.
_ph_
Yes and no. What they are currently doing, and it is working out greatly, is having a single hardware platform and a common code base on all devices. They still have branches of the main OS body for each device with the device specific customization. Which absolutely makes sense. Macs don't have touch. But iPads have. Which has at least some differentiation in the desktop UI. Then they try to keep up strong limitations on what iPad software can do - probably to a large extend to keep the lucrative app store alive. And of course, TV OS looks quite different for obvious reasons.
runjake
In case others are confused about the term "Foundation Models":
"Foundation Models" is an Apple product name for a framework that taps into a bunch of Apple's on-device AI models.
dwaite
No, the model itself is one of the two Apple foundation language models (the AFM-on-device, specifically)
https://machinelearning.apple.com/research/introducing-apple...
https://machinelearning.apple.com/research/apple-intelligenc...
The architecture is such that the model can be specialized by plugging in more task-specific fine-tuning models as adapters, for instance one made for handling email tasks.
At least in this version, it looks like they have only enabled use of one fine-tuning model (content tagging)
runjake
You are wrong. Citation: I read the post. The purpose of the post is to announce the Foundation Models framework. It's mentioned in the very first paragraph and throughout the post.
The Foundation Models framework documentation:
https://developer.apple.com/documentation/foundationmodels/
> The Foundation Models framework provides access to
> Apple’s on-device large language model that powers
> Apple Intelligence to help you perform intelligent
> tasks specific to your use case.
pzo
I'm still a little dissapointed. It seems those models are only available for iPhone series 16 and iPhone 15 pro. According to mixpanel that's only 25% of all iOS devices and even less if taking into account iPadOS. You will still have to use some other online model if you want to cover all iOS 26 users because I doubt apple will approve your app if it will only work on those Apple Intelligence devices.
Why should I bother then as a 3rd party developer? Sure nice not having a cost for API for 25% of users but still those models are very small and equivalent of qwen2.5 4B or so and their online models supposed equivalent of llama scout. Those models are already very cheap online so why bother having more complicated code base then? Maybe in 2 years once more iOS users replace their phones but I'm unlikely to use this for developing iOS in the next year.
This would be more interesting if all iOS 26 devices at least had access to their server models.
greggsy
Uptake of iPhone 16+ devices will be much more than 25% by the time someone develops the next killer app using these tools, which will no doubt spur sales anyway.
alt227
If there was a killer app for AI (sorry LLMs) then it would have come out by now and AI (sorry LLMs) would have taken off properly.
TechDebtDevin
Why would anyone bother with Apple. Let their product deteriorate and die. It only takes one product to get people off iphone and theyre (tim) cooked.
badc0ffee
The video on Containerization.framework, and the Container tool, is live [0].
It looks like each container will run in its own VM, that will boot into a custom, lightweight init called vminitd that is written in Swift. No information on what Linux kernel they're using, or whether these VMs are going to be ARM only or also Intel, but I haven't really dug in yet [1].
ilyagr
If you search the code, they support Rosetta, which means an ARM Linux kernel running x86 container userspace with Rosetta translation. Linux kernel can be told to use a helper to translate code using non-native architecture.
Actually, they explain it in detail here: https://github.com/apple/containerization/issues/70#issuecom...
It's unclear whether this will keep being supported in macOS 28+, though: https://github.com/apple/container/issues/76, https://www.reddit.com/r/macgaming/comments/1l7maqp/comment/...
nikolayasdf123
this aged so well https://github.com/apple/ml-fastvlm/issues/7
guybedo
looks like there isn't much to take away from this, here's a few bullet points:
Apple Intelligence models primarily run on-device, potentially reducing app bundle sizes and the need for trivial API calls.
Apple's new containerization framework is based on virtual machines (VMs) and not a true 'native' kernel-level integration like WSL1.
Spotlight on macOS is widely perceived as slow, unreliable, and in significant need of improvement for basic search functionalities.
iPadOS and macOS are converging in terms of user experience and features (e.g., windowing), but a complete merger is unlikely due to Apple's business model, particularly App Store control and sales strategies.
The new 'Liquid Glass' UI design evokes older aesthetics like Windows Aero and earlier Aqua/skeuomorphism, indicating a shift away from flat design.
Full summary (https://extraakt.com/extraakts/apple-intelligence-macos-ui-o...)
cromka
App Store control is something that EU is challenging, including on iPads. So while there’s no macOS APIs on ipadOS, I can totally see 3rd party solutions running macOS apps (and Linux or Windows, too) in a VM and outputting the result as now regular iPad windowed apps.
xpe
> including over 250,000 APIs that enable developers to integrate their apps with Apple’s hardware and software features.
This doesn’t sound impressive, it sounds insane.
glhaynes
Which ones would you like to get rid of?
xpe
I can hear the whooshing sound accompanying the snark... I'm talking about how this is communicated. I'd suggest that Apple say something like "200+ developer frameworks" rather than counting up the number of individual methods or functions.
Here is a summarization provided by Claude after I back-and-forthed it a bit:
--
Apple Developer Frameworks
This list represents the vast ecosystem of frameworks available to developers for building applications across Apple's platforms.
I. Foundational Frameworks
These provide the fundamental services and data management capabilities for all applications.
- Core Frameworks: Essential for data types, collections, and low-level services. Examples: Foundation, Core Data, Core Foundation
- Security: Manages user authentication, authorization, and cryptographic services. Examples: CryptoKit, LocalAuthentication, Security
- App Services: Supports core application functionalities and integrations. Examples: Contacts, EventKit, StoreKit, WeatherKit, ClockKit
II. User Interface & Experience
Frameworks for building the visual elements and user interactions of an application.
- UI Frameworks: The primary toolkits for constructing user interfaces. Examples: SwiftUI, UIKit (for iOS/tvOS), AppKit (for macOS)
- Services: Provides access to system-level services with a UI component. Examples: MapKit, CloudKit, Core Location, PassKit
III. Graphics & Media
For creating rich visual content, games, and handling audio/video.
- Graphics & Games: High-performance 2D and 3D graphics rendering and game development. Examples: Metal, SpriteKit, SceneKit, RealityKit
- Media: Manages the playback and processing of audio and video. Examples: AVFoundation, Core Audio, VisionKit
IV. Machine Learning
Enables the integration of intelligent features into applications.
- Core ML & Vision: The foundation for machine learning models and computer vision tasks. Examples: Core ML, Vision, Natural Language, Speech
- V. Platform-Specific Frameworks
The number of available frameworks varies significantly across Apple's operating systems, reflecting the unique capabilities of each platform.
- macOS: ~250+ frameworks
- iOS/iPadOS: ~200+ frameworks
- watchOS: ~50-60 frameworks
- tvOS: ~35-40 frameworks
- visionOS: A growing set of frameworks for spatial computing.
Illniyar
Oh, Apple is doing windows Aero now? Wonder how long that one'll last.
dang
Related ongoing threads:
Containerization is a Swift package for running Linux containers on macOS - https://news.ycombinator.com/item?id=44229348 - June 2025 (158 comments)
Container: Apple's Linux-Container Runtime - https://news.ycombinator.com/item?id=44229239 - June 2025 (11 comments)
Get the top HN stories in your inbox every day.
There's a different thread if you want to wax about Fluid Glass etc [1], but there's some really interesting new improvements here for Apple Developers in Xcode 26.
The new foundation frameworks around generative language model stuff looks very swift-y and nice for Apple developers. And it's local and on device. In the Platforms State of the Union they showed some really interesting sample apps using it to generate different itineraries in a travel app.
The other big thing is vibe-coding coming natively to Xcode through ChatGPT (and other) model integration. Some things that make this look like a nice quality-of-life improvement for Apple developers is the way that it tracks iterative changes with the model so you can rollback easily, and the way it gives context to your codebase. Seems to be a big improvement from the previous, very limited GPT integration with Xcode and the first time Apple Developers have a native version of some of the more popular vibe-coding tools.
Their 'drag a napkin sketch into Xcode and get a functional prototype' is pretty wild for someone who grew up writing [myObject retain] in Objective-C.
Are these completely ground-breaking features? I think it's more what Apple has historically done which is to not be first into a space, but to really nail the UX. At least, that's the promise – we'll have to see how these tools perform!
1: https://news.ycombinator.com/item?id=44226612