container-use
Apple Container Usage
Guide for using Apple's container tool to run Linux containers on macOS.
TL;DR
container runs Linux containers in lightweight virtual machines (one VM per container) on macOS 26+ (Apple Silicon). It creates a native, secure, and performant alternative to Docker Desktop.
When to Use
- You want to run Linux containers on macOS without the overhead of Docker Desktop.
- You need strong isolation (VM per container).
- You are developing on macOS 26+ with Apple Silicon.
- You want to build multi-platform images (arm64/amd64).
Installation
- Download: Get the latest signed
.pkgfrom GitHub Releases. - Install: Double-click the
.pkgand follow instructions. - Start Service:
container system start
Common Workflows
1. Running Containers
Basic run (similar to Docker):
# Run interactive alpine shell
container run -it --rm alpine:latest sh
# Run web server detached with port mapping
container run -d --name web -p 8080:80 nginx:latest
Key Options:
--cpus <count>: Limit CPUs (default: 4)--memory <size>: Limit RAM (default: 1G). e.g.,--memory 4g--volume <host>:<container>: Mount volumes.container run -v ~/project:/code python:3.9--ssh: Forward host SSH agent (great for git in containers).container run --ssh -it ubuntu git clone git@github.com:me/repo.git--mac-address <addr>: Set custom MAC address.
2. Building Images
Builds run in a special builder VM.
# Build current directory
container build -t my-app:latest .
# Build for multiple architectures
container build --arch arm64 --arch amd64 -t my-app:multi .
Tip: Increase builder resources if builds are slow:
container builder start --cpus 8 --memory 16g
3. Managing State
# List running containers
container ls
# List all (including stopped)
container ls -a
# Stop/Start
container stop <name>
container start <name>
# View logs
container logs -f <name>
# Monitor stats (CPU/RAM)
container stats
4. Networking
Apple Containers use vmnet. Each network is isolated.
# Create a new isolated network
container network create backend --subnet 192.168.100.0/24
# Run container in network
container run --network backend nginx
References
- Tutorial - Guided tour of building and running a simple web server.
- How-to Guide - Tasks like sharing files, multi-platform builds, and networking.
- Command Reference - Comprehensive list of CLI commands and options.
Migration from Docker
| Docker Command | Container Command | Notes |
|---|---|---|
docker run ... |
container run ... |
Mostly compatible flags (-v, -p, -d, -it) |
docker ps |
container ls |
|
docker build ... |
container build ... |
|
docker logs ... |
container logs ... |
|
docker exec ... |
No direct equivalent yet | Use ssh or attach if supported, or design containers to not need exec. |
docker network ... |
container network ... |
Key Differences:
- Architecture: Docker Desktop uses one big VM.
containeruses one lightweight VM per container. This improves isolation but changes resource usage patterns. - Storage: Images and containers are stored in
~/Library/Containers/.... - Daemon: The daemon (
vminitd) runs per-container inside the VM.
Troubleshooting
System Logs: If something fails, check the system logs:
container system logs
Uninstall: To remove everything (including data):
/usr/local/bin/uninstall-container.sh -d
More from olafgeibig/skills
skill-builder
Use this skill when creating new Claude Code skills from scratch, editing existing skills to improve their descriptions or structure, or converting Claude Code sub-agents to skills. This includes designing skill workflows, writing SKILL.md files, organizing supporting files with intention-revealing names, and leveraging CLI tools and Node.js scripting.
16ocx-use
Use this skill when managing OpenCode extensions with OCX (OpenCode eXtensions). This includes installing components from registries, using Ghost Mode for cross-repository development, auditing changes with SHA-256 verification, managing dependencies, configuring registries, or performing component updates and version management. Invoke for tasks involving ocx init, ocx add, ocx update, ocx diff, ocx ghost, or OCX registry operations.
12md-wiki
Multi-domain LLM Wiki — build and maintain a federation of interlinked markdown knowledge bases. Each domain wiki has its own schema, index, and log, linked across boundaries via path-based wikilinks. Extends Karpathy's single-wiki pattern for multiple domains under one root.
4vault-ops
Use this skill when working with a markdown notes vault such as Obsidian. It defines a default workflow for selecting a vault, reading vault-local instructions, navigating notes, writing regular notes, and maintaining Maps of Content (MoCs). Triggers: vault, obsidian, notes vault, moc, map of content, markdown notes.
4lossless-claw-use
Use this skill when installing, configuring, tuning, or troubleshooting the lossless-claw plugin in OpenClaw. It covers context engine setup, LCM compaction tuning, agent memory tools (`lcm_grep`, `lcm_describe`, `lcm_expand_query`), database operations, TUI maintenance workflows, and optional FTS5 runtime enablement. Triggers: lossless-claw, LCM, OpenClaw context engine, summary DAG, lcm-tui, lcm_expand_query.
3memory-lancedb-pro-use
Use this skill when installing, configuring, operating, or troubleshooting the memory-lancedb-pro plugin for OpenClaw. It covers hybrid retrieval (vector + BM25), cross-encoder reranking, smart extraction, multi-scope isolation, lifecycle controls, and the memory-pro CLI workflow. Triggers: memory-lancedb-pro, OpenClaw memory plugin, memory-pro CLI, hybrid retrieval, BM25, reranker, session memory.
2