To build the container project, you need:
- Mac with Apple silicon
- macOS 15 minimum, macOS 26 recommended
- Xcode 26, set as the active developer directory
Important
There is a bug in the vmnet framework on macOS 26 that causes network creation to fail if the container helper applications are located under your Documents or Desktop directories. If you use make install, you can simply run the container binary in /usr/local. If you prefer to use the binaries that make all creates in your project bin and libexec directories, locate your project elsewhere, such as ~/projects/container, until this issue is resolved.
Build container and the background services from source, and run basic and integration tests:
make all test integrationCopy the binaries to /usr/local/bin and /usr/local/libexec (requires entering an administrator password):
make installOr to install a release build, with better performance than the debug build:
BUILD_CONFIGURATION=release make all test integration
BUILD_CONFIGURATION=release make installcontainer uses gRPC to communicate to the builder virtual machine that creates images from Dockerfiles, and depends on specific versions of grpc-swift and swift-protobuf. If you make changes to the gRPC APIs in the container-builder-shim project, install the tools and re-generate the gRPC code in this project using:
make protosTo make changes to container that require changes to the Containerization project, or vice versa:
-
Clone the Containerization repository such that it sits next to your clone of the
containerrepository. Ensure that you follow containerization instructions to prepare your build environment. -
In your development shell, go to the
containerproject directory.cd container -
If the
containerservices are already running, stop them.bin/container system stop
-
Reconfigure the Swift project to use your local
containerizationpackage and update yourPackage.resolvedfile./usr/bin/swift package edit --path ../containerization containerization /usr/bin/swift package update containerization
[!IMPORTANT] If you are using Xcode, do not run
swift package edit. Instead, temporarily modifyPackage.swiftto replace the versionedcontainerizationdependency:.package(url: "https://github.com/apple/containerization.git", exact: Version(stringLiteral: scVersion)),
with the local path dependency:
.package(path: "../containerization"),
Note: If you have already run
swift package edit, whether intentionally or by accident, follow the steps in the next section to restore the normalcontainerizationdependency. Otherwise, the modifiedPackage.swiftfile will not work, and the project may fail to build. -
If you want
containerto use any changes you made in thevminitsubproject of Containerization, update the system property to use the locally built init filesystem image:container system property set image.init vminit:latest -
Build
container.make clean all -
Restart the
containerservices.bin/container system stop bin/container system start
To revert to using the Containerization dependency from your Package.swift:
-
If you were using the local init filesystem, revert the system property to its default value:
container system property clear image.init
-
Use the Swift package manager to restore the normal
containerizationdependency and update yourPackage.resolvedfile. If you are using Xcode, revert yourPackage.swiftchange instead of usingswift package unedit./usr/bin/swift package unedit containerization /usr/bin/swift package update containerization
-
Rebuild
container.make clean all
-
Restart the
containerservices.bin/container system stop bin/container system start
To test changes that require the container-builder-shim project:
-
Clone the container-builder-shim repository and navigate to its directory.
-
After making the necessary changes, build the custom builder image, set it as the active builder image, and remove the existing
buildkitcontainer so the new image will be used:
container build -t builder .
container system property set image.builder builder:latest
container rm -f buildkit- Run the
containerbuild as usual:
container build ...Important
If your modified builder image is broken, make sure to rebuild and correctly tag the builder image before attempting to build container-builder-shim again.
Attach debugger to the XPC helpers using their launchd service labels:
-
Find launchd service labels:
% container system start % container run -d --name test debian:bookworm sleep infinity test % launchctl list | grep container 27068 0 com.apple.container.container-network-vmnet.default 27072 0 com.apple.container.container-core-images 26980 0 com.apple.container.apiserver 27331 0 com.apple.container.container-runtime-linux.test
-
Stop container and start again after setting the environment variable
CONTAINER_DEBUG_LAUNCHD_LABELto the label of service to attach debugger. Services whose label starts with theCONTAINER_DEBUG_LAUNCHD_LABELwill wait the debugger:% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux.test % container system start # Only the service `com.apple.container.container-runtime-linux.test` waits debugger
% export CONTAINER_DEBUG_LAUNCHD_LABEL=com.apple.container.container-runtime-linux % container system start # Every service starting with `com.apple.container.container-runtime-linux` waits debugger
-
Run the command to launch the service, and attach debugger:
% container run -it --name test debian:bookworm ⠧ [6/6] Starting container [0s] # It hangs as the service is waiting for debugger
Run make pre-commit to install a pre-commit hook that ensures that your changes have correct formatting and license headers when you run git commit.