WingNews logo WingNews
top | item 47113567

Show HN: Local-First Linux MicroVMs for macOS

212 points| harshdoesdev | 7 days ago |shuru.run

Shuru is a lightweight sandbox that spins up Linux VMs on macOS using Apple's Virtualization.framework. Boots in about a second on Apple Silicon, and everything is ephemeral by default. There's a checkpoint system for when you do want to persist state, and sandboxes run without network access unless you explicitly allow it. Single Rust binary, no dependencies. Built it for sandboxing AI agent code execution, but it works well for anything where you need a disposable Linux environment.

64 comments

order

srinath693|6 days ago

The value here isn't 'local VMs'. it's that the defaults are inverted. Everything else defaults to persistent and networked. This defaults to ephemeral and isolated. Small shift, but matters when you don't trust the code that's about to run.

Xlab|7 days ago

I will steal this to make a local-first version of https://microterm.dev for macOS :)

My idea is to have unified environment across all targets, so the only thing that changes is speed and amount of RAM.

scosman|6 days ago

How is this running the vm/container? Cloud or something like container2wasm?

Kinda cool I’m on my phone, on an alpine terminal, and genuinely need to ask if it’s running in the browser.

chrisweekly|6 days ago

iOS Safari stuck in a redirect loop (loading... indicator reaches 90% then hard refresh, repeat till error message)

josephg|7 days ago

What does local first mean in this context? Does it just mean local? Like, the software runs locally?

harshdoesdev|7 days ago

yeah, it just means everything runs on your machine. there are services like E2B, sprites.dev and others that give you sandboxes in the cloud. shuru runs VMs locally using Apple's Virtualization.framework, so nothing leaves your Mac.

fulafel|6 days ago

Seems it only support macOS so for practical purpouses it's local-only.

userbinator|7 days ago

Unfortunately yes. It's just another stupid marketing buzzword these days.

7777777phil|7 days ago

The agent stack is splitting into specialized layers and sandboxing is clearly becoming its own thing. Shuru, E2B, Modal, Firecracker wrappers.

Earlier this month I wrote about how these layers have very different defensibility profiles and why going monolithic is the wrong call: https://philippdubach.com/posts/dont-go-monolithic-the-agent...

EDIT: Spelling

camkego|7 days ago

It's a good article and seems to mirror my experience doing partial-AI software development. If you are not saving your context for decision making and your conclusions in software architecture (as made between developers and AI) you are losing very valuable context information on software design. Although I'm not sure the article ties closely to the topic of micro VMs.

runako|7 days ago

How does this compare to Apple container[1]?

I am excited by the innovation happening in the space!

1 - https://github.com/apple/container

harshdoesdev|7 days ago

apple container is more of a docker-style workflow, OCI images, registries, etc. shuru is just micro VMs with checkpointing, much simpler scope.

jclay|7 days ago

Has anyone tackled this for Windows? WSL isn’t ideal when shipping a consumer app to a non-developer target audience since it requires some setup.

xrd|7 days ago

What is the benefit of this over lima, for example?

harshdoesdev|7 days ago

Lima can do a lot of what shuru does if you set it up for it. the difference is mostly in defaults and how much you have to configure upfront. with shuru you get ephemeral VMs, no networking, and a clean rootfs on every run without touching a config file. shuru run and you're in. Checkpoints and branching are built into the CLI rather than being an experimental feature you have to figure out. Lima is a much bigger and more mature project though. Shuru is something I am building partly to learn and partly because I wanted something with saner defaults for this specific use case.

BrandiATMuhkuh|7 days ago

Very cool. Was looking for something like this for a new project of mine. (I'm working on a project that is like a marriage of retool+OpenClaw. It's used by SME to quickly build inhouse apps)

scosman|6 days ago

This looks amazing. I’ve been wanting virtualization.framework micro VMs for months! Docker is fine, but the overhead isn’t ideal.

I like the defaults (ephemeral, network off). Any thoughts on adding host-mapped directories?

I have a MCP server for ephemeral sandboxes that supports various backends (Docker, E2B, Modal, even WASM). I’ll look at adding this. https://github.com/Kiln-AI/Kilntainers

praveenhm|7 days ago

How does it compare to Lume. It uses Apple's native Virtualization Framework to run macOS and Linux VMs at near-native speed on Apple Silicon.

harshdoesdev|7 days ago

lume is a much more full featured VM manager, macOS and Linux VMs, API server, prebuilt images, python SDK etc. shuru is intentionally minimal.

rishabhaiover|7 days ago

I've noticed claude forks parallel agents on an assigned task. How would they communicate in isolated sandboxes like these? Would it be cleaner and more effective for a harness to orchestrate swarms of agents in a single clean linux environment like OrbStack?

harshdoesdev|7 days ago

haven't thought about multi-agent communication yet. each sandbox is fully isolated which is the point. checkpoints help a bit here though, you can branch multiple agents from the same checkpoint so they all start from the same state.

Cyphase|6 days ago

Shuru looks cool! I've been working on something with a similar vibe, for Linux hosts first; MicroVMs, default offline, etc. Not ready to release, but I'm starting to dogfood it.

apatheticonion|6 days ago

How are we going for gpu acceleration in Linux VMs on MacOS?

alexellisuk|6 days ago

AFAIK that's not possible at the moment. Apple limits the full GPU acceleration for macOS guests.

steve1977|6 days ago

Let's not call this local-first please. Especially since there is no wherever- else-second. The term first makes no sense here.

JSR_FDED|7 days ago

This looks awesome. How would you recommend setting up an allowlist for external network communications (for cases where networking is enabled)?

raihansaputra|6 days ago

man this is cool. this is what i want since i read about fly.io's sprites.

slightly related to this, and i'm not familiar with linux sandboxing/containerization in depth, but any similar turn key solution for linux desktop/server? ideally i have something like sprites/shuru but on my own linux/ubuntu server instead of in the cloud.

alexellisuk|6 days ago

We built SlicerVM for this in 2022, but not just for sandboxing. It's for servers + API launched VMs (i.e. what we now like to call a 'sandbox'). Feel free to take a look, a lot of our early users are saying things like this.

servercobra|6 days ago

Same, I really want to use sprites (for me and my whole team) but every time I try to set up, I run into weird issues. Last time I got in some state where trying to launch Claude froze the whole VM every time.

harshdoesdev|6 days ago

glad you liked it! I am currently exploring options for Linux support. will share an update soon.

Krisso|7 days ago

Why was using straigt containers not enough?

harshdoesdev|7 days ago

containers work fine for a lot of this. shuru is just what felt more natural to me. less config overhead and i wanted to learn by building it.

tobyhinloopen|7 days ago

Neat! I was looking for something like this

conradev|7 days ago

Use OrbStack. It’s faster than Virtualization.framework because it has its own hypervisor.

harshdoesdev|7 days ago

OrbStack is great but it is solving a different problem. it's a full Docker Desktop replacement. shuru is just a thin layer over Virtualization.framework for spinning up throwaway sandboxes.

JoshTriplett|7 days ago

OrbStack has some invasive elements inside it trying to provide filesystem integration, and the filesystem they use is not POSIX compliant and causes breakage with some build systems and other software.