←back to thread

Show HN: Lumier – Run macOS VMs in a Docker

(github.com)
159 points GreenGames | 2 comments | 14 May 25 15:19 UTC | HN request time: 0.498s | source

Hey HN, we're excited to share Lumier (https://github.com/trycua/cua/tree/main/libs/lumier), an open-source tool for running macOS and Linux virtual machines in Docker containers on Apple Silicon Macs.

When building virtualized environments for AI agents, we needed a reproducible way to package and distribute macOS VMs. Inspired by projects like dockur/windows (https://github.com/dockur/windows) that pioneered running Windows in Docker, we wanted to create something similar but optimized for Apple Silicon. The existing solutions either didn't support M-series chips or relied on KVM/Intel emulation, which was slow and cumbersome. We realized we could leverage Apple's Virtualization Framework to create a much better experience.

Lumier takes a different approach: it uses Docker as a delivery mechanism (not for isolation) and connects to a lightweight virtualization service (lume) running on your Mac. This creates true hardware-accelerated VMs using Apple's native virtualization capabilities.

With Lumier, you can: - Launch a ready-to-use macOS VM in minutes with zero manual setup - Access your VM through any web browser via VNC - Share files between your host and VM effortlessly - Use persistent storage or ephemeral mode for quick tests - Automate VM startup with custom scripts

All of this works natively on Apple Silicon (M1/M2/M3/M4) - no emulation required.

To get started:

1. Install Docker for Apple Silicon: https://desktop.docker.com/mac/main/arm64/Docker.dmg

2. Install lume background service with our one-liner:

  /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/trycua/cua/main/libs/lume/scripts/install.sh)"
3. Start a VM (ephemeral mode):

  docker run -it --rm \
  --name lumier-vm \
    -p 8006:8006 \
    -e VM_NAME=lumier-vm \
    -e VERSION=ghcr.io/trycua/macos-sequoia-cua:latest \
    -e CPU_CORES=4 \
    -e RAM_SIZE=8192 \
    trycua/lumier:latest
4. Open http://localhost:8006/vnc.html in your browser. The container will generate a unique password for each VM instance - you'll see it in the container logs.

For persistent storage (so your changes survive container restarts):

mkdir -p storage docker run -it --rm \ --name lumier-vm \ -p 8006:8006 \ -v $(pwd)/storage:/storage \ -e VM_NAME=lumier-vm \ -e HOST_STORAGE_PATH=$(pwd)/storage \ trycua/lumier:latest

Want to share files with your VM? Just add another volume:

mkdir -p shared docker run ... -v $(pwd)/shared:/shared -e HOST_SHARED_PATH=$(pwd)/shared ...

You can even automate VM startup by placing an on-logon.sh script in shared/lifecycle/.

We're seeing people use Lumier for: - Development and testing environments that need macOS - CI/CD pipelines for Apple platform apps - Disposable macOS instances for security research - Automated UI testing across macOS versions - Running AI agents in isolated environments

Lumier is 100% open-source under the MIT license. We're actively developing it as part of our work on C/ua (https://github.com/trycua/cua), and we'd love your feedback, bug reports, or feature ideas.

We'll be here to answer any technical questions and look forward to your comments!

Show context
cyberax ◴[14 May 25 18:01 UTC] No.43987448[source]
Super nice! Do you think it's possible to run XCode and do an app build with this approach?
replies(1): >>43988068 #
frabonacci ◴[14 May 25 19:00 UTC] No.43988068[source]
Yes! That’s actually what https://tuist.dev is doing. They use Lume to spin up ephemeral macOS VMs with Xcode preinstalled, so they can run builds in clean, reproducible environments. It’s great for CI workflows where you want full macOS without managing long-lived hosts
replies(1): >>43988621 #
shykes ◴[14 May 25 20:04 UTC] No.43988621[source]
Is it possible to build and host our own Mac base images? Or is there a mandatory dependency to Cua's hosted registry?
replies(1): >>43988915 #
frabonacci ◴[14 May 25 20:38 UTC] No.43988915[source]
Yes, you can build and host your own Mac base images directly using the lume CLI. See the usage guide at: https://github.com/trycua/cua/tree/main/libs/lume#usage

Currently, lume supports pushing to GitHub Container Registry (GHCR). However, it’s feasible to extend support to any OCI-compatible registry in the future.

Steps to build and push a custom image:

1. Start by creating a new VM or pulling an existing image. Launch the VM, make your desired modifications, and use it as your golden image.

2. Generate a classic access token on GitHub. Then: export GITHUB_USERNAME=<your_github_username> export GITHUB_TOKEN=<your_github_token>

3. Push your custom image: lume push "<VM_NAME_TO_PUSH>" "<IMAGE_NAME>:<TAG>" --registry ghcr.io --organization "<your_org_id>" --additional-tags "<optional_additional_tags>"

Example: lume push "lume_vm" "macos-sequoia-cua:latest" --registry ghcr.io --organization "trycua" --additional-tags "15.2"

Pull your image later with: lume pull "macos-sequoia-cua:latest" --registry ghcr.io --organization "trycua"

There is no mandatory dependency on the Cua-hosted registry - you are free to maintain your own image registry using GHCR or another OCI-compatible alternative (with some extension work).

replies(1): >>43989342 #
1. shykes ◴[14 May 25 21:20 UTC] No.43989342[source]
Thanks! Do you rely on bleeding edge OCI features like artifacts, or on the original features? I'm asking to get a sense of how many registries would work out of the box with this.

I'm excited to play with lume! My use case is adding native Mac execution to Dagger (https://dagger.io) :)

replies(1): >>43990294 #
2. frabonacci ◴[14 May 25 23:33 UTC] No.43990294[source]
We stick to standard OCI features: just basic manifests, layers, and configs - without relying on newer or experimental functionality like OCI artifacts. That means it should work out of the box with most registries, including Docker Hub, GitHub Container Registry, and any other OCI-compliant registry.

The relevant code is here: https://github.com/trycua/cua/blob/main/libs/lume/src/Contai...

And thanks again - really appreciate the interest. I’ll follow up via email, would love to hear more about the Dagger use case and how native Mac execution fits in!