Apple Adds Native Container Support to macOS 15: Kali Linux Runs Without Docker

Apple

Apple quietly shook the developer world at WWDC 2025 with a game-changing surprise: native container support for macOS. This new containerization stack lets Apple Silicon Macs run Open Container Initiative (OCI) images inside ultra-lightweight, isolated virtual machines. And yes, that means you can now launch Kali Linux natively—without Docker Desktop.

 A True macOS Equivalent to WSL2

Behind the scenes, Apple’s container system uses a combination of new and existing frameworks:

  • Container CLI – the new user-facing command-line interface

  • Containerization.framework – Swift-based backend framework

  • Hypervisor.framework – creates a micro-VM per container

  • Virtualization.framework – handles VM runtime management

This architecture gives each container its own VM, avoiding the single-VM model used by Docker Desktop. The result? Better isolation, near-native performance, and cold start times under one second.

🚀 Spinning Up Kali Linux in Seconds

Getting started is surprisingly simple on any Apple Silicon Mac running macOS 15.5 or later:

 
brew install --cask container

container system start
 

You’ll be prompted to install a lightweight Kata Containers kernel. Once that’s done, you’re ready to run containers just like Docker:

 
container run --rm -it kalilinux/kali-rolling
 

Want persistence? Just mount your current working directory:

 
container run --rm -it -v $(pwd):/mnt -w /mnt kalilinux/kali-rolling
 

You’re now inside a fully interactive Kali Linux shell with the latest aarch64 kernel, optimized for Apple Silicon.

 Why Apple’s Containers Are More Secure

Unlike Docker Desktop, where all containers share a single LinuxKit VM, Apple’s model runs each container in its own micro-VM. This significantly improves isolation and eliminates lateral-movement vulnerabilities.

That’s especially important for red teamers, penetration testers, and anyone handling untrusted code—Kali Linux is now safer and faster on macOS than ever before.

 Early Limitations and What’s Next

There are still some growing pains:

  • Networking bugs: Some containers boot without an IP or DNS resolution

  • Intel Macs not supported: This is Apple Silicon-only for now

  • Developer Preview only: Full support expected in macOS 26 “Tahoe” (due this fall)

Despite these hiccups, Apple has committed to open-source development and GitHub releases. With Kali offering official ARM64 images, Mac is becoming a serious platform for Linux tooling.

One Mac to Rule Them All?

Kali’s slogan—“penetration testing from anywhere”—is now more real than ever. Gone are the days of juggling heavy VMs or Docker Desktop’s bloated LinuxKit. With Apple’s native container support, red teams and researchers can finally run Kali Linux with sub-second startup, low overhead, and hardened security.

The future of development and security testing on macOS just got a whole lot more powerful.

 

Click here for more articles…………

Click below and ‘share’ this article!