Show HN: Local-First Linux MicroVMs for macOS

shuru.run - 88 poäng - 30 kommentarer - 16587 sekunder sedan

Shuru is a lightweight sandbox that spins up Linux VMs on macOS using Apple's Virtualization.framework. Boots in about a second on Apple Silicon, and everything is ephemeral by default. There's a checkpoint system for when you do want to persist state, and sandboxes run without network access unless you explicitly allow it. Single Rust binary, no dependencies. Built it for sandboxing AI agent code execution, but it works well for anything where you need a disposable Linux environment.

Kommentarer (14)

jclay - 233 sekunder sedan
Has anyone tackled this for Windows? WSL isn’t ideal when shipping a consumer app to a non-developer target audience since it requires some setup.
Xlab - 3385 sekunder sedan
I will steal this to make a local-first version of https://microterm.dev for macOS :)
My idea is to have unified environment across all targets, so the only thing that changes is speed and amount of RAM.
runako - 1630 sekunder sedan
How does this compare to Apple container[1]?
I am excited by the innovation happening in the space!
1 - https://github.com/apple/container
BrandiATMuhkuh - 1721 sekunder sedan
Very cool. Was looking for something like this for a new project of mine. (I'm working on a project that is like a marriage of retool+OpenClaw. It's used by SME to quickly build inhouse apps)
praveenhm - 964 sekunder sedan
How does it compare to Lume. It uses Apple's native Virtualization Framework to run macOS and Linux VMs at near-native speed on Apple Silicon.
josephg - 10952 sekunder sedan
What does local first mean in this context? Does it just mean local? Like, the software runs locally?
7777777phil - 11652 sekunder sedan
The agent stack is splitting into specialized layers and sandboxing is clearly becoming its own thing. Shuru, E2B, Modal, Firecracker wrappers.
Earlier this month I wrote about how these layers have very different defensibility profiles and why going monolithic is the wrong call: https://philippdubach.com/posts/dont-go-monolithic-the-agent...
EDIT: Spelling
rishabhaiover - 8259 sekunder sedan
I've noticed claude forks parallel agents on an assigned task. How would they communicate in isolated sandboxes like these? Would it be cleaner and more effective for a harness to orchestrate swarms of agents in a single clean linux environment like OrbStack?
xrd - 12428 sekunder sedan
What is the benefit of this over lima, for example?
tobyhinloopen - 6735 sekunder sedan
Neat! I was looking for something like this
Krisso - 10357 sekunder sedan
Why was using straigt containers not enough?
janlucien - 1344 sekunder sedan
[dead]
okayokay123 - 5979 sekunder sedan
[dead]
conradev - 9600 sekunder sedan
Use OrbStack. It’s faster than Virtualization.framework because it has its own hypervisor.