Apple Announces macOS Golden Gate & Linux Container Machines

Apple Finalizes the Apple Silicon Transition

At WWDC 2026, Apple announced macOS 27, officially named 'Golden Gate'. This release marks a definitive end of an era: it is the first version of macOS to exclusively support Apple Silicon Macs, leaving Intel-based Macs behind. Owners of recent MacBook Air, MacBook Pro, iMac, Mac mini, Mac Studio, and Mac Pro models can upgrade.

Intel Mac owners are not entirely abandoned. As reported by The Verge, Apple has promised three years of security updates for these aging systems. However, the focus of new features and system optimizations is now squarely on the performance, efficiency, and machine learning capabilities of Apple's custom chips.

What's New in macOS Golden Gate

Golden Gate follows the controversial Liquid Glass redesign introduced in macOS Tahoe (26). Apple is refining that design language with user-requested changes. A key new feature is a global slider to adjust the opacity of Liquid Glass UI effects.

Furthermore, the operating system introduces a tighter corner radius for windows, aiming for a more unified and less jarring visual aesthetic compared to Tahoe. The company has also rebuilt the Search function with new infrastructure to index content almost immediately, with improvements to Spotlight in Photos and Mail.

Golden Gate will also inherit the cross-platform features announced at WWDC, including updates to parental controls, Screen Time, and the new 'Apple Intelligence' architecture. The name 'Golden Gate' was a curveball, not among top fan guesses like Redwood or Mammoth.

A New Paradigm for Developers: Container Machines

Simultaneously, Apple has made a significant, quiet move for developers by releasing documentation for 'container machines' via its open-source 'container' project on GitHub. This tool represents a shift in how developers can use Linux environments on macOS.

Unlike traditional containers modeled around single applications, a container machine is modeled after a full Linux environment. It runs the image's init system (like systemd), allowing for long-running services and realistic testing under a process supervisor.

How Container Machines Work

The key innovation is deep host integration. A container machine automatically maps the host user's macOS username and home directory into the Linux environment. This means your repositories, dotfiles, and work are instantly available on both sides of the boundary.

The philosophy is 'Edit on the Mac, build inside.' Your code lives in `$HOME` on macOS and is mounted inside the container at `/Users/`. You can use native macOS editors and IDEs, while compiling, running, and debugging inside a genuine Linux container.

This enables powerful workflows:

• Use macOS-native tooling on Linux artifacts: Profilers, GUI debuggers, and browsers on your Mac can directly inspect files built inside the container.
• Run real Linux services for testing: Start a database with `systemctl start postgresql` for accurate integration testing.
• Manage multiple target distros: Create separate container machines for Alpine, Ubuntu, and Debian, each with access to the same `$HOME`.

Getting Started with Container Machines

The `container` CLI tool (aliased as `m`) manages these environments. Creating a machine is straightforward: `container machine create alpine:latest --name dev`. You can then open a shell with `container machine run -n dev`, which boots the machine if stopped.

Commands run as your host user, not root, and your current directory is your shared home. The tool allows listing (`ls`), inspection (`inspect`), stopping (`stop`), and deletion (`rm`) of machines. Resources like CPU cores and memory (defaulting to half the host's RAM) can be configured with `container machine set`.

Bringing Your Own Image

Any Linux OCI image containing `/sbin/init` can serve as a container machine base. Apple provides an example Dockerfile for building an Ubuntu 24.04 image with systemd and common tools. By default, `container` runs a built-in setup script on first boot.

For custom provisioning, developers can include an executable script at `/etc/machine/create-user.sh` in their image. This script runs once as root with environment variables like `CONTAINER_USER` and `CONTAINER_HOME` set, allowing for tailored user environment creation.

The Broader Developer Ecosystem Context

This release aligns with a broader industry trend toward 'security as code' and managed container baselines. As highlighted by a TechCrunch press release from Minimus, platform teams are increasingly seeking to manage custom image configurations entirely as code.

Tools like Minimus's `minicli` allow teams to inspect image structures and export recipes as YAML for integration into Git workflows and CI/CD pipelines. When paired with secure base images, these approaches help enforce unified security guardrails across OS and application layers.

Apple's container machine tooling fits into this ecosystem by providing a first-party, highly integrated method for developers to leverage secure, persistent Linux environments directly within their macOS development loop.

Why This Matters

The dual announcements of macOS Golden Gate and container machines signal Apple's evolving platform strategy. Golden Gate cements the performance and AI advantages of Apple Silicon, while container machines directly address a perennial pain point for developers who need Linux for deployment but prefer macOS for daily work.

By providing a seamless, file-system-native bridge between the two worlds, Apple is empowering developers to build and test for Linux more efficiently than ever on a Mac. This move strengthens the Mac's position as a development powerhouse, especially as the final Intel Macs fade from support and the Apple Silicon ecosystem matures.