hoakley June 20, 2023 Macs, Technology

What works in virtualising macOS on Apple silicon, and what doesn’t

If you want to run macOS in a virtual machine (VM) on an Apple silicon Mac, there’s essentially only one way, using the support built into macOS since Monterey. This is true whichever virtualising software you use: Parallels, UTM, VirtualBuddy, or my own free Viable or ViableS. While there are differences between what they offer, at their heart they have the same limitations.

Performance

Their virtualisation is impressive: performance in most respects is almost identical to running natively on the host Mac, although it’s limited by the number of virtual cores and amount of virtual memory that you allocate to your VM. Viable gives you complete control over those, but you can’t specify which of the two types of core in M-series chips. Core allocation first uses those P cores available, and will spill over to E cores when macOS deems it necessary.

Serial number

Virtualisation enforces Apple’s licence limit of running no more than two macOS VMs simultaneously on the same Mac, even if it has sufficient cores and memory to run more. VMs also can’t nest VMs inside them. However, they can install Rosetta 2 to allow them to run translated Intel code, just as on the host.

The virtualiser allocates each VM a unique Machine ID, which is used to determine its serial number. While Viable lets you create VMs with identical Machine IDs, so the same serial number, it’s currently not possible to set the serial number of your choice.

Disk & network

The most noticeable limit to performance is when writing to the VM. This is because it’s stored in a disk image, which imposes overhead. However, performance is close to native when accessing shared folders on the host. Those shares need to be configured before starting a VM, and currently there doesn’t appear to be support for resizing a VM after it has been created.

Network access is also limited. Viable uses standard NAT network access through the host network connection. There’s no option to attach the VM to Wi-Fi or any other specific connection, nor to dedicate a host connection to the VM. Apple does offer a special entitlement for bridged networking, but that’s only available to developers it approves. I do intend applying for that for Viable.

Displays & input

Support is provided for a wide range of display resolutions to accommodate most needs, although at times getting this right can be a matter of trial and error. Sonoma introduces an auto-scaling option that fits Sonoma guests into any window size in a crisp image. This is a major improvement, but is only available in macOS 14 VMs running on a macOS 14 host.

Good support is also provided for Mac keyboards, mice and trackpads, with pass-through of special key combinations, and support for localised key layouts. There are lingering minor problems with trackpads becoming unresponsive to gestures, and surprisingly they still don’t enjoy support from Trackpad Settings. Keyboard support has been further enhanced for macOS 14 VMs running on a macOS 14 host.

Apple ID & iCloud

There’s no support for Apple ID on guests, and they can’t be connected to iCloud Drive or support apps using CloudKit. This means that VMs can’t run the great majority of App Store apps, apart from Apple’s free products such as Numbers, Pages and Keynote. There is considerable irony at this severe limitation on the use of App Store apps, given how keen Apple is to encourage us to obtain our apps from its App Store.

Peripherals & boot security

Most access to peripherals and other drivers is handled through a limited range of VirtIO devices, and doesn’t give direct access to USB or Thunderbolt; Apple has added new device support in Sonoma that may provide greater flexibility in future.

Guest macOS can be booted into Recovery, but there’s no support for hardware Diagnostics. Recovery enables you to change the VM’s startup security settings, and to disable SIP when you wish.

Summary

macOS VM guests running on Apple silicon deliver excellent performance and broad support for a range of standard devices. At present their main limitations are:

no control over Machine ID hence serial number;
NAT networking;
no Apple ID or iCloud access;
almost no App Store apps can be run;
limited support for peripheral devices.

You’ll find Viable and more information about virtualisation, including Linux support, on this page.

24Comments

Add yours

1

Alan B on June 20, 2023 at 7:15 am

I’ve not had much time recently to experiment with Sonoma VMs but, using Liviable fairly recently, I’ve also created VMs for Alpine, openSUSE Leap & Tumbleweed. I’ve also used Ubuntu server with the addition of the XFCE desktop environment. I can confirm that Debian, Fedora and Rocky VMs run very nicely too! Many thanks for providing such excellent virtualisation tools 🙂

LikeLiked by 1 person
- 2
  
  hoakley on June 20, 2023 at 7:24 am
  
  Thank you. All the work is being done by macOS, I promise you!
  Howard.
  
  LikeLike
3

hstriepe on June 20, 2023 at 3:56 pm

Since Tiger, we have used VMs heavily in development for setting up both dev environments and testing in “clean” sandboxes. On Intel, I used to keep complete development systems for older versions of macOS/XCode and our product as archives. This made it possible to help customers on old systems with an occasional “quick fix.” It also made debugging complex errors a little easier (how did it behave in the last build?) Most Windows development has been done on VMs, with some testing and debugging under BootCamp.
This is really no longer viable.

LikeLiked by 1 person
- 4
  
  hoakley on June 20, 2023 at 4:06 pm
  
  What features would you need added to make one of these VMs viable for you?
  Unfortunately, whether we like it or not, this is going to be the only option for virtualisation on Apple silicon. The investment required to develop an alternative would far exceed any potential return from sales, and much of the boot process is so shrouded in secrecy that it could prove impossible even then.
  I have installed and used Xcode in one of these VMs – it runs fine, but without Apple ID you can’t use Apple certificates or notarise within them.
  Howard.
  
  LikeLike
  - 5
    
    hstriepe on June 20, 2023 at 4:47 pm
    
    I would not expect the support of Intel systems.
    But the limitation to only one VMs under license restriction and, most of all, the AppleID issue is key. Not having that is just ludicrous.
    Signing and notarization are part of our workflow.
    I also much prefer network bridging over shared networking.
    
    LikeLiked by 1 person
    - 6
      
      hoakley on June 20, 2023 at 4:54 pm
      
      You’re not limited to only one VM. I have a couple of dozen. What you are limited in is that a host Mac can only run a maximum of two macOS VMs at the same time. That’s an old licence restriction, and applies to all macOS virtualisation, even on Intel. While I think Apple needs to revisit that in the light of Ultra chips, I don’t see how that should be restrictive.
      Regarding Apple ID access, I recommend that you file Feedback on this: apparently Apple’s virtualisation team was most surprised that anyone would want to use their Apple ID in a VM! Given sufficient requests, I hope they change this.
      With a little ingenuity, you can address that with Xcode using shared folders and Xcode on the host. But you can’t of course use Xcode in the cloud, another irony.
      Howard.
      
      LikeLike
7

hstriepe on June 20, 2023 at 4:00 pm

I should note that Parallels Desktop does a superb job with Windows 10/11. Microsoft has also done a great job with Visual Studio and apps running with their version of Intel translation. The latest VS Studio Preview is actually native.
Our Mac version is Universal, but we are shipping Windows as Intel x64 only, apart from a couple of drivers.

LikeLiked by 1 person
8

Ralf on June 20, 2023 at 5:04 pm

why does apple provide and develop this functionality for VMs? Apple does not have its own VM offering. And tailor made for Parallels doesn’t seem to either. Apple didn’t wait for Viable to be developed after all. Or did it? So why?

LikeLiked by 1 person
- 9
  
  hoakley on June 20, 2023 at 5:06 pm
  
  Because it’s the only way that anyone could virtualise macOS on Apple silicon.
  Howard
  
  LikeLike
  - 10
    
    Ralf on June 20, 2023 at 5:11 pm
    
    so they really expected someone to come along and program Viable 😉
    
    LikeLiked by 1 person
    - 11
      
      hstriepe on June 20, 2023 at 5:21 pm
      
      It’s why God and Apple invented APIs.
      
      LikeLiked by 1 person
- 12
  
  Harald Striepe on June 20, 2023 at 5:11 pm
  
  Hypervisors are useful for a number of things apart from VMs.
  
  LikeLiked by 1 person
  - 13
    
    hoakley on June 20, 2023 at 5:27 pm
    
    Well, the hypervisor was available earlier, and on Apple silicon is of almost no help in virtualising macOS.
    In order to make that possible, Apple had to modify macOS to support VirtIO drivers, as that’s the only practical way to access all the devices in M-series chips. Without those, anyone wanting to virtualise on Apple silicon would have to write their own device drivers for all those – as Asahi Linux have shown, that’s a pretty huge task.
    In addition to that, the virtualiser has to install macOS and boot it from ROM emulation through the pre-kernel phases. All in all, that’s such a massive challenge that specialists like VMware and Parallels were simply unable to take it on.
    Howard.
    
    LikeLike
14

Brian on June 20, 2023 at 7:05 pm

Viable is very compelling, thank you for improving it and applying for bridged networking. How much RAM do you recommend configuring a Ventura VM for general use vs. graphics use? Your documention says 6-16 normally. I’ve read that RAM requirements for applications tend to be lower on Apple Silicon vs. Intel, although I haven’t found good details to understand that (you probably have an article). Those variables help determine purchasing 32 or 64 GB RAM on a new Mac, wanting to avoid virtual memory. 64 is obviously better, but perhaps 32 would suffice. Thank you.

LikeLiked by 1 person
- 15
  
  hoakley on June 20, 2023 at 7:28 pm
  
  Thank you.
  Comparing Intel and Apple silicon requirements turns out to be complex. While Unified memory means that what would be in dedicated graphics memory remains in main RAM, that can also bring better economy. It may be worth asking those who do similar things with the same apps that you use, how much they are using in Apple silicon.
  If you’re running serious apps in a VM, then it’s worth giving it 16 GB. As that’s then no longer available to the host, its impact on a Mac with only 32 GB is substantial! So you may then find 64 GB of physical memory preferable for the Mac. But for more mundane work, 8 GB for the VM should ensure the host still has plenty.
  Howard.
  
  LikeLike
16

Michael Tsai - Blog - Public Developer Betas on June 21, 2023 at 2:30 pm

[…] Update (2023-06-21): Howard Oakley: […]

LikeLike
17

Johnson on June 22, 2023 at 3:44 pm

Since there is no access to AppleID in a VM it seems that one cannot update to β2 within the VM, so must create a new VM. Is it so?

LikeLiked by 1 person
- 18
  
  hoakley on June 22, 2023 at 3:52 pm
  
  Yes, that’s correct. You can download the IPSW image via the list kept by Mr Macintosh.
  Howard
  
  LikeLike
19

Anmol on July 17, 2023 at 6:48 am

It seems possible to run several App Store apps in a macOS guest by sharing the host Mac’s /Applications directory. I don’t have many apps, but I tried them all, mainly out of curiosity. Textual 7, Adblock Plus, Front and Center, LightBlue, Magic Lasso, Userscripts, Hush, Tailscale, SPIKE Legacy seem to launch fine in a Ventura guest running in UTM. iSH asks to sign in with Apple ID when launched. Acorn and News Explorer ask to sign in to ‘Apple Media Services’, but fail to launch when the sign-in is cancelled. Apple Arcade games say ‘You need to Sign in to play Apple Arcade Games”.

LikeLiked by 1 person
- 20
  
  hoakley on July 17, 2023 at 7:11 am
  
  I advise you against doing that: because the app is running from a shared folder, it can have untoward effects in those apps that do run. Sadly, it’s not a good solution to the lack of Apple ID.
  Howard.
  
  LikeLike
21

Ralf on August 13, 2023 at 7:23 am

Dear Howard, I just wonder if there is any chance to run a Sonoma VM on a Monterey host (MacBook Pro 18,3)? I have tried Parallels, and Viable, but despite using Apples own ipsw from its developer site, it does not seem to install / boot up at all. Is there anything I have overlooked? Or is it as it seems and no-one actually want to say: Only Ventura host with Sonoma VM will work?

LikeLiked by 1 person
- 22
  
  hoakley on August 13, 2023 at 7:47 am
  
  I doubt whether a Monterey host would work. The ways of enabling this in Ventura are to install the current beta of Xcode, which you can’t do in Monterey, or to install the special addition available from the beta support site, which also requires Ventura. So I suspect the answer is that you can’t, I’m afraid.
  Howard.
  
  LikeLike
  - 23
    
    Harald Striepe on August 13, 2023 at 7:59 am
    
    I suspect you are correct. I have not tried installing device support on Monterey, since I do not have an Apple Silicon system running it.
    
    LikeLiked by 1 person
- 24
  
  Harald Striepe on August 13, 2023 at 7:55 am
  
  You need to install Device Support for macOS 14 beta 5:
  https://developer.apple.com/services-account/download?path=/Developer_Tools/Device_Support_for_macOS_14_beta_4/Device_Support_for_macOS_14_beta_4.dmg
  
  LikeLiked by 1 person