Key Concepts

Understanding the core terminology will help you get the most out of CiderStack.

Host

A host is a physical Mac running CiderStack.

Examples include:

• MacBook Pro
• Mac Studio
• Mac mini

Each host provides CPU, memory, storage, and networking resources for virtual machines.

Virtual Machine (VM)

A virtual machine (VM) is a fully isolated instance of macOS running on a host.

Each VM has:

• Its own macOS installation
• Dedicated CPU and memory allocation
• Independent storage
• Separate networking
• Its own lifecycle and snapshots

VMs behave like real Macs — they can run Xcode, enroll in MDM, install updates, and reboot independently of the host.

IPSW (Apple Restore Image)

An IPSW is Apple’s official macOS restore image.

These files are published by Apple and are used to install macOS on both physical Macs and virtual machines.

CiderStack relies exclusively on real Apple IPSWs, which means:

• No modified installers
• No emulation layers
• No third-party operating systems

Every macOS VM is installed using the same restore process Apple uses internally.

Images (OCI-based)

In CiderStack, an image is not the IPSW file itself.

Images are stored and distributed as OCI-compatible container images.

Each image contains:

• A macOS IPSW
• Metadata describing the operating system version and architecture
• Versioned tags for repeatable builds

This allows CiderStack to manage macOS base images using modern container-style workflows.

Image sources

Images can be added in two ways:

• Pulled from an OCI-compatible container registry
• Created locally by importing an IPSW

Once available, images can be reused to create any number of virtual machines.

Why OCI images?

Using OCI-compatible images enables:

• Versioned macOS base images
• Reproducible VM builds
• Fast image distribution across fleets
• Registry-backed caching
• Consistent environments between machines

This approach combines Apple’s native virtualization with modern infrastructure practices.

IPSW vs Image

Snapshots

A snapshot is a point-in-time capture of a VM’s disk state.

Snapshots allow you to:

• Roll back changes instantly
• Test software safely
• Preserve clean environments
• Recover from failed updates

Snapshots are powered by APFS and are nearly instant to create.

Instant Clones

An instant clone is a new VM created from a snapshot.

Thanks to APFS copy-on-write:

• Clones take seconds to create
• Storage is shared until data changes
• Multiple identical VMs can exist with minimal disk usage

This makes CiderStack ideal for CI runners and test environments.

Shared Folders

Shared folders allow directories on the host to be mounted directly inside a VM.

Common use cases include:

• Sharing source code
• Running build scripts
• Accessing artifacts
• Avoiding unnecessary file duplication

Changes are reflected immediately between host and VM.

Networking

Each VM includes built-in networking provided by macOS virtualization.

Depending on configuration, VMs can:

• Access the internet
• Reach internal services
• Communicate with the host

Networking is isolated and requires no kernel extensions.

Apple VM limits

Apple enforces limits on the number of macOS virtual machines per physical host.

CiderStack automatically:

• Detects host capabilities
• Enforces Apple’s limits
• Distributes workloads across available Macs

No manual balancing is required.

Local-first design

CiderStack is designed to run entirely on your own infrastructure.

• No required cloud services
• No external control plane
• No mandatory telemetry

Your infrastructure stays yours.

Summary

What’s next

Now that you understand the core concepts, you can explore:

• Snapshots & Instant Clones
• Shared Folders
• Networking