Orchestrator for running Tart Virtual Machines on a cluster of Apple Silicon devices

Go to file

dependabot[bot] 96d43e12fe Bump the all-updates group across 1 directory with 14 updates Bumps the all-updates group with 8 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [github.com/gin-contrib/zap](https://github.com/gin-contrib/zap) \| `1.1.6` \| `1.1.7` \| \| [github.com/hashicorp/go-version](https://github.com/hashicorp/go-version) \| `1.8.0` \| `1.9.0` \| \| [github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) \| `4.26.2` \| `4.26.3` \| \| [go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin](https://github.com/open-telemetry/opentelemetry-go-contrib) \| `0.67.0` \| `0.68.0` \| \| [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc](https://github.com/open-telemetry/opentelemetry-go) \| `1.42.0` \| `1.43.0` \| \| [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://github.com/open-telemetry/opentelemetry-go) \| `1.42.0` \| `1.43.0` \| \| [golang.org/x/crypto](https://github.com/golang/crypto) \| `0.49.0` \| `0.50.0` \| \| [golang.org/x/net](https://github.com/golang/net) \| `0.52.0` \| `0.53.0` \| Updates `github.com/gin-contrib/zap` from 1.1.6 to 1.1.7 - [Release notes](https://github.com/gin-contrib/zap/releases) - [Commits](https://github.com/gin-contrib/zap/compare/v1.1.6...v1.1.7) Updates `github.com/hashicorp/go-version` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/hashicorp/go-version/releases) - [Changelog](https://github.com/hashicorp/go-version/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/go-version/compare/v1.8.0...v1.9.0) Updates `github.com/shirou/gopsutil/v4` from 4.26.2 to 4.26.3 - [Release notes](https://github.com/shirou/gopsutil/releases) - [Commits](https://github.com/shirou/gopsutil/compare/v4.26.2...v4.26.3) Updates `go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin` from 0.67.0 to 0.68.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.67.0...zpages/v0.68.0) Updates `go.opentelemetry.io/otel` from 1.42.0 to 1.43.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` from 1.42.0 to 1.43.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) Updates `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` from 1.42.0 to 1.43.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) Updates `go.opentelemetry.io/otel/metric` from 1.42.0 to 1.43.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) Updates `go.opentelemetry.io/otel/sdk/metric` from 1.42.0 to 1.43.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) Updates `golang.org/x/crypto` from 0.49.0 to 0.50.0 - [Commits](https://github.com/golang/crypto/compare/v0.49.0...v0.50.0) Updates `golang.org/x/net` from 0.52.0 to 0.53.0 - [Commits](https://github.com/golang/net/compare/v0.52.0...v0.53.0) Updates `golang.org/x/term` from 0.41.0 to 0.42.0 - [Commits](https://github.com/golang/term/compare/v0.41.0...v0.42.0) Updates `golang.org/x/text` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.35.0...v0.36.0) Updates `google.golang.org/grpc` from 1.79.3 to 1.80.0 - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.79.3...v1.80.0) --- updated-dependencies: - dependency-name: github.com/gin-contrib/zap dependency-version: 1.1.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-updates - dependency-name: github.com/hashicorp/go-version dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: github.com/shirou/gopsutil/v4 dependency-version: 4.26.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-updates - dependency-name: go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin dependency-version: 0.68.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: go.opentelemetry.io/otel dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: go.opentelemetry.io/otel/metric dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: go.opentelemetry.io/otel/sdk/metric dependency-version: 1.43.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: golang.org/x/crypto dependency-version: 0.50.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: golang.org/x/net dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: golang.org/x/term dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: golang.org/x/text dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates - dependency-name: google.golang.org/grpc dependency-version: 1.80.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-updates ... Signed-off-by: dependabot[bot] <support@github.com>		2026-04-13 18:46:52 +00:00
.github	Support Vetu virtualization on Linux in addition to Tart on macOS (#419 )	2026-03-16 11:12:28 +01:00
api	Support Vetu virtualization on Linux in addition to Tart on macOS (#419 )	2026-03-16 11:12:28 +01:00
cmd/orchard	Orchard Controller: implement an SSH server that acts as a jump host (#179 )	2024-06-11 19:32:45 +04:00
docs	Move documentation to Tart's website (#199 )	2024-09-03 21:08:11 +04:00
internal	Remove license tier validation (#428 )	2026-04-12 15:27:27 -04:00
packaging	orchard-controller .deb/.rpm package: install systemd service (#204 )	2024-09-05 20:42:36 +04:00
pkg	create vm: introduce --{os,arch,runtime} command-line arguments (#422 )	2026-03-17 19:46:00 +01:00
rpc	API endpoint and associated RPC changes to resolve VMs IP's (#188 )	2024-07-03 22:56:43 +04:00
test/load	test(load): avoid unnecessary new Uint8Array(...) (#414 )	2026-02-23 18:57:12 +01:00
.cirrus.star	Use golangci-lint (#15 )	2023-01-31 22:22:28 +04:00
.cirrus.yml	Support Vetu virtualization on Linux in addition to Tart on macOS (#419 )	2026-03-16 11:12:28 +01:00
.gitignore	Better state syncing and other improvements (#24 )	2023-03-01 11:42:16 -05:00
.golangci.yml	.golangci.yml: support golangci-lint 2.0 (#289 )	2025-03-24 23:58:47 +04:00
.goreleaser.yml	Fix #221 by bumping Go. (#223 )	2024-11-20 14:02:39 +04:00
DEVELOPMENT.md	Move documentation to Tart's website (#199 )	2024-09-03 21:08:11 +04:00
Dockerfile	orchard controller run: create a default bootstrap context (#291 )	2025-03-27 18:48:04 +04:00
LICENSE	Prepare for release (#37 )	2023-03-20 15:28:24 -04:00
README.md	README.md: document an alternative "Local Network" permission workaround (#417 )	2026-03-03 21:23:28 +01:00
buf.gen.yaml	Port forwarding support (#30 )	2023-03-14 11:31:13 -04:00
buf.work.yaml	Port forwarding support (#30 )	2023-03-14 11:31:13 -04:00
go.mod	Bump the all-updates group across 1 directory with 14 updates	2026-04-13 18:46:52 +00:00
go.sum	Bump the all-updates group across 1 directory with 14 updates	2026-04-13 18:46:52 +00:00

README.md

Orchard

[!IMPORTANT]

macOS 15 (Sequoia) or later

The newly introduced "Local Network" permission in macOS Sequoia requires accepting a GUI pop-up on each host machine that runs the Orchard Worker.

To work around this, there are two options. The first one is to invoke the orchard worker run as root with an additional --user command-line argument, which takes a name of your regular, non-privileged user on the host machine.

This will cause the Orchard Worker to start a small orchard localnetworkhelper process in the background and then drop the privileges to the specified user.

The helper process is privileged and needed to establish network connections on behalf of the Orchard Worker without triggering a GUI pop-up.

This approach is more secure than simply running orchard worker run as root, because only a small part of Orchard Worker runs privileged and the only functionality that this part has is establishing new connections.

The second workaround is to set local the network privacy preferences so that all IPv4 private address space that could potentially be used for VMs is excluded:
sudo defaults write com.apple.network.local-network AllowedEthernetLocalNetworkAddresses -array "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
sudo defaults write com.apple.network.local-network AllowedWiFiLocalNetworkAddresses -array "10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
...and then reboot.

Orchard is an orchestration system for Tart. Create a cluster of bare-metal Apple Silicon machines and manage dozens of VMs with ease!

Usage

The fastest way to get started with Orchard is to use a local development mode:

brew install cirruslabs/cli/orchard
orchard dev

This will start Orchard Controller and a single Orchard Worker on your local machine.

You can interact with the newly created cluster using the orchard CLI or programmatically, through the built-in REST API server.

Please check out the official documentation for more information and/or feel free to use issues for the remaining questions.