Right, because on Mac (and windows) you’re running a VM rather than just setting up kernel namespaces. How cpu and network intensive are these pets? Or is it more of a principle thing, which I totally understand?

I prefer containerization because it gives me a repeatable environment that I know works, where on my system things can change as the os updates and applications evolve.

But I can understand the benefit of sandboxing for sure! Thank you.