Handbook: HTML Markdown • Matrix chat • Changelog
A Nix Flake to build NixOS and run it on one of several Type-2
Hypervisors on NixOS/Linux. The project is intended to provide a more
isolated alternative to nixos-container. You can either build and
run MicroVMs like Nix packages, or alternatively install them as
systemd services declaratively in your host's Nix Flake or
imperatively with the provided microvm command.
- MicroVMs are Virtual Machines but use special device interfaces (virtio) for high performance.
- This project runs them on NixOS hosts.
- You can choose one of five hypervisors for each MicroVM.
- MicroVMs have a fixed RAM allocation (default: 512 MB) but can be
shrunk using
microvm-balloon - MicroVMs have a read-only root disk with either a prepopulated
/nix/storeor by mounting the host's along with an optional writable overlay. This filesystem can be built as either squashfs (smaller) or erofs (faster). - You define your MicroVMs in a Nix Flake's
nixosConfigurationssection, reusing thenixosModulesthat are exported by this Flake. - MicroVMs can access stateful filesystems either on a image volume as a block device, or alternatively as a shared directory hierarchy through 9p or virtiofs.
- Zero, one, or more virtual tap ethernet network interfaces can be
attached to a MicroVM.
qemuandkvmtoolalso support user networking which requires no additional setup on the host.
| Hypervisor | Language | Restrictions |
|---|---|---|
| qemu | C | |
| cloud-hypervisor | Rust | no 9p shares |
| firecracker | Rust | no 9p/virtiofs shares |
| crosvm | Rust | 9p shares broken |
| kvmtool | C | no virtiofs shares, no control socket |
| stratovirt | Rust | no 9p/virtiofs shares, no control socket |
| alioth | Rust | no virtiofs shares, no control socket |
nix registry add microvm github:microvm-nix/microvm.nix(If you do not want to inflict this change on your system, just
replace microvm with github:microvm-nix/microvm.nix in the following
examples.)
nix flake init -t microvm
$EDITOR flake.nix
nix run .#my-microvmnix run microvm#qemu-example
nix run microvm#firecracker-example
nix run microvm#cloud-hypervisor-example
nix run microvm#crosvm-example
nix run microvm#kvmtool-example
nix run microvm#stratovirt-examplenix run microvm#vmCheck networkctl status virbr0 for the DHCP leases of the nested
MicroVMs. They listen for ssh with an empty root password.
nix run microvm#graphics neverballAccelerate your operations and secure your infrastructure with support from a team of virtualization experts. Contact Cyberus Technology: https://www.cyberus-technology.de/contact
Looking for help or customization?
Get in touch with Numtide to get a quote. We make it easy for companies to work with Open Source projects: https://numtide.com/contact