Run Cloud Virtual Machines Securely and Efficiently

Cloud Hypervisor is an open source Virtual Machine Monitor (VMM) implemented in Rust that focuses on running modern, cloud workloads, with minimal hardware emulation.

Get Started

Get the source on GitHub

Secure 🔒

Minimal emulated devices and implemented in Rust to avoid many common security issues

Fast ⚡️

Boot to userspace in less than 100ms with direct kernel boot

🪟 & 🐧

Supports running modern Linux and Windows guests

Kata Containers

Supported by Kata Containers for running secure containerised workloads

Powerful REST API

Programmatically control the lifecyle of the VM using an HTTP API


Minimal memory overhead for dense deployments

Cross platform

Runs on both x86-64 and aarch64

Broad device support

Support for wide range of paravirtualised devices and physical device passthrough

Live migration

Migrate VMs from one host to another without interruption

Get Involved:

Cloud Hypervisor is governed openly as part of the Linux Foundation and supported by multiple organisations:

  • Alibaba
  • AMD
  • Ampere
  • ARM
  • ByteDance
  • Intel
  • Microsoft
  • Tencent Cloud

Join our Slack community: Invite

Participate in our community activities: Slack channel

Check out and participate in our roadmap on GitHub

For full details of our governance model please see our community repository on GitHub and our founding charter.

For bug reports please use GitHub isssues; for broader community discussions please use our mailing list

Latest news from Cloud Hypervisor project:

Cloud Hypervisor v40.0 Released!

Posted June 21, 2024 by Cloud Hypervisor Team ‐ 2 min read

This release has been tracked in our roadmap project as iteration v40.0. The following user visible changes have been made:

Support for Restoring File Descriptor Backed Network Devices

It is now possible to pass file descriptors over the HTTP API (and using ch-remote) when restoring to update the file descriptors for network devices. This enables snapshot & restore functionality for guests using macvtap or other file descriptor backed network devices. (#6286)

Notable Bug Fixes

  • Default values have been removed from required fields in the OpenAPI metadata (#6495)
  • The help syntax of ch-remote remove-device has been improved (#6456)
  • A double close of file descriptors has been fixed when using --serial (#6486)
  • To prevent loops a limit on the nesting level for QCOW2 backing files has been introduced (#6482)
  • Boot time performance has been improved with multiple cores by avoiding cpuid instructions and by seeding the in kernel file descriptor table (#6498, #6478)
  • L1 cache details are more likely to be propagated into the guest (#6523)
  • The default topology for guests now uses multiple cores rather than sockets (#6504)


Many thanks to everyone who has contributed to our release:


See the GitHub Release for the release assets.