Run Cloud Virtual Machines Securely and Efficiently

Cloud Hypervisor is an open source Virtual Machine Monitor (VMM) implemented in Rust that focuses on running modern, cloud workloads, with minimal hardware emulation.

Get Started

Get the source on GitHub

Secure 🔒

Minimal emulated devices and implemented in Rust to avoid many common security issues

Fast ⚡️

Boot to userspace in less than 100ms with direct kernel boot

🪟 & 🐧

Supports running modern Linux and Windows guests

Kata Containers

Supported by Kata Containers for running secure containerised workloads

Powerful REST API

Programmatically control the lifecyle of the VM using an HTTP API

Slim

Minimal memory overhead for dense deployments

Cross platform

Runs on both x86-64 and aarch64

Broad device support

Support for wide range of paravirtualised devices and physical device passthrough

Live migration

Migrate VMs from one host to another without interruption

Get Involved:

Cloud Hypervisor is governed openly as part of the Linux Foundation and supported by multiple organisations:

  • Alibaba
  • AMD
  • Ampere
  • ARM
  • ByteDance
  • Intel
  • Microsoft
  • Tencent Cloud

Join our Slack community: Invite

Participate in our community activities: Slack channel

Check out and participate in our roadmap on GitHub

For full details of our governance model please see our community repository on GitHub and our founding charter.

For bug reports please use GitHub isssues; for broader community discussions please use our mailing list

Latest news from Cloud Hypervisor project:

Cloud Hypervisor v39.0 Released!

Posted April 27, 2024 by Cloud Hypervisor Team ‐ 2 min read

This release has been tracked in our roadmap project as iteration v39.0. The following user visible changes have been made:

Variable Sizing of PCI Apertures for Segments

It is now possible to use --pci-segment to adjust the aperture size that devices 32-bit and 64-bit PCI device BARs will be allocated from. Previously the address space was equally distributed across all the segments which may leave insufficient space for devices that require a large 32-bit space. With this change the weighting per segment can be adjusted. (#6387)

Direct Booting with bzImages

Support for directly booting Linux from bzImages has been added.(#6200)

Support for NVIDIA GPUDirect P2P Support

The x_nv_gpudirect_clique option was added to --device to allow the configuration of device P2P support with NVIDIA GPUs. (#6235)

Guest NMI Injection Support

A new API endpoint and ch-remote option added for injecting an NMI into the guest. (#6047)

Notable Bug Fixes

  • Workaround for kernel bug affecting guest IRQ masking on AMD (#6353)
  • Correctly cleanup sigwinch_listener process (#6208)
  • Graceful shutdown of HTTP API thread (#6248, #6247)
  • Fix queue_affinity option in OpenAPI metadata (#6268)
  • Fix documentation to indicate only stream mode is supported by virtio-vsock (#6306)
  • Fix virtio-fs tag validation (#6358, #6359)
  • Add missing pvpanic device to OpenAPI metadata (#6372)
  • Fixes for nested virtualization with VFIO devices (#6110, #6298, #6297, #6319)
  • Fix for backing file for virtio-mem regions with snapshot/restore (#6337, #6338)
  • Explicitly mark FDs used for network devices as invalid across snapshot/restore (#6332, #6286)
  • Improve event-monitor events around reboot (#6277, #6274)
  • Fix potential deadlock around paused devices during live migration (#6293)
  • Fix panic when running ch-remote with no subcommand (#6230)
  • Fix hotplug of virtio devices after snapshot/restore and live migration (#6326, #6265)

Contributors

Many thanks to everyone who has contributed to our release:

Download

See the GitHub Release for the release assets.