[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-2088":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":15,"forks30d":15,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":21,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":24,"hasPages":22,"topics":25,"createdAt":10,"pushedAt":10,"updatedAt":30,"readmeContent":31,"aiSummary":32,"trendingCount":15,"starSnapshotCount":15,"syncStatus":14,"lastSyncTime":33,"discoverSource":34},2088,"pve-microvm","rcarmo\u002Fpve-microvm","rcarmo","Firecracker-like microVMs for Proxmox VE — KVM isolation, under 200 ms boot.","https:\u002F\u002Frcarmo.github.io\u002Fprojects\u002Fpve-microvm",null,"Shell",152,9,2,0,6,7,20,18,60.5,"Apache License 2.0",false,"main",true,[26,27,28,29],"homelab","microvm","proxmox","sandboxing","2026-06-12 04:00:13","# pve-microvm\n\n![pve-microvm](docs\u002Ficon-256.png)\n\n\u003Cp align=\"center\">\n  \u003Cimg src=\"docs\u002Fpve-microvm-demo.gif\" alt=\"pve-microvm in the Proxmox web UI\" width=\"720\">\n\u003C\u002Fp>\n\nA Debian package that adds QEMU `microvm` machine type support to Proxmox VE.\nRuns OCI container images, [Firecracker rootfs images](docs\u002Ffirecracker.md), unikernels, and alternative OS as lightweight hardware-isolated VMs.\n\n> **⚠️ Highly experimental.** This project patches `qemu-server` internals and\n> has not been tested in production. Use at your own risk. The patches are\n> fully reversible — uninstalling the package restores the original files.\n\n📝 [Blog post with some background](https:\u002F\u002Ftaoofmac.com\u002Fspace\u002Fnotes\u002F2026\u002F04\u002F19\u002F1400#proxmox-microvms) · ❓ [FAQ](docs\u002Ffaq.md)\n\n---\n\n## Why\n\nWe needed something between LXC containers and full QEMU VMs for running\ncoding agents and other semi-trusted workloads.\n\n| | LXC | microvm | Standard VM |\n|---|---|---|---|\n| Isolation | Namespace (shared kernel) | **KVM (own kernel)** | KVM (own kernel) |\n| Boot time | ~50 ms | **\u003C 300 ms** | 2–10 s |\n| Overhead | Minimal | **Minimal** | Moderate |\n| Attack surface | Broad (host kernel) | **Minimal (virtio-pcie)** | Broad (emulated PC) |\n| Untrusted code | ⚠️ risky | **✅ safe** | ✅ safe |\n\n**Hardware-isolated VMs with container-like speed**, managed through the same\nProxmox tools you already use. No new runtime — QEMU's `microvm` machine type\nis already on every PVE node.\n\n---\n\n## Highlights\n\n- **50 features shipped** — templates, cloning, networking, HA, web UI, backups\n- **21 guest OS** — 13 Linux distros + SmolBSD, OpenWrt, OPNsense, 9Front, OSv, gokrazy, Firecracker\n- **31 ms boot** (SmolBSD) to **~2 s** (Alpine) to **~8 s** (Debian)\n- **Create µVM button** in PVE web UI with OCI image picker\n- **All storage backends** — LVM, LVM-thin, ZFS, NFS, CIFS, Ceph\n- **HA + migration** — offline migration in 2 seconds, ha-manager relocate\n- **Tested on 4 nodes** — from Atom x5-Z8350 (2 GB) to i7-12700 (128 GB)\n\n---\n\n## Quick start\n\n```bash\n# Install\ndpkg -i pve-microvm_0.3.10-1_all.deb\n\n# Create a template from any OCI image\npve-microvm-template --image debian:trixie-slim\n\n# Clone and boot\nqm clone 9000 901 --name my-sandbox --full\nqm start 901\nqm terminal 901\n```\n\nOr use the **Create µVM** button in the PVE web UI.\n\n---\n\n## Supported guests\n\n| Category | Images |\n|---|---|\n| **Linux (apt)** | Debian, Ubuntu |\n| **Linux (apk)** | Alpine |\n| **Linux (dnf\u002Ftdnf)** | Fedora, Rocky, Alma, Amazon, Oracle, UBI, Photon, Azure Linux |\n| **Router\u002FFirewall** | OpenWrt, OPNsense |\n| **BSD** | SmolBSD (NetBSD, 31ms boot) |\n| **Plan 9** | 9Front |\n| **Unikernel** | OSv, gokrazy |\n| **Compatible** | Any Firecracker rootfs (ext4 import) |\n\n---\n\n## What's included\n\n| Component | Description |\n|---|---|\n| **`pve-microvm-template`** | Create PVE templates from OCI images or specialist OS |\n| **`pve-oci-import`** | Convert any OCI image to a bootable microvm disk |\n| **`pve-microvm-share`** | Share host directories via virtiofs |\n| **`pve-microvm-9p`** | Share host directories via 9p (no daemon) |\n| **`pve-microvm-ssh-agent`** | Forward SSH agent via vsock |\n| **`pve-microvm-run`** | Ephemeral microvms (run and destroy) |\n| **`pve-microvm-bench`** | Boot time and overhead benchmarking |\n| **Web UI** | Create µVM dialog, ⚡ icon, xterm.js console, panel hiding |\n| **Kernel** | Pre-built 6.12.22 with PCIe virtio + vsock + virtiofs |\n\n---\n\n## Tested on\n\n| | z83ii (worst-case) | borg (reference) |\n|---|---|---|\n| **CPU** | Atom x5-Z8350 @ 1.44 GHz | i7-12700 @ 4.9 GHz |\n| **RAM** | 2 GB | 128 GB |\n| **PVE** | 9.1.9 (qemu-server 9.1.8) | 9.1.7 (qemu-server 9.1.6) |\n| **QEMU** | 10.1.2 | 10.1.2 |\n\nFull cluster: 4 nodes — see [Cluster Hardware](docs\u002Fcluster-hardware.md).\n\n---\n\n## Documentation\n\n- **[Installation](docs\u002Finstallation.md)** — install, verify, uninstall\n- **[Quick Start](docs\u002Fusage.md)** — templates, cloning, basic usage\n- **[Guest OS](docs\u002Fguests.md)** — all supported distributions and specialist OS\n- **[Networking & Storage](docs\u002Fnetworking.md)** — virtiofs, 9p, vsock, SSH agent\n- **[Web UI](docs\u002Fwebui.md)** — Create µVM dialog, console, icons, panel hiding\n- **[Configuration](docs\u002Fconfiguration.md)** — supported\u002Funsupported options\n- **[Architecture](docs\u002Farchitecture.md)** — how it works, QEMU command line\n- **[Firecracker Compatibility](docs\u002Ffirecracker.md)** — importing rootfs images\n- **[High Availability](docs\u002Fha.md)** — migration, HA relocate\n- **[Test Matrix](docs\u002Ftest-matrix.md)** — distros, features, hardware\n- **[Cluster Hardware](docs\u002Fcluster-hardware.md)** — all 4 nodes\n- **[Known Issues](docs\u002Fknown-issues.md)** — workarounds and fixes\n- **[Limitations](docs\u002Flimitations.md)** — what doesn't work (yet)\n- **[Troubleshooting](docs\u002Ftroubleshooting.md)** — common problems\n- **[FAQ](docs\u002Ffaq.md)** — frequently asked questions\n- **[Development](docs\u002Fdevelopment.md)** — repo structure, building\n- **[Changelog](docs\u002Fchangelog.md)** — full feature list and release history\n\n---\n\n## Roadmap\n\n| Feature | Priority |\n|---|---|\n| Network off by default | Medium |\n| Egress allow-list (nftables) | Medium |\n| CPU\u002Fmemory hotplug | Low |\n| Declarative VM config (TOML) | Low |\n| GPU passthrough | Low |\n| AArch64 guest support | Low |\n| Upstream RFC for pve-devel | Low |\n\n---\n\n## License\n\n[Apache-2.0](LICENSE)\n","pve-microvm 是一个为 Proxmox VE 添加 QEMU `microvm` 机器类型支持的 Debian 包，能够在不到200毫秒内启动具有KVM隔离级别的轻量级虚拟机。该项目的核心功能包括运行OCI容器镜像、Firecracker根文件系统镜像、unikernels和其他替代操作系统，并且提供了通过Proxmox Web UI创建和管理这些微型虚拟机的能力。它特别适合需要比LXC容器更高级别隔离但又不需要完整QEMU VM开销的场景，如执行半信任工作负载或编码代理等任务。此外，pve-microvm还支持多种存储后端及高可用性迁移等功能，使其成为家庭实验室或小型企业环境中灵活部署应用的理想选择。","2026-06-11 02:48:01","CREATED_QUERY"]