[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-73309":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":33,"readmeContent":34,"aiSummary":35,"trendingCount":16,"starSnapshotCount":16,"syncStatus":36,"lastSyncTime":37,"discoverSource":38},73309,"smolvm","smol-machines\u002Fsmolvm","smol-machines","Tool to build & run portable, lightweight, self-contained virtual machines.","https:\u002F\u002Fsmolmachines.com",null,"Rust",3698,173,11,29,0,104,236,452,312,108.72,"Apache License 2.0",false,"main",true,[27,28,29,30,31,32],"containers","crun","libkrun","microvm","rust","virtual-machine","2026-06-12 04:01:08","\u003Cp align=\"center\">\n  \u003Cimg src=\"assets\u002Flogo.png\" alt=\"smol machines\" width=\"80\">\n\u003C\u002Fp>\n\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fdiscord.gg\u002FE5r8rEWY9J\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDiscord-Join-5865F2?logo=discord&logoColor=white\" alt=\"Discord\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Freleases\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002Fsmol-machines\u002Fsmolvm?label=Release\" alt=\"Release\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Fblob\u002Fmain\u002FLICENSE\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Apache_2.0-blue.svg\" alt=\"License\">\u003C\u002Fa>\n\u003C\u002Fp>\n\nsmolvm\n======\n\nShip and run software with isolation by default.\n\nThis is a CLI tool that lets you:\n1. Manage and run custom Linux virtual machines locally with: sub-second cold start, cross-platform (macOS, Linux), elastic memory usage.\n2. Pack a stateful virtual machine into a single file (.smolmachine) to rehydrate on any supported platform.\n\nInstall\n-------\n\n```bash\n# install (macOS + Linux)\ncurl -sSL https:\u002F\u002Fsmolmachines.com\u002Finstall.sh | bash\n\n# for coding agents — install + discover all commands\ncurl -sSL https:\u002F\u002Fsmolmachines.com\u002Finstall.sh | bash && smolvm --help\n```\n\nOr download from [GitHub Releases](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Freleases).\n\nQuick Start\n-----------\n\n```bash\n# run a command in an ephemeral VM (cleaned up after exit)\nsmolvm machine run --net --image alpine -- sh -c \"echo 'Hello world from a microVM' && uname -a\"\n\n# interactive shell\nsmolvm machine run --net -it --image alpine -- \u002Fbin\u002Fsh\n# inside the VM: apk add sl && sl && exit\n```\n\nUse This For\n------------\n\n**Sandbox untrusted code** — run untrusted programs in a hardware-isolated VM. Host filesystem, network, and credentials are separated by a hypervisor boundary.\n\n```bash\n# network is off by default — untrusted code can't phone home\nsmolvm machine run --image alpine -- nslookup example.com\n# fails — no network access\n\n# lock down egress — only allow specific hosts\nsmolvm machine run --net --image alpine --allow-host registry.npmjs.org -- wget -q -O \u002Fdev\u002Fnull https:\u002F\u002Fregistry.npmjs.org\n# works — allowed host\n\nsmolvm machine run --net --image alpine --allow-host registry.npmjs.org -- wget -q -O \u002Fdev\u002Fnull https:\u002F\u002Fgoogle.com\n# fails — not in allow list\n```\n\n**Pack into portable executables** — turn any workload into a self-contained binary. All dependencies are pre-baked — no install step, no runtime downloads, boots in \u003C200ms.\n\n```bash\nsmolvm pack create --image python:3.12-alpine -o .\u002Fpython312\n.\u002Fpython312 run -- python3 --version\n# Python 3.12.x — isolated, no pyenv\u002Fvenv\u002Fconda needed\n```\n\n**Persistent machines for development** — create, stop, start. Installed packages survive restarts.\n\n```bash\nsmolvm machine create --net myvm\nsmolvm machine start --name myvm\nsmolvm machine exec --name myvm -- apk add sl\nsmolvm machine exec --name myvm -it -- \u002Fbin\u002Fsh\n# inside: sl, ls, uname -a — type 'exit' to leave\nsmolvm machine stop --name myvm\n```\n\n**Use git and SSH without exposing keys** — forward your host SSH agent into the VM. Private keys never enter the guest — the hypervisor enforces this. Requires an SSH agent running on your host (`ssh-add -l` to check).\n\n```bash\nsmolvm machine run --ssh-agent --net --image alpine -- sh -c \"apk add -q openssh-client && ssh-add -l\"\n# lists your host keys, but they can't be extracted from inside the VM\n\nsmolvm machine exec --name myvm -- git clone git@github.com:org\u002Fprivate-repo.git\n```\n\n**Declare environments with a Smolfile** — reproducible VM config in a simple TOML file.\n\n```toml\nimage = \"python:3.12-alpine\"\nnet = true\n\n[network]\nallow_hosts = [\"api.stripe.com\", \"db.example.com\"]\n\n[dev]\ninit = [\"pip install -r requirements.txt\"]\nvolumes = [\".\u002Fsrc:\u002Fapp\"]\n\n[auth]\nssh_agent = true\n```\n\n```bash\nsmolvm machine create myvm -s Smolfile\nsmolvm machine start --name myvm\n```\n\nMore examples: [python](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Ftree\u002Fmain\u002Fexamples\u002Fpython-app) · [node](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Ftree\u002Fmain\u002Fexamples\u002Fnode-app) · [doom](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm\u002Ftree\u002Fmain\u002Fexamples\u002Fdoom-web)\n\nHow It Works\n------------\n\nEach workload gets real hardware isolation — its own kernel on [Hypervisor.framework](https:\u002F\u002Fdeveloper.apple.com\u002Fdocumentation\u002Fhypervisor) (macOS) or KVM (Linux). [libkrun](https:\u002F\u002Fgithub.com\u002Fcontainers\u002Flibkrun) VMM with custom kernel: [libkrunfw](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Flibkrunfw). Pack it into a `.smolmachine` and it runs anywhere the host architecture matches, with zero dependencies.\n\nImages use the [OCI](https:\u002F\u002Fopencontainers.org\u002F) format — the same open standard Docker uses. Any image on Docker Hub, ghcr.io, or other OCI registries can be pulled and booted as a microVM. No Docker daemon required.\n\nDefaults: 4 vCPUs, 8 GiB RAM. Memory is elastic via virtio balloon — the host only commits what the guest actually uses and reclaims the rest automatically. vCPU threads sleep in the hypervisor when idle, so over-provisioning has near-zero cost. Override with `--cpus` and `--mem`.\n\nComparison\n----------\n\n|                     | smolvm | Containers | Colima | QEMU | Firecracker | Kata |\n|---------------------|--------|------------|--------|------|-------------|------|\n| Isolation           | VM per workload | Namespace (shared kernel) | Namespace (1 VM) | Separate VM | Separate VM | VM per container |\n| Boot time           | \u003C200ms | ~100ms | ~seconds | ~15-30s | \u003C125ms | ~500ms |\n| Architecture        | Library (libkrun) | Daemon | Daemon (in VM) | Process | Process | Runtime stack |\n| Per-workload VMs    | Yes | No | No (shared) | Yes | Yes | Yes |\n| macOS native        | Yes | Via Docker VM | Yes (krunkit) | Yes | No | No |\n| Embeddable SDK      | Yes | No | No | No | No | No |\n| Portable artifacts  | `.smolmachine` | Images (need daemon) | No | No | No | No |\n\nPlatform Support\n----------------\n\n| Host | Guest | Requirements |\n|------|-------|-------------|\n| macOS Apple Silicon | arm64 Linux | macOS 11+ |\n| macOS Intel | x86_64 Linux | macOS 11+ (untested) |\n| Linux x86_64 | x86_64 Linux | KVM (`\u002Fdev\u002Fkvm`) |\n| Linux aarch64 | aarch64 Linux | KVM (`\u002Fdev\u002Fkvm`) |\n\nKnown Limitations\n-----------------\n\n* Network is opt-in (`--net` on `machine create`). TCP\u002FUDP only, no ICMP.\n* Volume mounts: directories only (no single files).\n* macOS: binary must be signed with Hypervisor.framework entitlements.\n* `--ssh-agent` requires an SSH agent running on the host (`SSH_AUTH_SOCK` must be set).\n* GPU acceleration requires libkrun built with `GPU=1` and virglrenderer + a Vulkan driver on the host (see [GPU Acceleration](#gpu-acceleration) below).\n\nGPU Acceleration\n----------------\n\nsmolvm exposes the host GPU to guests via **virtio-gpu \u002F Venus** (Vulkan-over-virtio). Guest workloads see a real Vulkan device; on Linux + Intel this renders as:\n\n```\nANGLE (Intel, Vulkan 1.4 (Virtio-GPU Venus (Intel(R) UHD Graphics ...)), venus)\n```\n\n### Host requirements\n\n**macOS** — virglrenderer and MoltenVK are bundled in the smolvm distribution. No extra installs needed.\n\n**Linux** — virglrenderer and a host Vulkan driver must be installed from the system package manager:\n\n| Distro | Packages |\n|--------|----------|\n| Alpine | `apk add virglrenderer mesa-vulkan-intel` (or `mesa-vulkan-ati` for AMD) |\n| Debian\u002FUbuntu | `apt install virglrenderer0 mesa-vulkan-drivers` |\n\n> virglrenderer depends on libEGL and libdrm from the host GPU driver stack — these are hardware-specific and cannot be bundled. Any GPU-capable Linux host will already have them installed via its GPU driver.\n\n### Usage\n\n```bash\n# CLI\nsmolvm machine run --gpu --image alpine -- vulkaninfo --summary\n\n# Smolfile\n# gpu = true\n# gpu_vram = 2048   # MiB, default 4096\n```\n\nThe guest Vulkan loader must be pointed at the virtio ICD:\n\n```bash\nexport VK_ICD_FILENAMES=\u002Fusr\u002Fshare\u002Fvulkan\u002Ficd.d\u002Fvirtio_icd.x86_64.json\n```\n\n### Headless browser example\n\nSee [`examples\u002Fheadless-browser\u002F`](examples\u002Fheadless-browser\u002F) for a working Chromium setup using ANGLE + Venus for hardware-accelerated WebGL inside a headless VM.\n\nDevelopment\n-----------\n\nSee [docs\u002FDEVELOPMENT.md](docs\u002FDEVELOPMENT.md).\n\n[Apache-2.0](LICENSE) · made by [@binsquare](https:\u002F\u002Fgithub.com\u002FBinSquare) · [twitter](https:\u002F\u002Fx.com\u002Fbinsquares) · [github](https:\u002F\u002Fgithub.com\u002Fsmol-machines\u002Fsmolvm)\n","smolvm 是一个用于构建和运行便携、轻量级且自包含虚拟机的工具。它使用 Rust 语言开发，支持在本地管理和运行定制的 Linux 虚拟机，具有亚秒级冷启动、跨平台（macOS 和 Linux）以及弹性内存使用等核心功能。此外，smolvm 还可以将状态化的虚拟机打包成单个文件（.smolmachine），以便在任何受支持的平台上重新激活。该工具适用于需要隔离运行不信任代码的场景，例如沙箱化执行潜在危险的应用程序或脚本；也可以用来创建持久化的开发环境，其中安装的软件包能够跨越重启而保留；或是将复杂的工作负载转换为无需额外依赖即可运行的独立可执行文件。",2,"2026-06-11 03:44:56","high_star"]