Run Cloud Virtual Machines Securely and Efficiently

Cloud Hypervisor is an open source Virtual Machine Monitor (VMM) implemented in Rust that focuses on running modern, cloud workloads, with minimal hardware emulation.

Get Started

Get the source on GitHub

Secure 🔒

Minimal emulated devices and implemented in Rust to avoid many common security issues

Fast ⚡️

Boot to userspace in less than 100ms with direct kernel boot

🪟 & 🐧

Supports running modern Linux and Windows guests

Kata Containers

Supported by Kata Containers for running secure containerised workloads

Powerful REST API

Programmatically control the lifecyle of the VM using an HTTP API

Slim

Minimal memory overhead for dense deployments

Cross platform

Runs on both x86-64 and aarch64

Broad device support

Support for wide range of paravirtualised devices and physical device passthrough

Live migration

Migrate VMs from one host to another without interruption

Get Involved:

Cloud Hypervisor is governed openly as part of the Linux Foundation and supported by multiple organisations:

  • Alibaba
  • AMD
  • Ampere
  • ARM
  • ByteDance
  • Intel
  • Microsoft
  • Tencent Cloud

Join our Slack community: Invite

Participate in our community activities: Slack channel

Check out and participate in our roadmap on GitHub

For full details of our governance model please see our community repository on GitHub and our founding charter.

For bug reports please use GitHub isssues; for broader community discussions please use our mailing list

Latest news from Cloud Hypervisor project:

Cloud Hypervisor v44.0 Released!

Posted February 3, 2025 by Cloud Hypervisor Team ‐ 2 min read

v44.0

This release has been tracked in our roadmap project as iteration v44.0. The following user visible changes have been made:

Configurable virtio-iommu Address Width

The iommu_address_width option has been added to --platform to allow users to limit the virtio-iommu address space in the guest. (#6900)

Notable Performance Improvements

The VIRTIO_BLK_F_SEG_MAX feature has been enabled for virtio-block devices, which brings significant performance improvements on throughput. (#6885)

The io_uring entries are no longer forced to use async helper workers, delegating the decision to the kernel. This change resolved the issue of having excessive amount of worker threads when io_uring is being used, which is expected to improve performance, such as reducing memory usage and reduce CPU contention.

New Fuzzers

Our continuous fuzzing infrastructure is augmented with two new fuzzers to cover x86 instruction emulator and virtio-vsock.

Notable Bug Fixes

  • Fix short read and short write that impact QCOW and VHDX support. (#6884)
  • Various bug fixes on VHDX support. (#6890, #6899)

Contributors

Many thanks to everyone who has contributed to our release:

v43.0

This release has been tracked in our roadmap project as iteration v43.0. The following user visible changes have been made:

Live Migration over TCP Connections

Support has been added to enable direct live migration from two hosts via TCP connections. This supplements the existing support for migrating over a UNIX socket which can then be tunnelled as desired. The documentation has been updated. (#6850)

Notable Performance Improvements

The VIRTIO_RING_F_INDIRECT_DESC feature has been enabled for virtio-block devices. This significantly increases the throughput of the devices with a small negative impact on latency. (#6826)

Notable Bug Fixes

  • Cloud Hypervisor now accepts VFIO devices that use I/O PCI BARs on non x86-64 architectures. Whether they function depends on the host PCI host bridge support - previously they would be rejected even if the driver did not use these BARs. (#6871)
  • Command line groups were adjusted to ensure that at least one payload parameter was provided if any other VM parameters provided. (#6832)

Contributors

Many thanks to everyone who has contributed to our release:

Download

See the GitHub Release for the release assets.