Pack your software with a Linux VM.
No dependency management. Sub-second cold start. Isolation by default.
install + usage
# install (macOS + Linux)
# option 1: download from GitHub releases
# https://github.com/smol-machines/smolvm/releases
# option 2: install script
curl -sSL https://smolmachines.com/install.sh | bash# run a command in an ephemeral VM (cleaned up after exit)
smolvm machine run --image alpine -- echo "hello from a microVM"
# interactive shell
smolvm machine run -it --image alpine
# persistent machine (survives stop/start)
smolvm machine create --net myvm
smolvm machine start --name myvm
smolvm machine exec --name myvm -- apk add sl
smolvm machine exec --name myvm -it -- /bin/sh
# try: sl, ls, uname -a — type 'exit' to leave
smolvm machine stop --name myvm
# mount host directories (explicit — host is protected by default)
smolvm machine create --net -v ./src:/workspace myvm
# pack - portable, executable virtual machine
smolvm pack create --image python:3.12-alpine -o ./my-pythonvm
./my-pythonvm python3 -c "print('hello from a packed VM')"
# uninstall
curl -sSL https://smolmachines.com/install.sh | bash -s -- --uninstallfeatures
isolate code — run untrusted programs in a hardware-isolated VM. Your host is protected by default.
smolvm machine run --image alpine -- sh -c "pip install sketchy-package"
# runs in its own kernel — can't touch your host filesystem or networksmolfile — declare a VM environment in a simple config file. Reproducible across machines.
# my-app.smolfile
# cpus = 2
# memory = 1024
# net = true
# ports = ["8080:8080"]
# init = ["apk add python3"]
smolvm machine create myvm -s my-app.smolfile
smolvm machine start --name myvmpack — turn any workload into a portable, self-contained executable. Doom in a browser, packaged as a microVM:
smolvm pack create --image python:3.12-alpine -o ./my-app
./my-app python3 -c "print('runs anywhere — no dependencies')"More examples: python · node · doom
about
smolvm runs Linux microVMs on your machine. No daemon, no Docker, no cloud account.
A microVM is a lightweight virtual machine — hardware-level isolation with <200ms boot time. Your host filesystem, network, and credentials are completely separated from the workload unless you explicitly share them in.
Install a single binary, run a command, get an isolated Linux environment.
use this for
- sandbox untrusted code (pip install, npm install, AI agents) with hardware isolation
- run Linux microVMs on macOS and Linux — no Docker daemon needed
- declare workloads with a Smolfile and run, pack, or deploy them
- mount host directories for shared file access, with the host protected by a hypervisor boundary
- pack and distribute self-contained sandboxed applications as portable
.smolmachineexecutables
comparison
| smolvm | Containers | Colima | QEMU | Firecracker | Kata | |
|---|---|---|---|---|---|---|
| Isolation | VM per workload | Namespace (shared kernel) | Namespace (1 VM) | Separate VM | Separate VM | VM per container |
| Boot time | <200ms | ~100ms | ~seconds | ~15-30s | <125ms | ~500ms |
| Architecture | Library (libkrun) | Daemon | Daemon (in VM) | Process | Process | Runtime stack |
| Per-workload VMs | Yes | No | No (shared) | Yes | Yes | Yes |
| macOS native | Yes | Via Docker VM | Yes (krunkit) | Yes | No | No |
| Embeddable SDK | Yes | No | No | No | No | No |
| Portable artifacts | .smolmachine | Images (need daemon) | No | No | No | No |
Sources: container isolation · containerd benchmark · QEMU boot time · Firecracker · Kata Containers · Kata boot time · Firecracker requires KVM · Kata macOS support
how it works
libkrun VMM + Hypervisor.framework (macOS) / KVM (Linux) + crun container runtime. No daemon process — the VMM is a library linked into the smolvm binary.
platform support
| host | guest | requirements |
|---|---|---|
| macOS Apple Silicon | arm64 Linux | macOS 11+ |
| macOS Intel | x86_64 Linux | macOS 11+ (untested) |
| Linux x86_64 | x86_64 Linux | KVM (/dev/kvm) |
| Linux aarch64 | aarch64 Linux | KVM (/dev/kvm) |
made by @binsquare · twitter · github