All systems operational · v2.8.1 GA
Home vCenter Pricing Documentation Marketplace Partner Program Certification Compliance Status Bug Bounty GitHub Downloads
Confidential Computing AI-Powered Cloud-Native Audit-Ready Memory-Safe Components

Enterprise virtualization,
without the enterprise licence.

The open-source KVM/QEMU hypervisor that replaces VMware vSphere — DRS, HA, live migration, confidential VMs, vTPM 2.0, and a single-pane multi-cluster control plane. Production-ready. Self-hosted. MIT licensed.

★ 1.2k stars MIT licensed v2.8.1 GA 5k+ nodes deployed SOC 2 in progress
TCO Calculator

See how much you save vs VMware vSphere

Slide to your fleet size. Pricing reflects publicly listed VMware vSphere Standard + Aria Operations licensing.

VMware vSphere
$—
3-year TCO
Nutanix AHV
$—
3-year TCO
OXware
$—
3-year TCO
You save
$—
vs VMware
See OXware pricing
Built on the open stack the datacenter already trusts
KVM QEMU libvirt Python noVNC Open vSwitch WireGuard Ceph ZFS LUKS2 nftables
Platform Capabilities

Everything a modern hypervisor needs, on day one.

Three release lines. One platform. The same auditable engine on a laptop, a homelab, and a 36-node production cluster.

Type-1 KVM/QEMU

Bare-metal hypervisor with hardware-accelerated VT-x / AMD-V. Direct libvirt integration. No emulation tax.

DRS + HA + Live Migration

Cluster-aware scheduler keeps load balanced. Online migration during host maintenance. Automatic failover.

Confidential VMs

AMD SEV / SEV-SNP and Intel TDX with vTPM 2.0 and UEFI Secure Boot. Attestation captured per launch.

Audit-grade RBAC

Hash-chained audit log, JWT with HttpOnly cookies, 2FA, recovery codes, IP allowlists, per-tenant isolation.

SDN + Microsegmentation

Open vSwitch with distributed virtual switches. nftables / eBPF L7 policies. WireGuard mesh.

Storage that scales

ZFS, Ceph, LUKS2 disk encryption, content library, 3-2-1 backup, app-consistent snapshots.

Cluster Federation

One control plane over many OXware nodes. Aggregated inventory, parallel health, fan-out actions.

Auto-Remediation

Runbook executor reacts to anomaly events. Cooldown, hourly quota, audit log on every step.

API + SDK

~270 REST endpoints, OpenAPI explorer, Python plugin SDK, Pulumi provider, KubeVirt + K8s CSI / Operator.

VM Flight Recorder + AI Post-Mortem

An aircraft-style black box per VM. On a crash, the AI reconstructs the root-cause chain (CPU spike → OOM → panic). No other hypervisor ships this.

Telegram ChatOps

Manage the datacenter two-way from chat with AI — "create a VM", "why is vm-3 slow?". Competitors only push alerts; OXware acts.

What-If Simulator

Project CPU/RAM/power/cost/CO₂ of adding VMs before you do it. A pre-flight capacity sandbox — not just a recommendation.

Product Spotlights

Two products, one platform.

Run a single host or a federated multi-site fleet — the panel scales with you.

OXware Hypervisor

The core Type-1 KVM/QEMU hypervisor. Single-host or HA cluster. Ships with the full management panel, console, plugin SDK, and ~270 REST endpoints.

  • VM lifecycle, snapshots, live migration
  • noVNC + xterm.js in-browser console
  • Encrypted backups + Object Store targets
  • Plugin SDK, Marketplace, OPA policies
Read the Hypervisor docs

OXware vCenter

Multi-node cluster management — federate many OXware controllers behind a single pane. Aggregated inventory, parallel health, distributed networking, single sign-on.

  • Cluster federation across regions
  • Live migration between hosts
  • Distributed Virtual Switch (DVS)
  • Single SAML / OIDC sign-on
See vCenter
~270
REST API endpoints
114+
capabilities shipped
$0
licence fee, MIT licensed
v2.7
current GA release
Release 2.7.2 · GA

What's new this cycle.

Confidential computing, autonomous remediation, federation, and a hardened authentication path.

Confidential VMs

vTPM 2.0 + Secure Boot + SEV/TDX attestation. Hypervisor cannot read guest memory.

Auto-Remediation

Runbooks wired into the anomaly detector. Cooldown + quota + full audit history.

Managed Federation

Aggregate VMs and health across many OXware nodes. Parallel bulk actions.

HttpOnly Cookie Auth

JWT moved off localStorage. SameSite=Strict + double-submit CSRF. Setup endpoint locked to loopback.

SSO Fail-Closed

OIDC ID tokens verified against issuer JWKS. SAML requires python3-saml. No unsigned acceptance.

Strict CSP + Rate Limit

Per-IP sliding window on auth endpoints. Full CSP on panel and site. Privacy policy GA.

High-risk default-off

Plugin SDK, Docker/LXC, GitOps, federation ship disabled. Explicit operator opt-in required.

CI Hardening

Hard gates on compile, syntax, duplicate routes, Bandit HIGH, and token-in-URL regressions.

Browse all v2.8.1 features

Stop renting your hypervisor.

OXware is open source under the MIT licence. Download the installer ISO, follow the quick start, and your first cluster is online in under thirty minutes.