The open-source KVM/QEMU hypervisor that replaces VMware vSphere — DRS, HA, live migration, confidential VMs, vTPM 2.0, and a single-pane multi-cluster control plane. Production-ready. Self-hosted. MIT licensed.
Slide to your fleet size. Pricing reflects publicly listed VMware vSphere Standard + Aria Operations licensing.
Three release lines. One platform. The same auditable engine on a laptop, a homelab, and a 36-node production cluster.
Bare-metal hypervisor with hardware-accelerated VT-x / AMD-V. Direct libvirt integration. No emulation tax.
Cluster-aware scheduler keeps load balanced. Online migration during host maintenance. Automatic failover.
AMD SEV / SEV-SNP and Intel TDX with vTPM 2.0 and UEFI Secure Boot. Attestation captured per launch.
Hash-chained audit log, JWT with HttpOnly cookies, 2FA, recovery codes, IP allowlists, per-tenant isolation.
Open vSwitch with distributed virtual switches. nftables / eBPF L7 policies. WireGuard mesh.
ZFS, Ceph, LUKS2 disk encryption, content library, 3-2-1 backup, app-consistent snapshots.
One control plane over many OXware nodes. Aggregated inventory, parallel health, fan-out actions.
Runbook executor reacts to anomaly events. Cooldown, hourly quota, audit log on every step.
~270 REST endpoints, OpenAPI explorer, Python plugin SDK, Pulumi provider, KubeVirt + K8s CSI / Operator.
An aircraft-style black box per VM. On a crash, the AI reconstructs the root-cause chain (CPU spike → OOM → panic). No other hypervisor ships this.
Manage the datacenter two-way from chat with AI — "create a VM", "why is vm-3 slow?". Competitors only push alerts; OXware acts.
Project CPU/RAM/power/cost/CO₂ of adding VMs before you do it. A pre-flight capacity sandbox — not just a recommendation.
Run a single host or a federated multi-site fleet — the panel scales with you.
The core Type-1 KVM/QEMU hypervisor. Single-host or HA cluster. Ships with the full management panel, console, plugin SDK, and ~270 REST endpoints.
Multi-node cluster management — federate many OXware controllers behind a single pane. Aggregated inventory, parallel health, distributed networking, single sign-on.
Confidential computing, autonomous remediation, federation, and a hardened authentication path.
vTPM 2.0 + Secure Boot + SEV/TDX attestation. Hypervisor cannot read guest memory.
Runbooks wired into the anomaly detector. Cooldown + quota + full audit history.
Aggregate VMs and health across many OXware nodes. Parallel bulk actions.
JWT moved off localStorage. SameSite=Strict + double-submit CSRF. Setup endpoint locked to loopback.
OIDC ID tokens verified against issuer JWKS. SAML requires python3-saml. No unsigned acceptance.
Per-IP sliding window on auth endpoints. Full CSP on panel and site. Privacy policy GA.
Plugin SDK, Docker/LXC, GitOps, federation ship disabled. Explicit operator opt-in required.
Hard gates on compile, syntax, duplicate routes, Bandit HIGH, and token-in-URL regressions.
OXware is open source under the MIT licence. Download the installer ISO, follow the quick start, and your first cluster is online in under thirty minutes.