Fast, isolated Linux VMs โ€” the same smol machine on your laptop, in the cloud, or self-hosted.
cli cloud registry

about

Run any workload in a fast, hardware-isolated Linux VM. The same SDK and the same .smolmachine artifact run identically:

Develop locally, then deploy or self-host without changing a line.

The engine is open source (Apache-2.0): smol-machines/smolvm.

install + usage

# install (macOS + Linux)
curl -sSL https://smolmachines.com/install.sh | bash

# for coding agents โ€” install + discover all commands
curl -sSL https://smolmachines.com/install.sh | bash && smolvm --help
# run a command in an ephemeral VM (cleaned up after exit)
smolvm machine run --net --image alpine -- sh -c "echo 'Hello world from a microVM' && uname -a"

# interactive shell
smolvm machine run --net -it --image alpine -- /bin/sh
# inside the VM: apk add sl && sl && exit

# uninstall
curl -sSL https://smolmachines.com/install.sh | bash -s -- --uninstall

use this for

sandbox untrusted code โ€” run untrusted programs in a hardware-isolated VM. Host filesystem, network, and credentials are separated by a hypervisor boundary.

# network is off by default โ€” untrusted code can't phone home
smolvm machine run --image alpine -- ping -c 1 1.1.1.1
# fails โ€” no network access

# lock down egress โ€” only allow specific hosts
smolvm machine run --net --image alpine --allow-host registry.npmjs.org -- wget -q -O /dev/null https://registry.npmjs.org

pack into portable executables โ€” turn any workload into a self-contained binary. All dependencies are pre-baked โ€” no install step, no runtime downloads, boots in <200ms.

smolvm pack create --image python:3.12-alpine -o ./python312
./python312 run -- python3 --version
# Python 3.12.x โ€” isolated, no pyenv/venv/conda needed

persistent machines for development โ€” create, stop, start. Installed packages survive restarts.

smolvm machine create --net --name myvm
smolvm machine start --name myvm
smolvm machine exec --name myvm -- apk add sl
smolvm machine exec --name myvm -it -- /bin/sh
smolvm machine stop --name myvm

GPU-accelerated workloads โ€” Vulkan access to the host GPU inside isolated VMs.

smolvm machine run --gpu --net --image fedora:42 -- bash -c '
  /usr/lib64/chromium-browser/headless_shell \
    --no-sandbox --screenshot=/tmp/shot.png \
    --window-size=1920,1080 https://example.com'

More examples: python ยท node

comparison

smolvmContainersQEMUFirecracker
IsolationVM per workloadNamespace (shared kernel)Separate VMSeparate VM
Boot time<300ms~100ms~15-30s<125ms
ArchitectureLibrary (libkrun)DaemonProcessProcess
GPUYes (Vulkan)Host passthroughVFIONo
macOS nativeYesVia Docker VMYesNo
Portable artifacts.smolmachineImages (need daemon)NoNo

how it works

Each workload gets real hardware isolation โ€” its own kernel on Hypervisor.framework (macOS) or KVM (Linux). Pack it into a .smolmachine and it runs anywhere the host architecture matches, with zero dependencies.

Defaults: 4 vCPUs, 8 GiB RAM. Memory is elastic via virtio balloon โ€” the host only commits what the guest actually uses. libkrun VMM + custom kernel: libkrunfw. No daemon โ€” the VMM is a library linked into the smolvm binary.

platform support

hostguestrequirements
macOS Apple Siliconarm64 LinuxmacOS 11+
macOS Intelx86_64 LinuxmacOS 11+ (untested)
Linux x86_64x86_64 LinuxKVM (/dev/kvm)
Linux aarch64aarch64 LinuxKVM (/dev/kvm)