Hello! I have been wanting to do "fix" the agent sandboxing problem for a while, and after playing around with containers, LXC, etc., I decided to look at microVMs. But since I run Proxmox at home, having an exotic hypervisor wasn't an option. And today I realized that QEMU has had microVMs for quite a while now (https://www.qemu.org/docs/master/system/i386/microvm.html), so I thought... What would it take to patch Proxmox to handle them?
A few hours later, after my first hacky attempt where I validated that yes, PVE shipped with all the right bits, I decided to turn what I learned into a .deb package - I'll be using this on a daily basis, so I will be adding UI niceties as I go, but this is _immediately_ useful.
how does this compare to plain firecracker? i tried running firecracker directly and the setup overhead was not worth it for my use case. curious if the proxmox integration makes the lifecycle easier
Hello! I have been wanting to do "fix" the agent sandboxing problem for a while, and after playing around with containers, LXC, etc., I decided to look at microVMs. But since I run Proxmox at home, having an exotic hypervisor wasn't an option. And today I realized that QEMU has had microVMs for quite a while now (https://www.qemu.org/docs/master/system/i386/microvm.html), so I thought... What would it take to patch Proxmox to handle them?
A few hours later, after my first hacky attempt where I validated that yes, PVE shipped with all the right bits, I decided to turn what I learned into a .deb package - I'll be using this on a daily basis, so I will be adding UI niceties as I go, but this is _immediately_ useful.
how does this compare to plain firecracker? i tried running firecracker directly and the setup overhead was not worth it for my use case. curious if the proxmox integration makes the lifecycle easier
Lifecycle is identical to other proxmox VM types except it is much faster to boot and lighter on resources