2020-09-17 17:28:40 +01:00
- [1. What is Cloud Hypervisor? ](#1-what-is-cloud-hypervisor )
2020-10-08 09:49:40 -07:00
- [Objectives ](#objectives )
- [High Level ](#high-level )
- [Architectures ](#architectures )
- [Guest OS ](#guest-os )
2020-09-17 17:28:40 +01:00
- [2. Getting Started ](#2-getting-started )
2022-09-05 11:00:25 +01:00
- [Host OS ](#host-os )
2022-10-13 15:42:32 +01:00
- [Use Pre-built Binaries ](#use-pre-built-binaries )
- [Packages ](#packages )
- [Building from Source ](#building-from-source )
- [Booting Linux ](#booting-linux )
- [Firmware Booting ](#firmware-booting )
- [Custom Kernel and Disk Image ](#custom-kernel-and-disk-image )
- [Building your Kernel ](#building-your-kernel )
2020-10-08 09:49:40 -07:00
- [Disk image ](#disk-image )
- [Booting the guest VM ](#booting-the-guest-vm )
2020-09-17 17:28:40 +01:00
- [3. Status ](#3-status )
2020-10-08 09:49:40 -07:00
- [Hot Plug ](#hot-plug )
- [Device Model ](#device-model )
2022-09-23 17:14:36 +01:00
- [Roadmap ](#roadmap )
2022-10-13 15:42:32 +01:00
- [4. Relationship with _Rust VMM_ Project ](#4-relationship-with-rust-vmm-project )
- [Differences with Firecracker and crosvm ](#differences-with-firecracker-and-crosvm )
2020-09-17 17:28:40 +01:00
- [5. Community ](#5-community )
2020-10-08 09:49:40 -07:00
- [Contribute ](#contribute )
2022-09-29 13:13:40 +01:00
- [Slack ](#slack )
- [Mailing list ](#mailing-list )
2021-07-23 09:51:41 +01:00
- [Security issues ](#security-issues )
2019-05-09 07:04:34 +02:00
# 1. What is Cloud Hypervisor?
2022-02-01 10:24:12 +01:00
Cloud Hypervisor is an open source Virtual Machine Monitor (VMM) that runs on
2022-10-13 15:42:32 +01:00
top of the [KVM ](https://www.kernel.org/doc/Documentation/virtual/kvm/api.txt )
hypervisor and the Microsoft Hypervisor (MSHV).
The project focuses on running modern, _Cloud Workloads_ , on specific, common,
hardware architectures. In this case _Cloud Workloads_ refers to those that are
run by customers inside a Cloud Service Provider. This means modern operating
systems with most I/O handled by
paravirtualised devices (e.g. _virtio_ ), no requirement for legacy devices, and
2022-02-01 10:24:12 +01:00
64-bit CPUs.
2019-05-09 07:04:34 +02:00
2022-02-01 10:24:12 +01:00
Cloud Hypervisor is implemented in [Rust ](https://www.rust-lang.org/ ) and is
2022-10-13 15:42:32 +01:00
based on the [Rust VMM ](https://github.com/rust-vmm ) crates.
2019-05-09 07:04:34 +02:00
## Objectives
### High Level
2021-04-29 10:15:12 +01:00
- Runs on KVM or MSHV
2020-10-08 09:49:40 -07:00
- Minimal emulation
- Low latency
- Low memory footprint
- Low complexity
- High performance
- Small attack surface
- 64-bit support only
- CPU, memory, PCI hotplug
- Machine to machine migration
2019-05-09 07:04:34 +02:00
### Architectures
2022-02-01 10:24:12 +01:00
Cloud Hypervisor supports the `x86-64` and `AArch64` architectures. There are
2022-10-13 15:42:32 +01:00
minor differences in functionality between the two architectures
2022-02-01 10:24:12 +01:00
(see [#1125 ](https://github.com/cloud-hypervisor/cloud-hypervisor/issues/1125 )).
2019-05-09 07:04:34 +02:00
### Guest OS
2021-04-29 10:15:12 +01:00
Cloud Hypervisor supports `64-bit Linux` and Windows 10/Windows Server 2019.
2019-05-09 07:04:34 +02:00
# 2. Getting Started
2022-10-13 15:42:32 +01:00
The following sections describe how to build and run Cloud Hypervisor on the
`x86-64` platform. For getting started on the `AArch64` platform, please refer
to the
[AArch64 documentation ](docs/arm64.md ).
2021-11-30 22:25:28 -05:00
2022-09-05 11:00:25 +01:00
## Host OS
2022-10-13 15:42:32 +01:00
For required KVM functionality the minimum host kernel version is 4.11. For
adequate performance the minimum recommended host kernel version is 5.6. The
2022-09-05 11:00:25 +01:00
majority of the CI currently tests with kernel version 5.15.
2022-10-13 15:42:32 +01:00
## Use Pre-built Binaries
2021-11-30 22:25:28 -05:00
2022-10-13 15:42:32 +01:00
The recommended approach to getting started with Cloud Hypervisor is by using a
pre-built binary. Binaries are available for the [latest
release](https://github.com/cloud-hypervisor/cloud-hypervisor/releases/latest).
Use `cloud-hypervisor-static` for `x86-64` or `cloud-hypervisor-static-aarch64`
for `AArch64` platform.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
## Packages
2020-10-08 09:53:16 -07:00
2022-10-13 15:42:32 +01:00
For convenience, packages are also available targeting some popular Linux
distributions. This is thanks to the [Open Build
Service](https://build.opensuse.org). The [OBS
README](https://github.com/cloud-hypervisor/obs-packaging) explains how to
enable the repository in a supported Linux distribution and install Cloud Hypervisor
and accompanying packages. Please report any packaging issues in the
[obs-packaging ](https://github.com/cloud-hypervisor/obs-packaging ) repository.
2020-01-31 00:34:16 +01:00
2022-10-13 15:42:32 +01:00
## Building from Source
2020-01-31 00:34:16 +01:00
2022-10-13 15:42:32 +01:00
Please see the [instructions for building from source ](docs/building.md ) if you
do not wish to use the pre-built binaries.
2020-01-31 00:34:16 +01:00
2022-10-13 15:42:32 +01:00
## Booting Linux
2020-01-31 00:34:16 +01:00
2022-10-13 15:42:32 +01:00
The instructions below are for the `x86-64` platform. For `AArch64` please see
the [AArch64 specific documentation ](docs/arm64.md ).
2022-09-11 14:05:15 +02:00
2022-10-13 15:42:32 +01:00
Cloud Hypervisor supports direct kernel boot (if the kernel is built with PVH
support) or booting via a firmware (either [Rust Hypervisor
Firmware](https://github.com/cloud-hypervisor/rust-hypervisor-firmware) or an
edk2 UEFI firmware called `CLOUDHV` .)
2022-09-11 14:05:15 +02:00
2022-10-13 15:42:32 +01:00
Binary builds of the firmware files are available for the latest release of
[Rust Hyperivor
Firmware](https://github.com/cloud-hypervisor/rust-hypervisor-firmware/releases/latest)
and [our edk2
repository](https://github.com/cloud-hypervisor/edk2/releases/latest)
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
The choice of firmware depends on your guest OS choice; some experimentation
may be required.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
### Firmware Booting
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
Cloud Hypervisor supports booting disk images containing all needed components
to run cloud workloads, a.k.a. cloud images.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
The following sample commands will download an Ubuntu Cloud image, converting
it into a format that Cloud Hypervisor can use and a firmware to boot the image
with.
2019-05-09 07:04:34 +02:00
```shell
2020-07-02 18:30:16 +02:00
$ wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
$ qemu-img convert -p -f qcow2 -O raw focal-server-cloudimg-amd64.img focal-server-cloudimg-amd64.raw
2022-11-16 15:04:23 +00:00
$ wget https://github.com/cloud-hypervisor/rust-hypervisor-firmware/releases/download/0.4.2/hypervisor-fw
2019-05-09 07:04:34 +02:00
```
2022-10-13 15:42:32 +01:00
The Ubuntu cloud images do not ship with a default password so it necessary to
use a `cloud-init` disk image to customise the image on the first boot. A basic
`cloud-init` image is generated by this [script ](scripts/create-cloud-init.sh ).
This seeds the image with a default username/password of `cloud/cloud123` . It
is only necessary to add this disk image on the first boot.
2019-05-09 07:04:34 +02:00
```shell
2022-10-13 15:42:32 +01:00
$ sudo setcap cap_net_admin+ep ./cloud-hypervisor
$ ./create-cloud-init.sh
2022-10-19 12:59:37 +01:00
$ ./cloud-hypervisor \
2019-05-09 07:04:34 +02:00
--kernel ./hypervisor-fw \
2022-10-21 18:45:40 +02:00
--disk path=focal-server-cloudimg-amd64.raw path=/tmp/ubuntu-cloudinit.img \
2019-12-12 12:20:59 +01:00
--cpus boot=4 \
2019-07-10 18:20:44 +02:00
--memory size=1024M \
2022-01-05 16:54:47 -08:00
--net "tap=,mac=,ip=,mask="
2019-05-09 07:04:34 +02:00
```
2022-10-13 15:42:32 +01:00
If access to the firmware messages or interaction with the boot loader (e.g.
GRUB) is required then it necessary to switch to the serial console instead of
`virtio-console` .
```shell
2022-10-19 12:59:37 +01:00
$ ./cloud-hypervisor \
2022-10-13 15:42:32 +01:00
--kernel ./hypervisor-fw \
2022-10-21 18:45:40 +02:00
--disk path=focal-server-cloudimg-amd64.raw path=/tmp/ubuntu-cloudinit.img \
2022-10-13 15:42:32 +01:00
--cpus boot=4 \
--memory size=1024M \
--net "tap=,mac=,ip=,mask=" \
--serial tty \
--console off
```
2019-05-22 14:58:57 +01:00
2022-10-13 15:42:32 +01:00
### Custom Kernel and Disk Image
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
#### Building your Kernel
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
Cloud Hypervisor also supports direct kernel boot into a `vmlinux` ELF kernel (compiled with PVH support). In order to support development there is a custom branch; however provided the required options are enabled any recent kernel will suffice.
2020-01-23 10:40:52 +00:00
To build the kernel:
2019-05-09 07:04:34 +02:00
```shell
2020-01-23 10:40:52 +00:00
# Clone the Cloud Hypervisor Linux branch
2022-07-04 09:44:30 +01:00
$ git clone --depth 1 https://github.com/cloud-hypervisor/linux.git -b ch-5.15.12 linux-cloud-hypervisor
2020-01-23 10:40:52 +00:00
$ pushd linux-cloud-hypervisor
2019-05-09 07:04:34 +02:00
# Use the cloud-hypervisor kernel config to build your kernel
2022-10-13 15:42:32 +01:00
$ wget https://raw.githubusercontent.com/cloud-hypervisor/cloud-hypervisor/main/resources/linux-config-x86_64
$ cp linux-config-x86_64 .config
2022-01-18 09:04:46 +00:00
$ KCFLAGS="-Wa,-mx86-used-note=no" make bzImage -j `nproc`
2019-05-09 07:04:34 +02:00
$ popd
```
2022-02-01 10:24:12 +01:00
The `vmlinux` kernel image will then be located at
`linux-cloud-hypervisor/arch/x86/boot/compressed/vmlinux.bin` .
2019-05-09 07:04:34 +02:00
#### Disk image
2022-10-13 15:42:32 +01:00
For the disk image the same Ubuntu image as before can be used. This contains
an `ext4` root filesystem.
2019-05-09 07:04:34 +02:00
```shell
2020-07-02 18:30:16 +02:00
$ wget https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
$ qemu-img convert -p -f qcow2 -O raw focal-server-cloudimg-amd64.img focal-server-cloudimg-amd64.raw
2019-05-09 07:04:34 +02:00
```
#### Booting the guest VM
2022-10-13 15:42:32 +01:00
These sample commands boot the disk image using the custom kernel whilst also
supplying the desired kernel command line.
2019-05-09 07:04:34 +02:00
```shell
2022-10-13 15:42:32 +01:00
$ sudo setcap cap_net_admin+ep ./cloud-hypervisor
$ ./create-cloud-init.sh
$ ./cloud-hypervisor \
2019-05-09 07:04:34 +02:00
--kernel ./linux-cloud-hypervisor/arch/x86/boot/compressed/vmlinux.bin \
2022-10-21 18:45:40 +02:00
--disk path=focal-server-cloudimg-amd64.raw path=/tmp/ubuntu-cloudinit.img \
2020-07-02 18:30:16 +02:00
--cmdline "console=hvc0 root=/dev/vda1 rw" \
2019-12-12 12:20:59 +01:00
--cpus boot=4 \
2019-07-24 15:20:39 +02:00
--memory size=1024M \
2022-01-05 16:54:47 -08:00
--net "tap=,mac=,ip=,mask="
2019-07-24 15:20:39 +02:00
```
2022-10-13 15:42:32 +01:00
If earlier kernel messages are required the serial console should be used instead of `virtio-console` .
2019-07-24 15:20:39 +02:00
2022-12-06 17:18:15 +00:00
```./cloud-hypervisor \
2019-07-24 15:20:39 +02:00
--kernel ./linux-cloud-hypervisor/arch/x86/boot/compressed/vmlinux.bin \
--console off \
--serial tty \
2020-07-02 18:30:16 +02:00
--disk path=focal-server-cloudimg-amd64.raw \
--cmdline "console=ttyS0 root=/dev/vda1 rw" \
2019-12-12 12:20:59 +01:00
--cpus boot=4 \
2019-07-10 18:20:44 +02:00
--memory size=1024M \
2022-01-05 16:54:47 -08:00
--net "tap=,mac=,ip=,mask="
2019-05-09 07:04:34 +02:00
```
# 3. Status
2022-10-13 15:42:32 +01:00
Cloud Hypervisor is under active development. The following stability
guarantees are currently made:
2021-04-29 10:15:12 +01:00
* The API (including command line options) will not be removed or changed in a
2022-04-05 15:22:01 +01:00
breaking way without a minimum of 2 major releases notice. Where possible
warnings will be given about the use of deprecated functionality and the
deprecations will be documented in the release notes.
2021-04-29 10:15:12 +01:00
* Point releases will be made between individual releases where there are
2022-04-05 15:22:01 +01:00
substantial bug fixes or security issues that need to be fixed. These point
releases will only include bug fixes.
2021-04-29 10:15:12 +01:00
Currently the following items are **not** guaranteed across updates:
* Snapshot/restore is not supported across different versions
* Live migration is not supported across different versions
* The following features are considered experimental and may change
2022-04-05 15:22:01 +01:00
substantially between releases: TDX, vfio-user, vDPA.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
Further details can be found in the [release documentation ](docs/releases.md ).
2020-10-08 09:49:40 -07:00
2022-10-13 15:42:32 +01:00
As of 2022-10-13, the following cloud images are supported:
2019-12-12 11:55:09 +00:00
2022-10-13 15:42:32 +01:00
- [Ubuntu Bionic ](https://cloud-images.ubuntu.com/bionic/current/ ) (bionic-server-cloudimg-amd64.img)
- [Ubuntu Focal ](https://cloud-images.ubuntu.com/focal/current/ ) (focal-server-cloudimg-amd64.img)
- [Ubuntu Jammy ](https://cloud-images.ubuntu.com/jammy/current/ ) (jammy-server-cloudimg-amd64.img )
- [Fedora 36 ](https://fedora.mirrorservice.org/fedora/linux/releases/36/Cloud/x86_64/images/ ) (Fedora-Cloud-Base-36-1.5.x86_64.raw.xz)
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
Direct kernel boot to userspace should work with a rootfs from most
distributions although you may need to enable exotic filesystem types in the
reference kernel configuration (e.g. XFS or btrfs.)
2022-04-07 15:39:28 +02:00
2019-12-12 16:44:49 +00:00
## Hot Plug
2022-02-01 10:24:12 +01:00
Cloud Hypervisor supports hotplug of CPUs, passthrough devices (VFIO),
`virtio-{net,block,pmem,fs,vsock}` and memory resizing. This
[document ](docs/hotplug.md ) details how to add devices to a running VM.
2019-12-12 16:44:49 +00:00
2019-11-18 13:31:41 -08:00
## Device Model
2022-02-01 10:24:12 +01:00
Details of the device model can be found in this
[documentation ](docs/device_model.md ).
2019-11-18 13:31:41 -08:00
2022-09-23 17:14:36 +01:00
## Roadmap
2022-10-13 15:42:32 +01:00
The project roadmap is tracked through a [GitHub
project](https://github.com/orgs/cloud-hypervisor/projects/6).
2022-09-23 17:14:36 +01:00
2022-10-13 15:42:32 +01:00
# 4. Relationship with _Rust VMM_ Project
2019-05-09 07:04:34 +02:00
2022-02-01 10:24:12 +01:00
In order to satisfy the design goal of having a high-performance,
security-focused hypervisor the decision was made to use the
[Rust ](https://www.rust-lang.org/ ) programming language. The language's strong
focus on memory and thread safety makes it an ideal candidate for implementing
VMMs.
Instead of implementing the VMM components from scratch, Cloud Hypervisor is
2022-10-13 15:42:32 +01:00
importing the [Rust VMM ](https://github.com/rust-vmm ) crates, and sharing code
2022-02-01 10:24:12 +01:00
and architecture together with other VMMs like e.g. Amazon's
[Firecracker ](https://firecracker-microvm.github.io/ ) and Google's
[crosvm ](https://chromium.googlesource.com/chromiumos/platform/crosvm/ ).
2022-10-13 15:42:32 +01:00
Cloud Hypervisor embraces the _Rust VMM_ project's goals, which is to be able
to share and re-use as many virtualization crates as possible.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
## Differences with Firecracker and crosvm
2019-05-09 07:04:34 +02:00
2022-02-01 10:24:12 +01:00
A large part of the Cloud Hypervisor code is based on either the Firecracker or
2022-10-13 15:42:32 +01:00
the crosvm project's implementations. Both of these are VMMs written in Rust
with a focus on safety and security, like Cloud Hypervisor.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
The goal of the Cloud Hypervisor project differs from the aforementioned
projects in that it aims to be a general purpose VMM for _Cloud Workloads_ and
not limited to container/serverless or client workloads.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
The Cloud Hypervisor community thanks the communities of both the Firecracker
and crosvm projects for their excellent work.
2019-05-09 07:04:34 +02:00
# 5. Community
2022-02-01 10:24:12 +01:00
The Cloud Hypervisor project follows the governance, and community guidelines
described in the [Community ](https://github.com/cloud-hypervisor/community )
repository.
2020-07-17 12:04:29 +02:00
## Contribute
2022-10-13 15:42:32 +01:00
The project strongly believes in building a global, diverse and collaborative
community around the Cloud Hypervisor project. Anyone who is interested in
2022-02-01 10:24:12 +01:00
[contributing ](CONTRIBUTING.md ) to the project is welcome to participate.
2019-05-09 07:04:34 +02:00
2022-10-13 15:42:32 +01:00
Contributing to a open source project like Cloud Hypervisor covers a lot more
than just sending code. Testing, documentation, pull request
2022-02-01 10:24:12 +01:00
reviews, bug reports, feature requests, project improvement suggestions, etc,
are all equal and welcome means of contribution. See the
[CONTRIBUTING ](CONTRIBUTING.md ) document for more details.
2019-05-09 07:04:34 +02:00
2022-09-29 13:13:40 +01:00
## Slack
2019-05-09 07:04:34 +02:00
2019-09-25 13:57:26 +02:00
Get an [invite to our Slack channel ](https://join.slack.com/t/cloud-hypervisor/shared_invite/enQtNjY3MTE3MDkwNDQ4LWQ1MTA1ZDVmODkwMWQ1MTRhYzk4ZGNlN2UwNTI3ZmFlODU0OTcwOWZjMTkwZDExYWE3YjFmNzgzY2FmNDAyMjI )
2019-05-09 07:04:34 +02:00
and [join us on Slack ](https://cloud-hypervisor.slack.com/ ).
2021-04-08 15:28:48 +01:00
2022-09-29 13:13:40 +01:00
## Mailing list
Please report bugs using the [GitHub issue
tracker](https://github.com/cloud-hypervisor/cloud-hypervisor/issues) but for
broader community discussions you may use our [mailing
list](https://lists.cloudhypervisor.org/g/dev/).
2021-04-08 15:28:48 +01:00
## Security issues
2022-02-15 15:37:15 +00:00
Please contact the maintainers listed in the MAINTAINERS.md file with security issues.