Virtual Machines
MicroVMs with Neutron Stardust — when containers aren't isolated enough.
Why VMs?
Containers share the host kernel. That's efficient, but it means a kernel vulnerability in any container can compromise the entire host. Neutron Stardust microVMs give each workload its own kernel, eliminating shared-kernel attacks entirely.
Creating VMs
# Create a microVM with 128MB RAM
volt vm create --name secure-app --base alpine --memory 128M
# Create with custom kernel
volt vm create --name custom-vm \
--kernel /path/to/vmlinux \
--rootfs /path/to/rootfs.ext4 \
--memory 256M \
--cpus 2Performance
| Metric | Traditional VM | Neutron Stardust |
|---|---|---|
| Cold boot | 15-30 seconds | <1ms |
| Memory overhead | 512MB+ | <32MB |
| Disk footprint | Gigabytes | Megabytes |
Snapshots
Neutron Stardust supports snapshot and restore with content-addressed storage integration:
# Create a snapshot
volt vm snapshot --name secure-app
# Restore from snapshot (near-instant)
volt vm restore --name secure-appWhen to Use VMs vs Containers
- Use containers for trusted workloads, internal services, dev environments
- Use VMs for multi-tenant isolation, untrusted code, compliance requirements
- Use both — Volt lets you toggle between them with the same tooling