QubesOS – A reasonably secure operating system

(www.qubes-os.org)

176 points TheFreim | 1 comments | 11 Jul 23 18:11 UTC | HN request time: 0.286s | source

Show context

flashback2199 ◴[11 Jul 23 18:59 UTC] No.36685709[source]▶

I really like QubesOS, but you cannot run VMs inside a qube, or other things that require VMs like Docker Desktop for Linux, because the xen hypervisor does not support nested virtualization.

replies(6): >>36685864 #>>36685932 #>>36686060 #>>36686247 #>>36687110 #>>36687975 #

legrande ◴[11 Jul 23 19:16 UTC] No.36685932[source]▶

>>36685709 #

> nested virtualization

Such abstraction is very unstable. You can always VNC into a machine from a browser though, so 'vmception' can be achieved.

replies(1): >>36690849 #

1. moondev ◴[12 Jul 23 05:47 UTC] No.36690849[source]▶

>>36685932 #

As someone who often runs multiple entire virtualized datacenters on top of ESXi hosts which are actually virtual machines themselves running in ESXi, I highly disagree.

Nested virtualization is a game changer in any kind of lab scenario. It also runs great on Chromebooks. The ChromeOS Linux environment is actually a KVM, so launching virtual machines from there is nested but you would never know it (based on my experience with the (framework Chromebook edition). Having 64GB of memory doesn't hurt either of course.

↑