Hi, I'd like to run a small number of VMs on a single physical machine. The reason for using VMs is security, i.e. to get a strong level of isolation when deploying some services.
Among the options I've been considering: + libvirt, which I understand would imply some manual (potentially non declarative?) setup, beyond defining and bringing up the libvirt Guix service. + Ganeti, which might be a bit of an overkill for this particular use case. + Guix's 'least-authority-wrapper', which of course would give me containerisation rather than virtualisation, so not really what I'm looking for. I think libvirt is my favourite option so far but I was wondering if there's any further alternative that I haven't been considering. I think the ideal solution would be some wrapper similar to the least-authority one, but that spins up a VM rather than a container. I see there's 'virtual-build-machine-service-type' which of course wouldn't fit the bill, but it might be close to the idea of a VM-based wrapper? Any ideas or pointers to existing solution are welcome. Thanks, best, Fabio. (I'd be grateful if you could CC me in if replying as otherwise I might miss your email.) -- Fabio Natali https://fabionatali.com
