Cloud Hypervisor v52 · OVN 26.03 Networking

Virtual
Machines.
Reimagined.

Deka Virtual Machine delivers enterprise-grade VM infrastructure built on Cloud Hypervisor v52, OVN 26.03 overlay networking, and a fully sovereign control plane. Sub-100ms boot. Microsecond networking. Zero vendor lock-in.

View Architecture
<100ms
VM Boot Time
128vCPU
Max per Instance
25Gbps
Network Throughput
deka-vm — ssh root@10.100.0.42
$ deka vm create --name prod-app-01 --cpu 8 --mem 16G → Provisioning VM on Cloud Hypervisor v52... ✓ Kernel: deka-dev-kernel 6.9.0 ✓ OVN port: logical-port-0 assigned ✓ VirtIO-blk: 50GB attached ✓ API secret: injected via cloud-init ✓ VM ready in 87ms $ deka vm list NAME STATE IP CPU MEM prod-app-01 running 10.100.0.42 8 16G
CPU 42%
Memory 67%
Disk I/O 28%
Network 81%

Core Capabilities

Built for the
Sovereign Cloud

Every layer of Deka VM is designed for performance, isolation, and operational control — no black-box hypervisors, no foreign control planes.

Cloud Hypervisor Core

Built on Rust-based Cloud Hypervisor v52 for minimal attack surface, hardware-enforced isolation, and predictable performance without QEMU overhead.

KVM · Virtio · VFIO
🌐
OVN/OVS Networking

Full overlay networking via Open Virtual Network 26.03 with logical routers, ACLs, NAT, and load balancing. Multi-tenant L2/L3 isolation with sub-millisecond latency.

OVN 26.03 · Geneve Tunnels
💾
Custom Storage Agent

deka-storage-agent manages raw disk images, live migration, snapshot-on-write, and thin provisioning via VirtIO-BLK with PostgreSQL-backed metadata.

qcow2 · raw · NFS
🔒
Zero-Trust Security

Cloud-init injection, per-VM API secrets, OVN ACL policies, and host-level namespace isolation. No shared kernel, no side-channel exposure.

SecureBoot · mTLS
🎛️
Unified Control Plane

deka-virtual-machine API provides full VM lifecycle: create, start, stop, snapshot, resize, and live-migrate — REST + gRPC, Kubernetes-compatible.

REST · gRPC · CLI
🚀
Custom Kernel

deka-dev-kernel 6.9.0 — stripped to essentials, hotplug-enabled, optimized for VirtIO devices and high-density multi-tenant workloads with paravirt drivers.

Linux 6.9 · Hotplug CPU/RAM

System Architecture

How it fits
together

API Layer
deka-virtual-machine
REST / gRPC control plane. VM lifecycle management, metadata store, billing events.
Go · PostgreSQL
deka-storage-agent
Disk image orchestration, snapshot management, live volume attach/detach.
Rust · VirtIO
Auth & Identity
mTLS certificates, cloud-init secret injection, per-VM RBAC, audit logging.
mTLS · JWT
Hypervisor
Cloud Hypervisor v52
Rust-based, KVM-backed VMM. Handles vCPU scheduling, memory ballooning, VirtIO device emulation (net, blk, vsock, rng). BAR relocation, IOMMU passthrough.
KVM · VirtIO · VFIO
deka-dev-kernel
Minimal Linux 6.9 guest kernel. Hotplug CPU/RAM, paravirt clock, VirtIO drivers compiled-in.
Linux 6.9 · paravirt
Network
OVN North DB
Logical topology: routers, switches, ports, ACLs, NAT rules.
OVN 26.03
OVN South DB
Physical bindings, chassis registration, flow translation to OpenFlow.
Geneve Tunnels
OVS Dataplane
Kernel-space packet switching, DPDK acceleration path, QoS policies.
OVS 3.x · DPDK
Floating IPs
SNAT/DNAT via OVN gateway chassis. BGP peering for external routes.
BGP · SNAT
Physical
Compute Nodes
Bare-metal hosts with AMD EPYC / Intel Xeon. NVMe local storage. IOMMU enabled.
Bare Metal · IOMMU
Distributed Storage
NFS + local NVMe pool. Raw disk image distribution via rsync+SSH for live migration.
NVMe · NFS
GPU Compute Nodes
High-density GPU hosts for AI/ML workloads. VFIO passthrough for full GPU isolation or MIG partitioning for multi-tenant slicing.
VFIO · MIG · NVLink

Technical Specifications

Instance types &
resource limits

Compute
Max vCPU per VM128 vCPU
Max Memory per VM512 GB
CPU HotplugSupported
Memory BallooningSupported
HypervisorCloud Hypervisor v52
Guest KernelLinux 6.9 (deka)
Boot Time< 100ms
VM Density (host)Up to 256 VMs
GPU Passthrough
Passthrough MethodVFIO-PCI
MIG SupportYes (A100/H100)
NVLink FabricPreserved in passthrough
Storage
Image Formatsraw, qcow2
Max Disk per VM64 TB
Max Volumes per VM16
SnapshotOnline (no downtime)
Local NVMe IOPS1.2M read / 800K write
Storage BackendNFS + local NVMe
Live MigrationSupported
Networking
Max NICs per VM8
Max Throughput25 Gbps
Overlay ProtocolGeneve (OVN)
Private DNSPer-VPC
IPv6Dual-stack
Latency (same host)< 50µs

Interactive Demo

Provision a VM
in seconds

Configure Your Instance
Live Output
# Configure your instance on the left
# and click Provision to see the output