Kcore: an open-source hypervisor that uses NixOS as the immutable host OS

1

I’ve been building an open-source hypervisor called kcore and wanted to share it with the NixOS community since NixOS is central to the design.

Why NixOS as the hypervisor host:

Every compute node in a kcore cluster runs NixOS. The entire host configuration — packages, services, networking, storage, libvirt — is defined in a flake. This gives us:

  • No drift between nodes — every node built from the same flake is identical

  • Atomic updates — push a new flake, rebuild, get a new generation. No apt upgrade on a live hypervisor

  • Instant rollback — if an update breaks something, reboot into the previous generation. No partial states

  • Reproducible clusters — same inputs, same system, every time

Coming from Proxmox (mutable Debian), where upgrading 10 nodes means running apt upgrade on each one and hoping nothing breaks, the NixOS model is transformative for hypervisor infrastructure.

How it works:

  • The controller runs on your workstation (or a management node) and communicates with node-agents on each NixOS compute node via gRPC

  • kctl install node provisions a bare-metal machine with NixOS from an ISO, including disk partitioning (OS + LVM thin-pool for VM storage)

  • kctl configure network pushes NixOS networking modules (bridges, bonds, VLANs) rendered as NixOS configuration

  • kctl update nixconfig and kctl update system push flake updates and run nixos-rebuild switch remotely

  • VMs are managed through libvirt on each node

The NixOS-specific parts I’d love feedback on:

  • Using flakes for host configuration management across a cluster — any gotchas at scale?

  • NixOS module generation for networking (bridges, bonds, VLANs) — is there a better pattern than templating NixOS modules?

  • Remote nixos-rebuild switch via gRPC — is there a more idiomatic approach?

Code: https://github.com/rtacconi/kcore

Full write-up on the motivation: https://kcorehypervisor.com/blog/why-i-built-kcore.html

It’s alpha software — very early. But the NixOS foundation makes the whole thing possible. Would love to hear from anyone running NixOS on bare metal or using it for infrastructure management.

5 Likes