Sistemo: run real Linux machines on your own hardware with one command
One binary, zero dependencies. Deploy Firecracker microVMs on Linux with a single curl command.
Sistemo is a free, open-source tool that lets you spin up Firecracker microVMs on any Linux machine. One binary, no dependencies, no cloud account needed.
curl -sSL https://get.sistemo.io | sh
sudo sistemo up
sistemo machine deploy debian
sistemo machine ssh debianYou get a full Debian machine with its own kernel, systemd, package manager, and network stack. It boots in seconds and uses a fraction of the resources a traditional VM would.
The problem it solves
If you have a spare server, a homelab box, a Hetzner dedicated machine, a Raspberry Pi 5 or like me running linux on your laptop — and you want to run isolated Linux environments on it — your options today are:
- Docker — fast, but containers share the host kernel. No systemd, no real isolation.
- Proxmox / libvirt — real VMs, but heavy. You're installing a whole platform.
- Cloud VMs — real isolation, but you're paying by the hour for hardware you already own.
Sistemo fills the gap. Real machines with real isolation, but as simple to use as Docker. It runs on hardware you already have.
What you can do with it
Deploy machines from the registry or any Docker image
sistemo machine deploy debian
sistemo machine deploy ubuntu --name dev --vcpus 4 --memory 2G
# Turn any Docker image into a bootable machine
sudo sistemo image build node:20
sistemo machine deploy node --name api-serverSSH in and work normally
sistemo machine ssh dev
# You're root in a real Linux machine
apt update && apt install -y nginx
systemctl start nginxExpose services to your network
sistemo machine expose dev --expose 80
sistemo machine expose dev --expose 8443:443
# Your machine's nginx is now reachable at http://your-host:80Create isolated networks
Machines on different networks cannot communicate with each other. Useful for separating environments.
sistemo network create production
sistemo network create staging
sistemo machine deploy debian --name app --network production --expose 3000
sistemo machine deploy debian --name db --network production
sistemo machine deploy debian --name test-app --network staging
# production and staging are fully isolatedPersistent storage
sistemo volume create 5G --name pgdata
sistemo machine deploy debian --name db --attach=pgdataLifecycle and diagnostics
sistemo machine list
sistemo machine stop dev
sistemo machine start dev
sistemo machine restart dev
sistemo machine delete dev
sistemo doctor # checks KVM, Firecracker, bridge, disk, SSH keys
sistemo history # audit log of every operationHow it works
Sistemo is a single Go binary (~15 MB) that runs as a daemon. Under the hood, Firecracker (the hypervisor AWS uses for Lambda) creates microVMs with hardware-level isolation via KVM. Each machine runs in its own network namespace with a unique IP. Everything is tracked in SQLite and survives daemon restarts.
There's also a browser-based terminal at http://localhost:7777/dashboard/ if you don't want to use SSH.
| Platform | Requirements |
|---|---|
| Linux | Kernel 5.10+ with KVM. Intel VT-x, AMD-V, or ARM64. Bare metal, VPS, Pi 5. |
Use cases
- Development environments — one machine per project, fully isolated, delete when done
- Homelab services — Pi-hole, monitoring, CI runners, each in its own machine
- Testing deployments — match your production OS locally before shipping
- Education — test and break stuff without the worry
- Sandboxing — run untrusted code in a real machine with hardware isolation
Get started
curl -sSL https://get.sistemo.io | sh