Hasty Briefsbeta

Bilingual

Safe YOLO Mode: Running LLM agents in vms with Libvirt and Virsh

3 months ago
  • #virtualization
  • #LLM security
  • #Linux
  • Guide for isolating LLM agents in virtual machines using libvirt and virsh on Linux servers.
  • Running LLMs in VMs mitigates security risks like unauthorized file access and destructive operations.
  • Libvirt is the standard virtualization API for Linux, providing a unified interface to manage VMs.
  • Comparison between Libvirt/Virsh and Lima for VM-based isolation, highlighting their differences.
  • Installation steps for libvirt and virsh on Ubuntu/Debian servers.
  • Downloading and setting up Ubuntu cloud images for VM provisioning.
  • Creating and accessing VMs with virt-install and SSH.
  • Using Tailscale for secure remote access to VMs.
  • Basic VM setup including tools, tmux for persistent sessions, and bash utilities.
  • Installing essential tools like Node.js, fzf, Golang, and Docker alternatives.
  • Setting up LLMs like Claude Code, Gemini CLI, and Codex CLI inside VMs.
  • Exposing services with tunnels like Cloudflare Tunnel or ngrok.
  • Managing VMs with virsh commands for lifecycle, snapshots, and cloning.
  • Customizing cloud-init for automated VM provisioning.
  • Network configuration options including NAT and bridged networking.
  • Quick reference for essential commands and operations.
About|Login