Exe.dev - Hacker News

Posted by achairapart 20 hours ago

https://blog.exe.dev/meet-exe.dev

355 points | 211 commentspage 4

minimal_action 9 hours ago|

I built a similar infrastructure, a bit more human friendly, for spinning up AI agents' sessions for scientific work rather than web dev. Also with Share link for the sessions. (https://ai-archive.io)

ilaksh 19 hours ago||

Are they actually VMs, or are they containers? Some kind of special container like gvisor? Firecracker microvms?

crawshaw 19 hours ago|

Hello, an exe.dev person here. They are VMs, on a crosvm-derived VMM. So I consider them "actually VMs", though we do not currently support custom kernels. You can do VM things in there, like create TUN devices, etc.

ilaksh 19 hours ago|||

Thanks. So KVM I assume. Congratulations on your launch. Any plans for public IPs?

crawshaw 19 hours ago||

Thank you! Yes, KVM. And public IPs are very useful and we want to do them. We will have to charge and/or limit them, unlike VMs, unfortunately, because IPv4 is scarce. (I am busy trying to buy some right now.) You can follow along here: https://github.com/boldsoftware/exe.dev/issues/6

jauntywundrkind 19 hours ago|||

Not super important to me (and you state explicitly it may change) but your docs are a little out of date here, I think. crosvm versus Cloud Hypervisor / Kata Containers, is, I think, different?

  exe.dev ▶ doc how-exedev-works
  How exe.dev works (how-exedev-works) - press q to exit
                                                                                                                                                                                                                                                 
  You're an engineer. We're engineers. Let's talk about what's going on under the hood.                                                                                                                                                          
                                                                                                                                                                                                                                                 
  An "exe.dev" VM runs on a bare metal machine that exe.dev rents. We happen to use Kata Containers and Cloud Hypervisor, but that's a bit of an implementation detail (and may change!).                                                        
                                                                                                                                                                                                                                                 
  With most providers, your VM starts with a "base image" and is given a block device. Exe.dev instead starts with a container image (by default, "exeuntu"), and hooks up an overlay filesystem to the VM. This makes creating a new VM         
  take about two seconds. In exchange, we lose some flexibility: you don't get to choose which filesystem you're using, nor which kernel you're using.                                                                                           
                                                                                                                                                                                                                                                 
  On the networking side, we don't give your VM its own public IP. Instead, we terminate HTTPS/TLS requests, and proxy them securely to your VM's web servers. For SSH, we handle ssh vmname.exe.xyz.

crawshaw 19 hours ago||

Yes our docs are out of date we are not using Kata, thanks.

m-hodges 12 hours ago||

This is awesome. Would love to see a slimmer tier closer to a DO droplet or Hetzner instance that's ~$5-8 / month.

crawshaw 12 hours ago|

[exe.dev co-founder here] Thank you! Not to give too many secrets away, but my hope is to follow a business model I have been part of before, and make it as cheap as possible for individuals so they encourage their employers to buy it for work. So I would very much love to get cheaper.

The two constraints are that, one, when small underlying resources are expensive (we hope to fix that soon by not being small!), and two, we do not want to make the resource allocation so small that the VM feels unpleasant to use. So there is a floor on how small we make them.

That said, I very very much want to drop prices. We started with conservative numbers.

dependency_2x 9 hours ago||

With Shelly (and assuming a decent number of tokens) $20 is very good I think. But not everyone wants an AI.

breakingcups 2 hours ago||

"VM creation is temporarily unavailable. Our apologies!"

icedrift 8 hours ago||

Super cool. I can't justify investing time in it at the planned pricing but I'll keep an eye on it if they can hack together a more competitive VPS option.

anomancer 8 hours ago||

Seems like a great tool but login not working for me, am I doing something wrong?

``` ssh exe.dev Please complete registration by running: ssh exe.dev Connection to exe.dev closed. ```

Kwpolska 8 hours ago||

I'm not a fan of making ssh the primary access mechanism for a service. Just make a simple Web panel for managing VMs, and actually explain on the service on the Web page.

Y_Y 6 hours ago|

I find ssh faster and easier. Anyway it's a good differentiator, there are plenty of web panels already.

engr 6 hours ago||

I just tried this, genuinely groundbreaking! So quick to spin a VM and get going

sureglymop 10 hours ago||

Does anyone know e.g. a small systemd-nspawn oneliner to SSH in securely?

icedrift 7 hours ago|

There's nothing dangerous about SSHing into an untrusted server unless you're using the same keys for everything.

otterley 3 hours ago||

Remote resources only get your public key. It’s meant to be shared! Hence the word “public.”

The threat is having a private key stolen, in which case, having multiple keys can mitigate the amount of damage a threat actor can do. However, to steal your private key would involve a successful attack against your client, not against any server you might have given the public key to.

enneff 35 minutes ago||

There is also the threat of the server sending a data sequence that exploits a vulnerability in your terminal. It has happened before, but it’s rare.

pacificat0r 4 hours ago|

Who puts pricing under docs/ ?

More comments...