Hypeman | Ry Walker Research

Key takeaways

Docker-like CLI for running containers in VMs — pull, run, exec, logs with multi-hypervisor support (Cloud Hypervisor, Firecracker, QEMU, Apple Virtualization.framework)
Built by Kernel, a YC-backed company ($22M raised) focused on browser infrastructure for AI agents — Hypeman powers their browser isolation layer
Standby/restore snapshots and built-in ingress with TLS termination and subdomain routing — production-ready VM orchestration, not just a toy
Early but actively developed (Go, MIT license) — from the same team behind kernel-images (722 stars, browsers-as-a-service)

FAQ

What is Hypeman?

Hypeman is an open-source tool that runs containerized workloads inside VMs with a Docker-like CLI. It supports multiple hypervisors including Cloud Hypervisor, Firecracker, QEMU (Linux/KVM), and Apple Virtualization.framework (macOS/Apple Silicon).

Who built Hypeman?

Kernel (kernel.sh), a YC-backed company that raised $22M. Founded by Catherine and Raf — Raf was co-founder/CTO of Clever (YC S12, $500M exit). Kernel builds browser infrastructure for AI agents.

How do you install Hypeman?

One-liner install: curl -fsSL https://get.hypeman.sh | bash. Then use Docker-like commands — hypeman pull, hypeman run, hypeman ps, hypeman exec, hypeman logs.

How does Hypeman compare to Firecracker or Kata Containers?

Firecracker is a low-level microVM VMM — you build your own orchestration. Kata Containers is Kubernetes-native. Hypeman gives you Docker-like UX on top of multiple hypervisors including Firecracker. It is higher-level and easier to get started with.

Executive Summary

Hypeman is an open-source tool from Kernel that runs containerized workloads inside VMs with a Docker-like developer experience. Instead of choosing between container convenience and VM-level isolation, Hypeman gives you both — pull a container image, run it in a VM, and manage it with familiar commands like hypeman run, hypeman exec, and hypeman logs.

Built by Kernel, a YC-backed company ($22M raised) focused on browser infrastructure for AI agents, Hypeman is the engine that powers their browser isolation layer — each browser session runs in its own isolated VM.

Attribute	Value
Company	Kernel (kernel.sh)
Founded	Oct 2025 (repo); Kernel est. earlier
Funding	$22M (YC-backed)
Founders	Catherine and Raf (ex-CTO of Clever, YC S12)
Headquarters	San Francisco
GitHub	62 stars, 3 forks, Go, MIT license

Product Overview

Hypeman abstracts away hypervisor complexity behind a Docker-like CLI. You pull OCI container images, run them in VMs, and interact with them using commands any Docker user already knows. Under the hood, it supports four hypervisors:

Cloud Hypervisor — modern Rust VMM for cloud workloads
Firecracker — AWS's microVM monitor (powers Lambda/Fargate)
QEMU — the venerable general-purpose emulator (Linux/KVM)
Apple Virtualization.framework — native macOS/Apple Silicon virtualization

Key Capabilities

Capability	Description
Docker-like CLI	`pull`, `run`, `ps`, `exec`, `logs` — familiar commands
Multi-hypervisor	Cloud Hypervisor, Firecracker, QEMU, Apple Virtualization.framework
Standby/Restore	Snapshot VMs to disk and restore them instantly
Ingress	Built-in TLS termination and subdomain routing
OCI Images	Pull and run standard container images
macOS Support	Native Apple Silicon via Virtualization.framework

Installation

curl -fsSL https://get.hypeman.sh | bash

Basic Usage

hypeman pull ubuntu:latest
hypeman run ubuntu:latest
hypeman ps
hypeman exec <vm-id> -- bash
hypeman logs <vm-id>

Technical Architecture

Hypeman is written in Go and licensed under MIT. The architecture sits between the user and the hypervisor — translating Docker-like commands into hypervisor-specific API calls. The multi-hypervisor abstraction means you can switch backends without changing your workflow.

Key Technical Details

Aspect	Detail
Language	Go
License	MIT
Hypervisors	Cloud Hypervisor, Firecracker, QEMU, Apple Virtualization.framework
Images	OCI container images
Networking	Built-in ingress, TLS termination, subdomain routing
State	Standby/restore (snapshot to disk)

Repo	Stars	Description
kernel-images	722	Browsers-as-a-service container images
hypeman-cli	—	CLI interface
hypeman-go	—	Go SDK
kernel-node-sdk	—	Node.js SDK
kernel-python-sdk	—	Python SDK

Notable Contributors

sjmiller609, hiroTamada, rgarcia, juecd, tnsardesai

Market Context

Hypeman enters the growing container-to-VM runtime space alongside tools like Firecracker, Kata Containers, and gVisor. What differentiates it is the developer experience — while Firecracker gives you a low-level VMM API and Kata Containers integrates with Kubernetes, Hypeman gives you docker run but with VM isolation.

The timing is right. AI agent sandboxing is driving demand for VM-level isolation with container-level convenience. Running untrusted LLM-generated code in shared-kernel containers is a security nightmare — VMs provide the hard boundary that containers cannot.

Kernel uses Hypeman internally to power their browser isolation infrastructure, where each AI agent's browser session runs in a dedicated VM. This dogfooding gives them real-world production feedback that most open-source VM tools lack.

Competitive Position

Strengths:

Docker-like UX lowers the barrier to VM adoption dramatically
Multi-hypervisor support — not locked into one VMM
Backed by well-funded team with production use case
macOS/Apple Silicon support (rare in this space)
Standby/restore for fast cold starts

Weaknesses:

Very early (62 stars, small community)
Go in a Rust-dominated VMM ecosystem
Kernel's primary business is browser infrastructure, not Hypeman itself
Limited documentation compared to mature alternatives

Founding Team

Kernel was founded by Catherine and Raf. Raf was previously co-founder and CTO of Clever (YC S12), which exited for ~$500M. That enterprise infrastructure pedigree shows in Hypeman's production-oriented features like ingress, TLS, and snapshot/restore.