NVIDIA · drew · May 7, 2026 · May 7, 2026
@@ -39,7 +39,6 @@ These pipelines connect skills into end-to-end workflows. Individual skill files
 | `crates/openshell-core/` | Shared core | Common types, configuration, error handling |
 | `crates/openshell-providers/` | Provider management | Credential provider backends |
 | `crates/openshell-tui/` | Terminal UI | Ratatui-based dashboard for monitoring |
-| `crates/openshell-vm/` | MicroVM runtime | Experimental, work-in-progress libkrun-based VM execution |
 | `crates/openshell-driver-kubernetes/` | Kubernetes compute driver | In-process `ComputeDriver` backend for K8s sandbox pods |
 | `crates/openshell-driver-docker/` | Docker compute driver | In-process `ComputeDriver` backend for local Docker sandbox containers |
 | `crates/openshell-driver-vm/` | VM compute driver | Standalone libkrun-backed `ComputeDriver` subprocess (embeds its own rootfs + runtime) |

@@ -4,7 +4,6 @@
 [workspace]
 resolver = "2"
 members = ["crates/*"]
-exclude = ["crates/openshell-vm"]
 
 [workspace.package]
 version = "0.0.0"

@@ -14,7 +14,7 @@ OpenShell builds these main artifacts:
 | CLI package and Python SDK | `python/openshell` plus Rust binaries where packaged |
 | Gateway container image | `deploy/docker/Dockerfile.images` |
 | Helm chart | `deploy/helm/openshell` |
-| VM driver/runtime assets | `crates/openshell-driver-vm` and `crates/openshell-vm` |
+| VM driver/runtime assets | `crates/openshell-driver-vm` |
 | Published docs site | `docs/` rendered by Fern config in `fern/` |
 
 Sandbox community images are built outside this repository.

@@ -2,7 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use miette::Result;
-use openshell_core::paths::{xdg_config_dir, xdg_data_dir};
+use openshell_core::paths::xdg_config_dir;
 use std::path::PathBuf;
 
 /// Path to the file that stores the active gateway name.
@@ -26,13 +26,6 @@ pub fn last_sandbox_path(gateway: &str) -> Result<PathBuf> {
     Ok(gateways_dir()?.join(gateway).join("last_sandbox"))
 }
 
-/// Base directory for openshell-vm data (without version).
-///
-/// Location: `$XDG_DATA_HOME/openshell/openshell-vm/`
-pub fn openshell_vm_base_dir() -> Result<PathBuf> {
-    Ok(xdg_data_dir()?.join("openshell").join("openshell-vm"))
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;

@@ -194,10 +194,6 @@ in `post_install`, and owns the `brew services` gateway lifecycle. The service
 also leaves `OPENSHELL_DRIVERS` unset so driver choice remains automatic unless
 the user explicitly overrides it.
 
-## Relationship to `openshell-vm`
-
-`openshell-vm` is a separate, legacy crate that runs the **whole OpenShell gateway inside a single VM**. It remains in the repository for later deprecation or removal, but is excluded from normal workspace builds and release paths. `openshell-driver-vm` is the active compute driver called by a host-resident gateway to spawn **per-sandbox VMs**. The driver vendors its own rootfs handling and runtime loader so `openshell-server` never has to link libkrun.
-
 ## TODOs
 
 - The gateway still configures the driver via CLI args; this will move to a gRPC bootstrap call so the driver interface is uniform across backends. See the `TODO(driver-abstraction)` notes in `crates/openshell-server/src/lib.rs` and `crates/openshell-server/src/compute/vm.rs`.

@@ -4,8 +4,7 @@
 //! Build script for openshell-driver-vm.
 //!
 //! This crate embeds the sandbox supervisor plus the minimal libkrun runtime
-//! artifacts it needs to boot VMs without depending on the openshell-vm binary
-//! or crate.
+//! artifacts it needs to boot VMs without a separate VM runtime binary.
 
 use std::path::{Path, PathBuf};
 use std::{env, fs};

@@ -12,9 +12,7 @@ runtime/
 ```
 
 `openshell-driver-vm` embeds libkrun, libkrunfw, gvproxy, and the bundled
-`openshell-sandbox` supervisor. The legacy `crates/openshell-vm` crate remains
-in the repository, but normal workspace builds and release workflows do not use
-it.
+`openshell-sandbox` supervisor.
 
 ## Why
 

@@ -3,23 +3,18 @@
 
 # Pinned dependency versions for the openshell-driver-vm runtime.
 #
-# This file is sourced by build-rootfs.sh and
-# build-libkrun.sh. It centralises version pins and content-addressed
-# digests so that builds are reproducible and auditable.
+# This file is sourced by VM runtime packaging scripts. It centralises version
+# pins and content-addressed digests so that builds are reproducible and
+# auditable.
 #
 # Environment variables override these defaults — CI and local dev workflows
-# can still set IMAGE_TAG, K3S_VERSION, etc. as before.
+# can still set the runtime dependency versions below.
 #
 # To update a dependency:
 #   1. Change the version/digest below.
 #   2. Run the relevant build script to verify.
 #   3. Commit pins.env alongside any script changes.
 
-# ── k3s binary ─────────────────────────────────────────────────────────
-K3S_VERSION="${K3S_VERSION:-v1.35.2+k3s1}"
-K3S_ARM64_SHA256="${K3S_ARM64_SHA256:-228809a7ef47d25c1bdbe746944931ec2fd2edf842b9cf50f1dd4f9ec2505b0e}"
-K3S_AMD64_SHA256="${K3S_AMD64_SHA256:-3ae8e35a62ac83e8e197c117858a564134057a7b8703cf73e67ce60d19f4a22b}"
-
 # ── Base Docker image (digest-pinned) ──────────────────────────────────
 # Tag: nvcr.io/nvidia/base/ubuntu:noble-20251013
 VM_BASE_IMAGE="${VM_BASE_IMAGE:-nvcr.io/nvidia/base/ubuntu@sha256:43fa5063e80fbbc533892af3ccca190868ce48db5a8928b19d7815c40436af8e}"

@@ -3019,14 +3019,11 @@ mod tests {
             "bin/sed",
             "sbin/ip",
             "opt/openshell/bin/openshell-sandbox",
-            "usr/local/bin/k3s",
         ] {
             let path = source_rootfs.join(path);
             fs::create_dir_all(path.parent().unwrap()).unwrap();
             fs::write(path, "").unwrap();
         }
-        fs::create_dir_all(source_rootfs.join("opt/openshell/manifests")).unwrap();
-        fs::write(source_rootfs.join("opt/openshell/manifests/old.yaml"), "").unwrap();
 
         create_rootfs_archive_from_dir(&source_rootfs, &exported_rootfs).unwrap();
         prepare_exported_rootfs_archive(
@@ -3045,8 +3042,6 @@ mod tests {
                 .join("opt/openshell/bin/openshell-sandbox")
                 .is_file()
         );
-        assert!(!extracted.join("usr/local/bin/k3s").exists());
-        assert!(!extracted.join("opt/openshell/manifests").exists());
         assert_eq!(
             fs::read_to_string(extracted.join("opt/openshell/.rootfs-type")).unwrap(),
             "sandbox\n"

@@ -137,16 +137,7 @@ fn append_symlink_to_archive(
 }
 
 fn prepare_sandbox_rootfs(rootfs: &Path) -> Result<(), String> {
-    for relative in [
-        "usr/local/bin/k3s",
-        "usr/local/bin/kubectl",
-        "var/lib/rancher",
-        "etc/rancher",
-        "opt/openshell/charts",
-        "opt/openshell/manifests",
-        "opt/openshell/.initialized",
-        "opt/openshell/.rootfs-type",
-    ] {
+    for relative in ["opt/openshell/.initialized", "opt/openshell/.rootfs-type"] {
         remove_rootfs_path(rootfs, relative)?;
     }
 
@@ -326,14 +317,8 @@ mod tests {
         let dir = unique_temp_dir();
         let rootfs = dir.join("rootfs");
 
-        fs::create_dir_all(rootfs.join("usr/local/bin")).expect("create usr/local/bin");
         fs::create_dir_all(rootfs.join("etc")).expect("create etc");
-        fs::create_dir_all(rootfs.join("var/lib/rancher")).expect("create var/lib/rancher");
-        fs::create_dir_all(rootfs.join("opt/openshell/charts")).expect("create charts");
-        fs::create_dir_all(rootfs.join("opt/openshell/manifests")).expect("create manifests");
         fs::create_dir_all(rootfs.join("opt/openshell/bin")).expect("create openshell bin");
-        fs::write(rootfs.join("usr/local/bin/k3s"), b"k3s").expect("write k3s");
-        fs::write(rootfs.join("usr/local/bin/kubectl"), b"kubectl").expect("write kubectl");
         fs::write(rootfs.join("opt/openshell/.initialized"), b"yes").expect("write initialized");
         fs::write(
             rootfs.join("opt/openshell/bin/openshell-sandbox"),
@@ -357,11 +342,6 @@ mod tests {
         prepare_sandbox_rootfs(&rootfs).expect("prepare sandbox rootfs");
         validate_sandbox_rootfs(&rootfs).expect("validate sandbox rootfs");
 
-        assert!(!rootfs.join("usr/local/bin/k3s").exists());
-        assert!(!rootfs.join("usr/local/bin/kubectl").exists());
-        assert!(!rootfs.join("var/lib/rancher").exists());
-        assert!(!rootfs.join("opt/openshell/charts").exists());
-        assert!(!rootfs.join("opt/openshell/manifests").exists());
         assert!(rootfs.join("srv/openshell-vm-sandbox-init.sh").is_file());
         assert!(!rootfs.join("sandbox").exists());
         assert!(