Skip to content
Tech News
← Back to articles

Show HN: OpenClawMachines – Extending OpenClaw to the Enterprise

read original more articles

OpenClaw Machines

Run as many isolated OpenClaw agents as you need, on hardware you own.

OpenClaw Machines is an open-source platform for running OpenClaw in secure AI sandboxes on your own infrastructure. A control plane orchestrates your hosts, and each agent runs in its own Firecracker microVM on them — hardware-isolated, safe for untrusted and agent-generated code. A Cloudflare data plane is the front door: every machine gets its own subdomain behind edge auth, reached through a tunnel that terminates inside the VM — no host port is exposed for user-to-VM traffic. The current control plane still needs private or firewall-restricted access to each agent's authenticated control API on 9090 . See it running at openclawmachines.com.

The Apache-2.0 public core ships every piece of that stack:

The ocm CLI lives in the separate mathaix/ocm-cli Apache-2.0 repository.

Video link

Click the screenshot to watch the 43-second demo on YouTube. This is a linked image, not an embedded player.

The demo covers host onboarding, agent spin-up, the running Firecracker VM terminal, workspace MCP integrations, and an agent tool call end to end.

Why OpenClaw Machines

Security. Real isolation, not containers: one Firecracker microVM per agent, with its own guest kernel behind a KVM hardware boundary — and auth enforced at the edge and again inside every VM.

... continue reading