Detecting If Your Shell Runs on Physical Machine, VM, or Container

Currently, bare metal, virtual machines, and containers are the three mainstream ways cloud providers deliver compute services. How can we tell which type a given shell environment actually is?

01 Detecting Containers

There is no universally 100% reliable method, but the systemd-detect-virt command is a good start. If the command exists, run systemd-detect-virt -c. An output of none means the environment is not a container; any other output indicates a container type such as lxc.

Another trick is to check the process with PID 1. If PID 1 is the application itself, the environment is likely a container; if it is /sbin/init or systemd, it may be a VM or bare metal.

Containers share the host kernel, so they usually lack a /boot directory unless it is explicitly mounted.

Docker containers can be identified by their cgroup name, which typically looks like docker-xxxx where xxxx is the container UUID. The following screenshot shows the cgroup information of a Docker‑run busybox container:

Docker can also be detected by the presence of the .dockerenv file. For rkt containers, the cgroup name contains rkt and the detection script is similar.

02 Detecting Physical Machines

If systemd-detect-virt returns none, the host is a physical machine. You can also examine the output of lscpu; the absence of a Hypervisor vendor field usually indicates bare metal.

Detailed hardware information can be obtained from DMI tables via dmidecode. The screenshot below shows an HP ProLiant DL380 Gen9 server:

Out‑of‑band management IP can be retrieved with ipmitool. If the command fails, the host is likely a virtual machine.

03 Detecting Virtual Machines

Again, systemd-detect-virt will output the virtualization type (e.g., kvm, xen, oracle) when run on a VM.

Alternatively, lscpu shows a Hypervisor vendor field. For example, AWS instances report Xen, while Alibaba Cloud and many other providers report KVM.

More detailed VM information can be extracted with dmidecode. On an OpenStack instance, the Manufacturer field reveals the platform, and the Version field indicates the OpenStack release (e.g., Ocata). The UUID field provides the VM identifier.

Cloud providers also expose metadata services. For AWS, querying the metadata endpoint yields the instance ID, instance type, public IP, VPC ID, AMI ID, security groups, etc. Similar metadata is available on OpenStack and Alibaba Cloud.

04 Summary

The following checklist summarizes the most common detection methods. None of them is foolproof, but together they provide a practical way to infer the underlying environment.

Run systemd-detect-virt -c; none means not a container.

Check PID 1; if it is the application itself, the environment is likely a container.

Look for the presence of kernel files (e.g., /boot); absence suggests a container.

Detect Docker by the existence of .dockerenv or Docker‑specific cgroup names; similarly detect rkt.

For VMs, examine lscpu for a Hypervisor vendor field or use systemd-detect-virt to get the hypervisor type.

For physical machines, systemd-detect-virt returns none and DMI data reveals vendor and model.

Below is a sample script that combines many of these checks into a single detection routine.