Sunday, February 02, 2020

AWS FireCracker MicroVM, Crome OS, Lambda, Rust

Firecracker logo//firecracker-microvm.github.io

"Firecracker is an alternative to QEMU that is purpose-built for running serverless functions and containers safely and efficiently, and nothing more. Firecracker is written in Rust, provides a minimal required device model to the guest operating system while excluding non-essential functionality (only 5 emulated devices are available: virtio-net, virtio-block, virtio-vsock, serial console, and a minimal keyboard controller used only to stop the microVM). This, along with a streamlined kernel loading process enables a < 125 ms startup time and a < 5 MiB memory footprint."
//jaxenter.com/serverless-firecracker-aws-152371

  • Firecracker’s language of choice: Rust. Does this surprise you? It shouldn’t; Firecracker has roots in crosvm – the Chrome OS virtual machine monitor, which was written in Rust. Virtual machines written in Rust benefit from the language’s memory safety.
  • Windows support? Not here. Firecracker is a Kernel-based virtual machine. It can only support Linux kernel v4.14 and higher.



Firecracker – Lightweight Virtualization for Serverless Computing @ aws blog
  • "Secure – Firecracker uses multiple levels of isolation and protection, and exposes a minimal attack surface.
  • High Performance – You can launch a microVM in as little as 125 ms today (and even faster in 2019), 
  • Battle-Tested – Firecracker has been battled-tested and is already powering multiple high-volume AWS services including AWS Lambda and AWS Fargate.
  • Low Overhead – Firecracker consumes about 5 MiB of memory per microVM. You can run thousands of secure VMs with widely varying vCPU and memory configurations on the same instance.
  • Open Source – Firecracker is an active open source project."
Introducing Firecracker, a New Virtualization Technology and Open Source Project for Running Multi-Tenant Container Workloads @AWS


thenewstack.io/how-firecracker-is-going-to-set-modern-infrastructure-on-fire

No comments: