hngopher.com

       [HN Gopher] Firecracker: Lightweight Virtualization for Serverle...
       ___________________________________________________________________
        
       Firecracker: Lightweight Virtualization for Serverless Applications
        
       Author : andrioni
       Score  : 62 points
       Date   : 2020-02-18 17:55 UTC (5 hours ago)
        
 (HTM) web link (www.amazon.science)
 (TXT) w3m dump (www.amazon.science)
        
       | srmatto wrote:
       | I'm really excited to see where this goes in the community. There
       | are some interesting projects using Firecracker such as Weave
       | Ignite and firekube that I think could improve the security of
       | Kubernetes. Also lightweight VMs are exciting in their own right.
       | 
       | https://github.com/weaveworks/ignite
       | 
       | https://github.com/weaveworks/wks-quickstart-firekube
        
         | bonzini wrote:
         | How does firekube compare to Kata Containers?
        
       | nezirus wrote:
       | I've also had great fun with Firecracker and virt-builder
       | (http://libguestfs.org/virt-builder.1.html) as a way to prepare
       | and use generic distros on Firecracker.
       | 
       | (The only additional step is to use guestfish to "download" root
       | partition from disk image created with virt-format and virt-
       | builder)
        
       | steveklabnik wrote:
       | Firecracker is a very interesting project.
       | 
       | It's covered in the paper, but the origins are the "crosvm"
       | project at Google, which is used in ChromeOS. Firecracker started
       | as a fork of crosvm, removed a bunch of code they didn't need,
       | and of course adding their own.
       | 
       | But rather than just fork, they've consolidated the shared parts
       | into the "rust-vmm" project: https://github.com/rust-
       | vmm/community
       | 
       | > The rust-vmm project is organized as a shared effort, shared
       | ownership open-source project that includes (so far) contributors
       | from Alibaba, AWS, Cloud Base, Crowdstrike, Intel, Google, Red
       | Hat as well as individual contributors.
       | 
       | This has allowed other similar tech to grow, like
       | https://github.com/cloud-hypervisor/cloud-hypervisor, which seems
       | to be the Intel project mentioned in the above sentence.
        
       | bonzini wrote:
       | The comparison with QEMU is a bit disingenuous. The number of
       | lines of code in a given binary is much less than 1.4 million,
       | which is the total for all the architectures that QEMU supports
       | (actually it's closer to 2 million). It is also possible to
       | configure out a lot of the code and libraries. A default build is
       | around 6-700.000 lines of code, and it is possible to build
       | reduced versions that tally less than 300.000 lines just by
       | tweaking a configuration file with the list of included devices
       | (which was done for the experiments in the paper). The NEMU
       | project mentioned in the paper is inactive exactly because it was
       | a dead end: it was possible to achieve all their goals directly
       | in QEMU without the need for a fork.
       | 
       | Likewise, the number of syscalls in QEMU (270) is quoted from
       | another paper but likely refers not to QEMU used as a VMM, but
       | rather to the so called "user-mode emulation" that runs foreign
       | Linux binaries (and which, by its very nature, invokes pretty
       | much all Linux syscalls including quite a few obsolete ones).
       | 
       | It would be interesting to have more information on the
       | configuration they use for QEMU, especially whether they are
       | enabling PCI and ACPI. Version 4.2 of QEMU (the version they
       | used) has a trimmed virtual machine type that was admittedly
       | inspired by Firecracker and actually boots even faster than
       | Firecracker, or at least in the noise. [1] The code specific to
       | this machine type is only 500 lines. Also since that release QEMU
       | and qboot _are_ actually able to boot uncompressed kernels using
       | the PVH entry point, contrarily to what the paper states. This
       | could explain the difference in boot time performance.
       | 
       | Memory consumption is tricky, QEMU uses green threads and has to
       | allocate stacks for them. This can show up as large mmaps but
       | they do not correspond to actual memory usage. But again without
       | redoing the experiments it's hard to say if that is the cause. I
       | have no doubt Firecracker is leaner in this respect, anyway, and
       | it's an important metric for Amazon.
       | 
       | That said, I am all for competition, and some of the measurements
       | in the paper are certainly worth a look to see if there is more
       | low hanging fruit to pick, especially with respect to memory
       | consumption. QEMU is a complex program, as demonstrated by the
       | complexity of measuring it accurately, and Firecracker is a very
       | interesting project. I am very happy to collaborate with the
       | authors of the paper on rust-vmm.
       | 
       | [1] http://people.redhat.com/pbonzini/microvm/
        
       | deforciant wrote:
       | We have been using it to run e2e tests by creating multiple VMs
       | that need to talk to each other and load some kernel modules. It
       | works so much faster than relying on cloud providers or
       | alternatives like Docker in Docker. Very good impressions so far
       | :)
        
         | eatonphil wrote:
         | What Firecracker frontend are you using? Or are you programming
         | directly against the builtin VMM API?
        
       ___________________________________________________________________
       (page generated 2020-02-18 23:00 UTC)