A full virtualizer and an alternative to containers

Lighting the Fuse

Who Is It For?

Besides Amazon, who is Firecracker suitable for? Amazon says Firecracker is especially recommended to anyone who would otherwise have opted for container-based virtualization. Apparently, Amazon is planning a kind of double virtualization: VMs in Firecracker could be the basis for Docker. Users could then combine the advantages of Firecracker and true container virtualization: minimal overhead, but exactly the same isolation and security that Qemu offers in comparison.

A couple of things are still missing. Integration of Firecracker into other solutions like OpenStack simply doesn't exist yet. The minimum you would expect would be a nova-compute-firecrack. However, it is unlikely that Amazon will develop this, because they would then indirectly compete with each other in the cloud. It's up to the community here. However, if Firecracker proves to be useful and helpful, it cannot be completely ruled out that one of the large Linux distributors might jump into the breach.

Conclusions

Firecracker attacks the weaknesses of full virtualization (massive overhead, even when almost nothing is happening, and maintaining and servicing several virtual machines) and containers (access by hackers to the physical system, as well as to other virtual systems running on the same hardware, and imperfect isolation of resources) by combining the security and isolation of real VMs with the light weight of containers.

My first conclusion is that Firecracker is cool, but not quite useful in everyday life yet, especially in a production environment. Whether or not Firecracker can be successful in the long run will largely depend on community acceptance and the way it integrates with other solutions. Unfortunately, you also cannot rule out Amazon killing it and relying on Kata Containers or a completely different solution, if the intended base in the community is not as successful as expected.

If you are interested in virtualization, and are looking for a lightweight alternative to Qemu, it makes sense to take a closer look at Firecracker.

The Author

In his spare time, Debian developer Martin Gerhard Loschwitz works professionally as a Telekom Public Cloud Architect at T-Systems, where he primarily focuses on topics such as OpenStack, Ceph, and Kubernetes.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=