« Previous 1 2
A full virtualizer and an alternative to containers
Lighting the Fuse
Who Is It For?
Besides Amazon, who is Firecracker suitable for? Amazon says Firecracker is especially recommended to anyone who would otherwise have opted for container-based virtualization. Apparently, Amazon is planning a kind of double virtualization: VMs in Firecracker could be the basis for Docker. Users could then combine the advantages of Firecracker and true container virtualization: minimal overhead, but exactly the same isolation and security that Qemu offers in comparison.
A couple of things are still missing. Integration of Firecracker into other solutions like OpenStack simply doesn't exist yet. The minimum you would expect would be a nova-compute-firecrack
. However, it is unlikely that Amazon will develop this, because they would then indirectly compete with each other in the cloud. It's up to the community here. However, if Firecracker proves to be useful and helpful, it cannot be completely ruled out that one of the large Linux distributors might jump into the breach.
Conclusions
Firecracker attacks the weaknesses of full virtualization (massive overhead, even when almost nothing is happening, and maintaining and servicing several virtual machines) and containers (access by hackers to the physical system, as well as to other virtual systems running on the same hardware, and imperfect isolation of resources) by combining the security and isolation of real VMs with the light weight of containers.
My first conclusion is that Firecracker is cool, but not quite useful in everyday life yet, especially in a production environment. Whether or not Firecracker can be successful in the long run will largely depend on community acceptance and the way it integrates with other solutions. Unfortunately, you also cannot rule out Amazon killing it and relying on Kata Containers or a completely different solution, if the intended base in the community is not as successful as expected.
If you are interested in virtualization, and are looking for a lightweight alternative to Qemu, it makes sense to take a closer look at Firecracker.
Infos
- Firecracker: https://firecracker-microvm.github.io
- AWS Lambda: https://aws.amazon.com/lambda/
- Kata Containers: https://katacontainers.io
« Previous 1 2
Buy this article as PDF
(incl. VAT)