Comment by yewenjie
5 years ago
Slightly off-topic - what is a secure way to run arbitrary code in arbitrary languages in a server? I know replit's polygott docker container allows it.
5 years ago
Slightly off-topic - what is a secure way to run arbitrary code in arbitrary languages in a server? I know replit's polygott docker container allows it.
I would look at how the major clouds are running their compute instances. This might help:
https://www.nomadproject.io/
Which is basically k8s but lets you use vms.
I was thinking of using Tekton to make a CI/CD service at one point but I would pretty much need to smash the whole k8s VM/Node every time I do something and only allow one participant at a time. There are ways to run vm pods instead of containers in k8s but there are other issues at play. It's been a sec.
Have a look at Firecracker for running microVMs (originally developed at AWS before becoming open source):
https://firecracker-microvm.github.io/
Ideally, many small VMs. E.g. that's what AWS Lambda does.