It's a very cool thing and through the magic of virtiofs I'm (almost) at a point at which I have a script that I can point at a directory with a Linux file system and boot it in a microVM in under a second.
It required quite a bit of trial and error because the components aren't very well documented and don't seem to be made for each other. I meant to publish something about it but never got around to it.
It'll likely be a lot of work to get going, but it might contain some valuable hints that I had to search for through mailing lists and reading the QEMU source.
I remember needing a semi-custom kernel (maybe) and (I think) the rust version of virtiofsd.
Not being familiar with this area the page didn't help me understand the use case. This explanation of firecracker makes some sense though: "firecracker is purposefully minimal to present less possibility for configuration mishaps and importantly minimal attack surface (it's usually used to run untrusted workloads). Also full control by ReST-API makes it easy to orchestrate."
Related: "Microvm, qboot and feature reduced qemu in ubuntu" https://cpaelzer.github.io/blogs/009-microvm-in-ubuntu/
It's a very cool thing and through the magic of virtiofs I'm (almost) at a point at which I have a script that I can point at a directory with a Linux file system and boot it in a microVM in under a second.
It required quite a bit of trial and error because the components aren't very well documented and don't seem to be made for each other. I meant to publish something about it but never got around to it.
This sounds interesting, would you be willing to share what you have so far?
I guess this is better than nothing: https://gist.github.com/solarkraft/c22b2742741a3dbc07a908266...
It'll likely be a lot of work to get going, but it might contain some valuable hints that I had to search for through mailing lists and reading the QEMU source. I remember needing a semi-custom kernel (maybe) and (I think) the rust version of virtiofsd.
Not being familiar with this area the page didn't help me understand the use case. This explanation of firecracker makes some sense though: "firecracker is purposefully minimal to present less possibility for configuration mishaps and importantly minimal attack surface (it's usually used to run untrusted workloads). Also full control by ReST-API makes it easy to orchestrate."
https://stackoverflow.com/questions/74512158/what-makes-the-...
Related ongoing thread:
We replaced Firecracker with QEMU - https://news.ycombinator.com/item?id=21461701 - Nov 2019 (20 comments)
They mentioned a baseline for benchmarking but didn’t offer any benchmarks. I’d enjoy seeing some if anyone has.