Brussels / 1 & 2 February 2020


Lightweight virtualization in the Cloud and at the Edge

hypervisors gone rogue

Running applications in the Cloud has changed the way users develop and ship their code. Quite recently, the community has given rise to microservices-based approaches, towards solutions that follow the paradigm of Platform-, Software-, and Function-as-a-Service (PaaS, SaaS, and FaaS respectively).

To accommodate user demands, while maintaining security and isolation, Cloud vendors have adopted a hybrid approach where user workloads are being executed in lightweight sandboxed environments, where micro-hypervisors provide the isolation and container-based images facilitate application deployment. As a result, lighter virtualization stacks remains a key aspect to maximize performance in a multi-tenant but isolated environment.

To this end, we started experimenting with various Virtual Machine Monitors (VMMs) that could provide the ideal trade-off between performance, flexibility and application portability. In this talk, we present the design of a minimal VMM, based on KVM, residing entirely in the Linux Kernel and showcase the merits and shortcomings (minimal footprint, security concerns), for each use-case (Cloud FaaS, edge multi-tenancy). Additionally, we present our experience from porting Firecracker to a low-power device (RPi4) demonstrating the merits of lightweight hypervisor stacks for flexible application execution at the edge.


Photo of Anastassios Nanos Anastassios Nanos
Babis Chalios