Firecracker microVMs - How to Securely Run Thousands of Workloads on a Single Host

Add to your list(s) Download to your calendar using vCal

• Diana Popa, Amazon
• Tuesday 07 May 2019, 14:00-15:00
• LT2, Computer Laboratory, William Gates Building.

If you have a question about this talk, please contact Alexander Vetterl.

Serverless computing offers increased agility and scalability for users, in part since the cloud providers own the management of the underlying infrastructure. Services such as AWS Lambda and Fargate leverage hardware virtualization to provide strong isolation between multiple tenants. Until recently, this was based on full EC2 instances, which run stateless, short-lived serverless workloads at suboptimal densities. To break out of the status quo, we developed Firecracker as a fundamental building block for multi-tenant container and function-based services.

Firecracker is a security focused virtual machine monitor written in Rust, that runs on top of KVM and is amenable to CPU and memory oversubscription. It implements a minimalist device model, boots blazingly fast, and only incurs a very low memory overhead. Firecracker is already used to run production workloads, and its development continues as an open-source project.

This talk is part of the Computer Laboratory Security Seminar series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Seminar
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• LT2, Computer Laboratory, William Gates Building
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.