> On the server, there’s a reason Amazon built Firecracker and Google built gVisor instead of just using the Linux sandboxing primitives. I think calling them “industrial grade” is pushing it when they’re rarely used as the first line of defense against code that is expected to be actively hostile.
actually firecracker is not a sandbox. it's basically qemu/libvirt and a minimal implementation of devices. it's qemu-kvm with a http interface and way less devices.
the reason why they rewritten qemu-kvm is because qemu-kvm contains a lot of code that is not needed and is way more bug prone. and also loading a kernel is way faster in firecracker since they optimized the kernel loading code.
I’m not sure of the distinction you’re drawing here. Originally Amazon used the Linux namespaces, cgroups, etc. for isolating Lambda invocations, but they only did this at the AWS account granularity (i.e. your Lambdas only shared the same VM with other Lambdas from your account) for security reasons. They built FirecrackerVM so they could run Lambdas freely on the same bare metal machine as others without having to group by tenant VM in this way. Obviously they found using the Linux primitives to be insufficient for maintaining isolation when dealing with hostile native code.
actually firecracker is not a sandbox. it's basically qemu/libvirt and a minimal implementation of devices. it's qemu-kvm with a http interface and way less devices.
the reason why they rewritten qemu-kvm is because qemu-kvm contains a lot of code that is not needed and is way more bug prone. and also loading a kernel is way faster in firecracker since they optimized the kernel loading code.