Stack Overflow
Stack Overflow

Questions tagged [firecracker]

Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant containers and functions-based services. Firecracker was developed at Amazon Web Services to improve the customer experience of services like AWS Lambda and AWS Fargate.

From firecracker-microvm.github.io/:

Until now, you needed to choose between containers with fast startup times and high density, or VMs with strong hardware-virtualization-based security and workload isolation. With Firecracker, you no longer have to choose.

Firecracker enables you to deploy workloads in lightweight virtual machines, called microVMs, which provide enhanced security and workload isolation over traditional VMs, while enabling the speed and resource efficiency of containers. Firecracker was developed at Amazon Web Services to improve the customer experience of services like AWS Lambda and AWS Fargate.

Firecracker implements a virtual machine monitor (VMM) that uses the Linux Kernel-based Virtual Machine (KVM) to create and manage microVMs.

Firecracker has a minimalist design. It excludes unnecessary devices and guest functionality to reduce the memory footprint and attack surface area of each microVM. This improves security, decreases the startup time, and increases hardware utilization. Firecracker currently supports Intel CPUs, with planned AMD and Arm support.

17 questions
14
votes
1 answer

What is the difference between Ignite and gVisor in terms of their use-case?

I would like to know if there is a difference between gVisor and Weave Ignite in terms of their use-cases (if there is any). To me, both of them seem to try a similar thing: make the execution of code in virtualized environments more secure. gVisor…
User12547645
  • 6,955
  • 3
  • 38
  • 69
6
votes
1 answer

Firecracker microVM: how to create custom Firecracker microVM and file system images

I went through the Getting Started guide of Firecracker microVM via building from source via Docker and following the steps. I have working knowledge of Docker via CLI/Visual Studio UI/ECS and remember building AWS AMIs manually before the Docker…
V.B.
  • 6,236
  • 1
  • 33
  • 56
3
votes
1 answer

How to login: "After following the steps in firecracker custom rootfs using alpine"

I have followed the below steps for creating a custom rootfs image for booting with firecracker:- https://github.com/firecracker-microvm/firecracker/blob/master/docs/rootfs-and-kernel-setup.md Once the VM is up, it asks for the login username and…
user2491023
  • 41
  • 3
2
votes
1 answer

What makes the firecracker microvm "micro" vs something like qemu?

From https://firecracker-microvm.github.io/: Firecracker is an alternative to QEMU that is purpose-built for running serverless functions and containers safely and efficiently, and nothing more. Firecracker is written in Rust, provides a minimal…
xyz
  • 201
  • 2
  • 7
2
votes
1 answer

What's Happening when an AWS Lambda Function Freezes

What's going on behind the scenes when an AWS lambda function freezes? That is -- many of the Lambda Runtime Docs refer broadly to the concept of a function freezing or unfreezing The runtime and each extension indicate completion by sending a Next…
Alana Storm
  • 164,128
  • 91
  • 395
  • 599
2
votes
1 answer

Does AWS Lambda run every invocation in a separate Firecracker VM?

I am aware of the cold-start and warm-start in AWS Lambda. However, I am not sure during the warm-start if the Lambda architecture reuses the Firecracker VM in the backend? Or does it do the invocation in a fresh new VM? Is there a way to enforce VM…
user31986
  • 1,558
  • 1
  • 14
  • 29
2
votes
2 answers

How aws firecracker handles vcpu?

I have issued below command in aws firecracker to configure the VM. I have only 8 vcpu in my host machine. curl --unix-socket /tmp/firecracker.socket -i \ -X PUT 'http://localhost/machine-config' \ -H 'Accept: application/json' …
user11779620
1
vote
2 answers

How to use unix domain socket to make a request when using Gin?

I am creating a wrapper for firecracker. To start a VM with firecracker on command line, you have to pass a socket file to the firecracker executable. Something like this: firecracker --api-sock /path/to/file.socket Then from another terminal, you…
Santosh Kumar
  • 26,475
  • 20
  • 67
  • 118
1
vote
1 answer

k8s - Nested Firecracker Environments

Sorry if this question might sound "convoluted" but here it goes... I'm currently designing a k8s solution based on Firecracker and Kata-containers. I'd like the environment to be as isolated/secure as possible. My thoughts around this are: deploy…
Kodo
  • 541
  • 1
  • 6
  • 17
1
vote
0 answers

How can I snapshot and restore firecracker vm running containers using firecracker-containerd?

I am running containers in Firecracker micro-VM using firecracker contained. I was able to create a firecracker VM and run a container inside it. However, I haven't found any APIs in firecracker-containerd to snapshot and restore a VM running…
Ashikee AbHi
  • 385
  • 2
  • 12
1
vote
1 answer

Build a rootfs ext4 image from distroless image for firecracker

I need to use a debian based distro with firecracker, and I attempt to do something similar to what firecracker docs gave: here. I attempted to run this distroless image gcr.io/distroless/base-debian10 and install systemd and copy over the files to…
t348575
  • 674
  • 8
  • 19
1
vote
0 answers

Firecracker with Nomad or Vagrant?

I have to configure firecracker on ubuntu server. I am little bit confuse like it should be installed standalone ( https://medium.com/@s8sg/quick-start-with-firecracker-and-firectl-in-ubuntu-f58aeedae04b ) ? OR inside any orchestration tools like…
DanishDevops
  • 21
  • 3
1
vote
3 answers

Running Firecracker inside Docker

Is there any way to run Firecracker inside Docker container. I tried the basic networking in firecracker although having containerized firecracker can have many benefits No hurdle to create and manage overlay network and attach Deploy in Docker…
Swarvanu Sengupta
  • 360
  • 4
  • 11
0
votes
0 answers

Can I dynamically resize firecracker microVMs during runtime to adjust vCPU capacity?

I wanted to implement a serverless platform where I can resize microvms based on load. For my idea to work, I need to resize microvm (firecracker VMM) with 2vcpu to 8vcpu and so on. Is this possible? If so, are there any tutorials to do this? Thanks…
Anish Reddy
  • 11
  • 3
0
votes
0 answers

Why virtual machines on the same subnet cannot communicate with each other unless through the gateway?

I'm using AWS Firecracker to create two VMs (both have Ubuntu 22.04 OS) on a container that has Ubuntu 22.04 OS. I create a bridge br0 and assign IP address of 192.168.0.7 to it as the gateway. Then I create tun/tap virtual network interfaces for…
Mithridates the Great
  • 473
  • 1
  • 4
  • 14
1
2