(short week: 3 days)
Brief writeup of a pair of talks I attended on Tuesday at the Cambridge University Computer Lab by some people from Amazon:
Diana Popa talked about Amazon's new "Firecracker" VMM (virtual machine monitor -- the userspace component that uses the kernel's KVM APIs to create and control virtual machines; kvmtool and QEMU are both VMMs). Their use case is the AWS Lambda service, where VMs are generally fairly short-lived (on the order of hours), startup time matters a lot, and the VMs typically don't need very much CPU/RAM resource. Firecracker is written in Rust, and provides a very simple guest device model (virtio block and network devices), booting a kernel that knows it is virtualized. It boots the kernel directly, without running a BIOS. It has a memory footprint of less than 5MB and a boot time of 125ms. They are currently working on Arm support (they have it booting, but some bits still need work, eg the VM doesn't get the right time because there is no RTC device exposed to the guest). My feeling was that this shows an advantage of the KVM design: the kernel/userspace split makes it easy to replace the userspace VMM part with something customised for the task at hand if you don't need a full-fat all-bells-and-whistles general-purpose solution.
Andreea Florescu talked next, about the "rust-vmm" libraries. This is a set of open-source Rust crates which are intended to abstract out some of the common building blocks for VMMs. Firecracker started as a fork of Google's crosvm project, but since the use-case requirements for the two projects are markedly different the code diverged fairly rapidly. rust-vmm is intended to allow the projects to share code for things like "nice Rust interfaces to the KVM ioctls" and "implementations of virtio devices". The project is still in quite an early stage of development -- they have a few crates that have made it to the "stable, published on crates.io" phase, but most are either in "being developed" or still just "planned/proposed/discussed". It's currently Apache-2.0 licensed, but they are planning to dual-license to Apache-2.0 | 3-BSD because Apache-2.0 isn't GPL-2.0 compatible, and they have had some interest in being able to experiment with using these crates with QEMU. (That sounds a bit outlandish but it's actually something I'm planning to look into myself -- the nice thing about Rust is that you can potentially incrementally add it to an existing C codebase without requiring a ground-up rewrite, so allowing security hardening of the more "risky" parts. This is very definitely all still just "exploratory prototyping" though.)
Progress: * just miscellaneous upstream stuff
thanks -- PMM