ZH version is available. Content is displayed in original English for accuracy.
We needed a secure, multi-tenant way to offer shell accounts to users, but most VMMs were using too much memory and containers are unsafe. With clone, VMs are now more memory efficient than containers in most cases.
Since many other projects on HN looked like they were doing this too, open sourcing this was the right thing to do.
Feel free to use in whole or in part as you see fit!
Discussion (1 Comments)Read Original on HackerNews
10x 512MB idle VMs should not take 5GB on Firecracker if they are started from snapshots since the 512MB memory file is mmap'ed with MAP_PRIVATE so is copy on write.
Firecracker has diff snapshots: https://github.com/firecracker-microvm/firecracker/blob/main...