undefined | Better HN

story

0 pointswesturner11mo ago0 comments

> I would consider Docker for VMs instead.

Native Containers would probably solve here, too.

From https://news.ycombinator.com/item?id=43553198 :

>>> ostree native containers are bootable host images that can also be built and signed with a SLSA provenance attestation; https://coreos.github.io/rpm-ostree/container/

And also from that thread:

> How should a microkernel run (WASI) WASM runtimes?

What is the most minimal microvm for WASM / WASI, and what are the advantages to running WASM workloads with firecracker or microsandbox?

0 comments

appcypher11mo ago

> What is the most minimal microvm for WASM / WASI,

By setting up an image with wasmtime for example.

> and what are the advantages to running WASM workloads with firecracker or microsandbox?

I can think of stronger isolation or when you have legacy stuff you need to run alongside.

westurnerOP11mo ago

From https://e2b.dev/blog/firecracker-vs-qemu

> AWS built [Firecracker (which is built on KVM)] to power Lambda and Fargate [2], where they need to quickly spin up isolated environments for running customer code. Companies like E2B use Firecracker to run AI generated code securily in the cloud, while Fly.io uses it to run lightweight container-like VMs at the edge [4, 5].

"We replaced Firecracker with QEMU" (2023) https://news.ycombinator.com/item?id=36666782

"Firecracker's Kernel Support Policy" describes compatible kernel configurations; https://github.com/firecracker-microvm/firecracker/blob/main...

/? wasi microvm kernel [github] https://www.google.com/search?q=wasi+microvm+kernel+GitHub :

- "Mewz: Lightweight Execution Environment for WebAssembly with High Isolation and Portability using Unikernels" (2024) https://arxiv.org/abs/2411.01129 similar: https://scholar.google.com/scholar?q=related:b3657VNcyJ0J:sc...

j / k navigate · click thread line to collapse