{"id":2059,"date":"2022-01-18T15:25:06","date_gmt":"2022-01-18T15:25:06","guid":{"rendered":"https:\/\/iot-ngin.eu\/?p=2059"},"modified":"2022-01-28T15:25:15","modified_gmt":"2022-01-28T15:25:15","slug":"microvms-to-reduce-the-overhead-of-virtualization","status":"publish","type":"post","link":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/","title":{"rendered":"microVMs to reduce the overhead of virtualization"},"content":{"rendered":"\n<p>Virtual Machines (VM) are common and established techniques to isolate the guest from the host operating systems. They are typically designed to run common operating systems like Windows and Linux as guest operating systems. Consequently, they create a virtual PC with the support of over decades developed interfaces (e.g. PCI, ACPI). This legacy support increases the boot time and the memory foot print of such virtual machines.<\/p>\n\n\n\n<p>Projects like <a href=\"https:\/\/firecracker-microvm.github.io\/\">Firecracker<\/a>, <a href=\"https:\/\/github.com\/Solo5\/solo5\">Solo5<\/a> and <a href=\"https:\/\/qemu.readthedocs.io\/en\/latest\/system\/i386\/microvm.html\">Qemu\u2019s microVM platform<\/a> established minimalist machine type without&nbsp;any PCI&nbsp;or&nbsp;ACPI&nbsp;support. Such microVMs also establishes a baseline for benchmarking and optimizing both QEMU and guest operating systems, since it is optimized for both boot time and footprint. In combination with <a href=\"https:\/\/iot-ngin.eu\/index.php\/2021\/06\/25\/containers-and-unikernels-more-isolation-for-your-software\/\">Unikernels<\/a>, the overhead and the attack vector can be reduced even further. The assumption is here that less source code in the implementation of the microVM and the guest operating system reduces also the possibility of security issues.<\/p>\n\n\n\n<p>In the meantime, container runtimes like <a href=\"https:\/\/katacontainers.io\/\">Kata containers<\/a> integrates microVMs seamless in a container ecosystem. By using such runtimes, Kubernetes is able to deploy microVMs and benefits from their stronger isolation. Our evaluation of starting 800 web-services shows that deploying microVMs doesn\u2019t increase the overhead in comparison to common container runtimes like runc. For this evaluation, we wrote our own container runtime and combined it with a microVM. We want to use this combination as base for developing a secure edge runtime. The strong isolation reduces the possibility of security issues, while reduction of overhead increase the scalability of the IoT-NGIN framework.<\/p>\n\n\n\n<p>Summary of benefits:<\/p>\n\n\n\n<ul class=\"ul-custom\"><li>A reduction of the memory footprint enables a high density of microVMs to be packed on each server and implicitly increases the scalability for cloud provides.&nbsp;<\/li><li>VMs provide a stronger isolation in comparison to container technologies. In addition, microVMs based on a minimal device model that excludes all non-essential functionality and reduces the attack surface area of the VM.<\/li><li>In addition to a minimal device model accelerates also the boot time of the kernel and offers new kind of event-triggered services with a small runtime. These VMs are ideal base for serverless computing.<\/li><\/ul>\n\n\n\n<p>In IoT-NGIN, we will further investigate the use of microVMs for our own unikernel <a href=\"https:\/\/github.com\/hermitcore\/rusty-hermit\">RustyHermit<\/a>. We assume that the combination of these technologies further takes us to the goal of enhancing today\u2019s cloud- and edge-computing with more secure and lightweight technologies.&nbsp;<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Virtual Machines (VM) are common and established techniques to isolate the guest from the host operating systems. They are typically designed to run common operating systems like Windows and Linux as guest operating systems. Consequently, they create a virtual PC &hellip;<\/p>\n","protected":false},"author":2,"featured_media":2060,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[17],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>microVMs to reduce the overhead of virtualization - IOT NGIN<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"microVMs to reduce the overhead of virtualization - IOT NGIN\" \/>\n<meta property=\"og:description\" content=\"Virtual Machines (VM) are common and established techniques to isolate the guest from the host operating systems. They are typically designed to run common operating systems like Windows and Linux as guest operating systems. Consequently, they create a virtual PC &hellip;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/\" \/>\n<meta property=\"og:site_name\" content=\"IOT NGIN\" \/>\n<meta property=\"article:published_time\" content=\"2022-01-18T15:25:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-01-28T15:25:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"500\" \/>\n\t<meta property=\"og:image:height\" content=\"333\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Giannis Tsichlas\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/iot-ngin.eu\/#website\",\"url\":\"https:\/\/iot-ngin.eu\/\",\"name\":\"IOT NGIN\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/iot-ngin.eu\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg\",\"contentUrl\":\"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg\",\"width\":500,\"height\":333},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#webpage\",\"url\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/\",\"name\":\"microVMs to reduce the overhead of virtualization - IOT NGIN\",\"isPartOf\":{\"@id\":\"https:\/\/iot-ngin.eu\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#primaryimage\"},\"datePublished\":\"2022-01-18T15:25:06+00:00\",\"dateModified\":\"2022-01-28T15:25:15+00:00\",\"author\":{\"@id\":\"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1\"},\"breadcrumb\":{\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/iot-ngin.eu\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"microVMs to reduce the overhead of virtualization\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1\",\"name\":\"Giannis Tsichlas\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/iot-ngin.eu\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g\",\"caption\":\"Giannis Tsichlas\"},\"url\":\"https:\/\/iot-ngin.eu\/index.php\/author\/tsichlas\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"microVMs to reduce the overhead of virtualization - IOT NGIN","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/","og_locale":"en_US","og_type":"article","og_title":"microVMs to reduce the overhead of virtualization - IOT NGIN","og_description":"Virtual Machines (VM) are common and established techniques to isolate the guest from the host operating systems. They are typically designed to run common operating systems like Windows and Linux as guest operating systems. Consequently, they create a virtual PC &hellip;","og_url":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/","og_site_name":"IOT NGIN","article_published_time":"2022-01-18T15:25:06+00:00","article_modified_time":"2022-01-28T15:25:15+00:00","og_image":[{"width":500,"height":333,"url":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Giannis Tsichlas","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/iot-ngin.eu\/#website","url":"https:\/\/iot-ngin.eu\/","name":"IOT NGIN","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/iot-ngin.eu\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#primaryimage","inLanguage":"en-US","url":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg","contentUrl":"https:\/\/iot-ngin.eu\/wp-content\/uploads\/2022\/01\/18657246306_d8d6b6148c.jpeg","width":500,"height":333},{"@type":"WebPage","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#webpage","url":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/","name":"microVMs to reduce the overhead of virtualization - IOT NGIN","isPartOf":{"@id":"https:\/\/iot-ngin.eu\/#website"},"primaryImageOfPage":{"@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#primaryimage"},"datePublished":"2022-01-18T15:25:06+00:00","dateModified":"2022-01-28T15:25:15+00:00","author":{"@id":"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1"},"breadcrumb":{"@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/iot-ngin.eu\/index.php\/2022\/01\/18\/microvms-to-reduce-the-overhead-of-virtualization\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/iot-ngin.eu\/"},{"@type":"ListItem","position":2,"name":"microVMs to reduce the overhead of virtualization"}]},{"@type":"Person","@id":"https:\/\/iot-ngin.eu\/#\/schema\/person\/dac2bc3c10805a89083986685c5801d1","name":"Giannis Tsichlas","image":{"@type":"ImageObject","@id":"https:\/\/iot-ngin.eu\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/740c19c414d2291ee24fcbe553ee2609?s=96&d=mm&r=g","caption":"Giannis Tsichlas"},"url":"https:\/\/iot-ngin.eu\/index.php\/author\/tsichlas\/"}]}},"cc_featured_image_caption":{"caption_text":"<p style=\"font-size: 0.9rem;font-style: italic;\"><a href=\"https:\/\/www.flickr.com\/photos\/111692634@N04\/18657246306\">\"Computer Security - Protect Data - Computers\"<\/a><span> by <a href=\"https:\/\/www.flickr.com\/photos\/111692634@N04\">perspec_photo88<\/a><\/span> is licensed under <a href=\"https:\/\/creativecommons.org\/licenses\/by-sa\/2.0\/?ref=openverse&atype=html\" style=\"margin-right: 5px;\">CC BY-SA 2.0<\/a><a href=\"https:\/\/creativecommons.org\/licenses\/by-sa\/2.0\/?ref=openverse&atype=html\" target=\"_blank\" rel=\"noopener noreferrer\" style=\"display: inline-block;white-space: none;margin-top: 2px;margin-left: 3px;height: 22px !important;\"><img style=\"height: inherit;margin-right: 3px;display: inline-block;\" src=\"https:\/\/search.creativecommons.org\/static\/img\/cc_icon.svg?image_id=464bebf1-9575-4018-b8b6-990953dd0cb0\" \/><img style=\"height: inherit;margin-right: 3px;display: inline-block;\" src=\"https:\/\/search.creativecommons.org\/static\/img\/cc-by_icon.svg\" \/><img style=\"height: inherit;margin-right: 3px;display: inline-block;\" src=\"https:\/\/search.creativecommons.org\/static\/img\/cc-sa_icon.svg\" \/><\/a><\/p>","source_text":"","source_url":""},"_links":{"self":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2059"}],"collection":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/comments?post=2059"}],"version-history":[{"count":6,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2059\/revisions"}],"predecessor-version":[{"id":2091,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/posts\/2059\/revisions\/2091"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/media\/2060"}],"wp:attachment":[{"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/media?parent=2059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/categories?post=2059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/iot-ngin.eu\/index.php\/wp-json\/wp\/v2\/tags?post=2059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}