Seminar : My VM is Lighter (and Safer) than your Container


Containers are in great demand because they are very lightweight when compared to virtual machines: both boot times and memory usage are significantly smaller than traditional VMs, and this allows massive consolidation of workloads on the same hardware. On the downside, containers have fundamentally weaker isolation properties than VMs.
In this talk, we will examine whether there is indeed a strict tradeoff between isolation (VMs) and efficiency (containers). By redesigning the control plane of Xen and using small, optimized unikernel-based virtual machines we show that it is possible to achieve VM boot times on the order of milliseconds while packing thousands of VMs on modest hardware.