Firecracker: lightweight virtualization for serverless applications

March 2, 2020March 1, 2020 ~ adriancolyer ~ 3 Comments

Firecracker: lightweight virtualisation for serverless applications, Agache et al., NSDI'20 Finally the NSDI'20 papers have opened up to the public (as of last week), and what a great looking crop of papers it is. We looked at a couple of papers that had pre-prints available last week, today we'll be looking at one of the … Continue reading Firecracker: lightweight virtualization for serverless applications

My VM is lighter (and safer) than your container

November 2, 2017October 28, 2017 ~ adriancolyer ~ 12 Comments

My VM is lighter (and safer) than your container Manco et al., SOSP’17 Can we have the improved isolation of VMs, with the efficiency of containers? In today’s paper choice the authors investigate the boundaries of Xen-based VM performance. They find and eliminate bottlenecks when launching large numbers of lightweight VMs (both unikernels and minimal … Continue reading My VM is lighter (and safer) than your container

Paracloud: bringing application insight into cloud operations

August 21, 2017August 14, 2017 ~ adriancolyer ~ 4 Comments

Paracloud: bringing application insight into cloud operations Nadgowda et al., HotCloud'17 We'll be looking at a selection of papers from HotCloud'17 this week. The HotCloud workshop focuses on new and emerging trends in cloud computing, and the CfP particularly encourages position papers that describe novel research directions and work that is in its formative stages. … Continue reading Paracloud: bringing application insight into cloud operations

A study of security vulnerabilities on Docker Hub

April 3, 2017March 27, 2017 ~ adriancolyer ~ 10 Comments

A study of security vulnerabilities on Docker Hub Shu et al., CODASPY '17 This is the first of five papers we'll be looking at this week from the ACM Conference on Data and Application Security and Privacy which took place earlier this month. Today's choice is a study looking at image vulnerabilities for container images … Continue reading A study of security vulnerabilities on Docker Hub

SCONE: Secure Linux containers with Intel SGX

December 14, 2016July 31, 2017 ~ adriancolyer ~ 13 Comments

SCONE: Secure Linux Containers with Intel SGX Arnautov et al., OSDI 2016 We looked at Haven earlier this year, which demonstrated how Intel’s SGX could be used to shield an application from an untrusted cloud provider. Today’s paper choice, SCONE, looks at how to employ similar ideas in the context of containers. …existing container isolation … Continue reading SCONE: Secure Linux containers with Intel SGX

Slacker: Fast Distribution with Lazy Docker Containers

May 2, 2016July 27, 2017 ~ adriancolyer ~ 2 Comments

Slacker: Fast Distribution with Lazy Docker Containers - Harter et al. 2016 On you marks, get set, docker run -it ubuntu bash. How long did it take before you saw the bash prompt? In this wonderful FAST'16 paper, Harter et al. analyse what happens behind the scenes when you docker run a container image, and … Continue reading Slacker: Fast Distribution with Lazy Docker Containers

Large-scale cluster management at Google with Borg

May 7, 2015July 26, 2017 ~ adriancolyer ~ 9 Comments

Large-scale cluster management at Google with Borg - Verma et al. 2015 Borg has been running all of Google's workloads for the last ten years, and the learnings from Borg are being packaged into kubernetes so that the rest of the world can benefit from them. An important paper then as the rest of us … Continue reading Large-scale cluster management at Google with Borg