Firecracker: lightweight virtualization for serverless applications

March 2, 2020May 25, 2020 ~ Adrian Colyer ~ 3 Comments

Firecracker: lightweight virtualisation for serverless applications, Agache et al., NSDI'20 Finally the NSDI'20 papers have opened up to the public (as of last week), and what a great looking crop of papers it is. We looked at a couple of papers that had pre-prints available last week, today we'll be looking at one of the ... Continue Reading

My VM is lighter (and safer) than your container

November 2, 2017 ~ Adrian Colyer ~ 12 Comments

My VM is lighter (and safer) than your container Manco et al., SOSP’17 Can we have the improved isolation of VMs, with the efficiency of containers? In today’s paper choice the authors investigate the boundaries of Xen-based VM performance. They find and eliminate bottlenecks when launching large numbers of lightweight VMs (both unikernels and minimal ... Continue Reading

Paracloud: bringing application insight into cloud operations

August 21, 2017 ~ Adrian Colyer ~ 4 Comments

Paracloud: bringing application insight into cloud operations Nadgowda et al., HotCloud'17 We'll be looking at a selection of papers from HotCloud'17 this week. The HotCloud workshop focuses on new and emerging trends in cloud computing, and the CfP particularly encourages position papers that describe novel research directions and work that is in its formative stages. ... Continue Reading

A study of security vulnerabilities on Docker Hub

April 3, 2017November 11, 2019 ~ Adrian Colyer ~ 10 Comments

A study of security vulnerabilities on Docker Hub Shu et al., CODASPY '17 This is the first of five papers we'll be looking at this week from the ACM Conference on Data and Application Security and Privacy which took place earlier this month. Today's choice is a study looking at image vulnerabilities for container images ... Continue Reading

SCONE: Secure Linux containers with Intel SGX

December 14, 2016November 11, 2019 ~ Adrian Colyer ~ 13 Comments

SCONE: Secure Linux Containers with Intel SGX Arnautov et al., OSDI 2016 We looked at Haven earlier this year, which demonstrated how Intel’s SGX could be used to shield an application from an untrusted cloud provider. Today’s paper choice, SCONE, looks at how to employ similar ideas in the context of containers. …existing container isolation ... Continue Reading

Slacker: Fast Distribution with Lazy Docker Containers

May 2, 2016 ~ Adrian Colyer ~ 2 Comments

Slacker: Fast Distribution with Lazy Docker Containers - Harter et al. 2016 On you marks, get set, docker run -it ubuntu bash. How long did it take before you saw the bash prompt? In this wonderful FAST'16 paper, Harter et al. analyse what happens behind the scenes when you docker run a container image, and ... Continue Reading

Large-scale cluster management at Google with Borg

May 7, 2015 ~ Adrian Colyer ~ 9 Comments

Large-scale cluster management at Google with Borg - Verma et al. 2015 Borg has been running all of Google's workloads for the last ten years, and the learnings from Borg are being packaged into kubernetes so that the rest of the world can benefit from them. An important paper then as the rest of us ... Continue Reading

the morning paper

a random walk through Computer Science research, by Adrian Colyer
Made delightfully fast by strattic

Containers