[tlug] VMs vs. Containers (was: Um, so... systemd?)

[Curt Sampson <cjs@example.com>]

On 2017-01-17 19:11 +0900 (Tue), AbH Belxjander Draconis Serechai wrote:

> I've also been considering to do it again to build a custom stripped down
> virtual machine core for a minimal "systemd + python" only setup just to
> test a theory I have.
> 
> Would anyone find that useful?

These days, not so much. My world now generally divides into two: VMs
that are full systems and Docker containers (often hosted on those
very VMs). If I needed a minimal environment to run a Python app, I'd
use one of the [Docker python] containers.

(For even more minimal stuff there are Alpine Linux containers, built
from Busybox IIRC, which are around 5 MB in size and include just
enough to run and debug startup for a binary. You then just layer what
you need on top of this, which can be as little as a few kilobytes
more. You can see an almost stupidly simple example of a TCP echo
server done this way in my [docker-echo] repo.)

Where app-specific VMs can still be great are with [unikernels] built
with systems like [MirageOS]. The idea here is that you build your
"kernel" code and your application code together in a single binary
that is then the kernel you boot in a hypervisor partition. This can
offer some incredible performance benefits, particularly because you
can usually do away with strict separation of the kernel and user
portions of system meaning you no longer have to make lots of
expensive transitions across that kernel/userland boundary.

[Docker python]: https://hub.docker.com/_/python/
[docker-echo]: https://github.com/c-j-s/docker-echo
[unikernels]: https://queue.acm.org/detail.cfm?id=2566628
[MirageOS]: https://mirage.io/

cjs
-- 
Curt Sampson         <cjs@example.com>         +81 90 7737 2974

To iterate is human, to recurse divine.
    - L Peter Deutsch