|
|
|
|
|
|
by ctalledo
2145 days ago
|
|
|
I've not used either, but conceptually the main difference is that those approaches use micro-VMs and thus require hardware virtualization (hypervisors). This can be a challenge if you want to run those on cloud VMs, as it would require nested virtualization. Sysbox on the other hand is a pure OS-virtualization container runtime, so it does not require hardware virtualization. Also, I think the goal is different: I understand Firecracker is meant as a way of strengthening the isolation of containers by wrapping them in micro-VMs. Sysbox is meant as way of enabling containers to run system workloads without complex images, entrypoints, volume mounts, etc., and with proper isolation via the Linux user-namespace. |
|
|