|
|
|
|
|
|
by sweetjuly
826 days ago
|
|
|
It's bare metal in the sense that it's self-bootstrapping but the "metal" it supports is only a paravirtualized system. This is what they mean when they say that they don't want to support tons of random hardware drivers: they've written support for KVM paravirt devices (which are nearly universally available on VMs), and that allows the kernel to run on most hosting providers. |
|
|
It minimizes the software stack (and with that: attack surface) that application sits on, inside a VM.
It does not (nor is it expected to) help to minimize said application.
And it does not minimize the software stack that runs the VM.