Very cool! It seems like this could solve docker-in-docker use cases for things like CI, perhaps? I would love to see benchmarks of mem/cpu footprint vs. the same workload in raw docker.
Yes there are definite CI applications. It's possible to run docker-in-docker with a privileged docker container or using the sysbox runtime, but it can be run using RunCVM inside a VM too.
But for a CI application that requires a running kernel, for example integration testing of an actual kernel module, or an application that uses kernel modules (like a VPN or firewall application) RunCVM could be very useful.
Think also about integration testing that requires hardware, such as a display.
In these cases, RunCVM can provide a way to encapsulate that VM and make it trivial to run the integration tests.
I don't have benchmarks to hand yet, but it's true that most applications will run more slowly (and require overall more host memory) in a VM compared to a plain container.
But for a CI application that requires a running kernel, for example integration testing of an actual kernel module, or an application that uses kernel modules (like a VPN or firewall application) RunCVM could be very useful.
Think also about integration testing that requires hardware, such as a display.
In these cases, RunCVM can provide a way to encapsulate that VM and make it trivial to run the integration tests.
I don't have benchmarks to hand yet, but it's true that most applications will run more slowly (and require overall more host memory) in a VM compared to a plain container.