ZeroVM: A New Take on App Container Virtualization
The Cloud Zone is brought to you in partnership with Mendix. Better understand the aPaaS landscape and how the right platform can accelerate your software delivery cadence and capacity with the Gartner 2015 Magic Quadrant for Enterprise Application Platform as a Service.
With the release of Docker, the conversation about application portability containers is heating up. Now Rackspace is introducing their own take on virtualization containers with a technology called ZeroVM. They've recently taken the reigns on this existing project, which is a hypervisor designed specifically for the cloud. Here's a good description:
ZeroVM is efficient because it is made to virtualize applications, not machines. The runtime virtualizes only the server parts that do the actual work at hand – making it much faster. Today, the fastest virtual servers take at least two minutes to create, while ZeroVM takes less than 5 milliseconds – or 1/20,000th as long. ZeroVM is fast enough that you can put every request into its own mini-VM to spread horizontally.
Here are some questions that Van Lindberg of Rackspace answered on HN:
Q: The ZeroVM site makes a big deal about application execution being completely deterministic. How does this interact with applications that require random numbers, such as crypto?
A: It is deterministic based on the inputs. You would need to pass in a seed or read from an external source of randomness to get different values out of a PNRG.
Q: Is ZeroVM capable of running unmodified Linux binaries? If not, what compiler toolchain is required to get it working? The main advantage of other lightweight virtualization solutions (OpenVZ, LXC) is that it's very easy to take regular binaries (e.g. postgresql) and drop them in a sandbox with minimal fuss.
A: Binaries need to be recompiled. There are two toolchains, a GCC-based one and an LLVM-based one. We can also compile within the ZeroVM container itself.
We expect that a lot of people will use existing language runtimes (Python, Lua, JS) To avoid compilation. Over the long term, though, a lot of the power comes from composability. Think Unix pipes, in parallel, across the cloud.
Q: Does the hypervisor use multiple communicating CPUs? If so, how do the races inherent in concurrency not destroy the determinism? Is this a single CPU/thread/fiber hypervisor?
A: Each container has a single process. Each Individual part is deterministic, so the entire system is composable deterministically.