How do lightweight MicroVMs which have the speed of containers but the isolation of a real vm, as implemented in FIrecracker etc, change the landscape? Or do they? I imagine launching a k8s pod or container is still faster and offers much more management and the security benefits of a real vm arent really applicable or desirable?
the revolution will start across this dimension at some point in time. We're looking at unikernels (https://en.wikipedia.org/wiki/Unikernel) and boot times of nanoseconds for these super specialized VMs. The tech and the ideas around it are not quite there but this is an exciting space to watch in the next 5-10 years.
That is so close to a simple process in a multitasking OS ... I get it, you still need dependency isolation, you're just reducing the dependencies to the minimum number as possible, but sometimes I wonder if something (besides cgroups) was missed in OS design.
Launching a container is implementation detail for Kubernetes. I could totally see Kubernetes which runs some pods in containers and some pods in VMs with tiny kernel. May be it even exists, I'm too lazy to google it.
Microvms are just the workloads, while Kubernetes is a platform, mostly agnostic of that workload. Yes that's currently mostly containers, but you can already schedule VMs on k8s with KubeVirt.
