Our mission is to enable secure, multi-tenant, minimal-overhead execution of container and function workloads.
Read more about the Firecracker Charter here.
What is Firecracker?
Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services that provide serverless operational models. Firecracker runs workloads in lightweight virtual machines, called microVMs, which combine the security and isolation properties provided by hardware virtualization technology with the speed and flexibility of containers.
Overview
The main component of Firecracker is a virtual machine monitor (VMM) that uses the Linux Kernel Virtual Machine (KVM) to create and run microVMs. Firecracker has a minimalist design. It excludes unnecessary devices and guest-facing functionality to reduce the memory footprint and attack surface area of each microVM. This improves security, decreases the startup time, and increases hardware utilization. Firecracker has also been integrated in container runtimes, for example Kata Containers and Flintlock.
Firecracker was developed at Amazon Web Services to accelerate the speed and efficiency of services like AWS Lambda and AWS Fargate. Firecracker is open sourced under Apache version 2.0.
To read more about Firecracker, check out firecracker-microvm.io.
Getting Started
To get started with Firecracker, download the latest release binaries or build it from source.
You can build Firecracker on any Unix/Linux system that has Docker running (we use a development container) and installed, as follows: