Attending this event?
Virtual Event
August 17–August 20, 2020

The schedule is subject to change. As we adjust to a virtual experience, our plan is to keep the sessions the same, which is dependent on speaker availability.

Learn More and Register to Attend This Event
Back To Schedule
Wednesday, August 19 • 11:50 - 12:25
Container Isolation via Virtualization: Don't Forget to Shrink the Guest - Dan Williams, IBM & Hsuan-Chi (Austin) Kuo, UIUC

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Virtualization must be lightweight to be useful for improving the isolation of container runtimes (e.g., Kata containers): adding traditional (heavyweight) virtualization layers to container primitives would, for example, result in unacceptable boot time and performance for important use cases like serverless computing. Fortunately, the community has made great strides towards lightweight virtualization with new VM monitors (e.g., AWS Firecracker) and associated tooling (e.g., Weaveworks Ignite). However, there has been relatively little attention paid to the guest kernel itself, which remains unnecessarily bloated, affecting both performance and security. We will make the case for guest kernel specialization via kernel configuration and highlight key challenges in applying these techniques in a sandboxed container context.


Dan Williams

Research Staff Member, IBM
Dan Williams is a Research Staff Member at IBM Research, where he works on unikernels and secure containers. He is an original author of the Solo5 unikernel base and Nabla Containers. Dan has given talks at many academic and industry conferences, including ACM SoCC, EuroSys, SOSP... Read More →
avatar for Hsuan-Chi (Austin) Kuo

Hsuan-Chi (Austin) Kuo

Student, UIUC
Hsuan-Chi (Austin) Kuo, is a Ph.D. candidate in the Dept. of Computer Science at the University of Illinois at Urbana-Champaign [UIUC]. He completed his B.S. in Computer Science from the National Tsing-Hua University in 2016. His research interests are in the area of systems, networking... Read More →

Wednesday August 19, 2020 11:50 - 12:25
Feedback form isn't open yet.