Skip to content

adds FAQ item about firecracker #264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

adds FAQ item about firecracker #264

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions assets/scss/_styles_project.scss
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,11 @@ $link-color: $light-link;
}
}

blockquote {
border-left: 2px solid $tan;
padding-left: 1em;
}

.featured-figure {
background-color: rgba(0,0,0,0.05);
border-radius: 4px;
Expand Down
16 changes: 16 additions & 0 deletions content/en/faqitems/project-1-bottlerocket-and-firecracker.markdown
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
+++
question = "What's the difference between Firecracker and Bottlerocket?"
group = "Project"
+++

Quite a lot!
[Firecracker](https://firecracker-microvm.github.io/) is a *virtualization* technology and Bottlerocket is an *operating system*. From the [Firecracker FAQ](https://firecracker-microvm.github.io/#faq):

> Firecracker is an alternative to QEMU that is purpose-built for running serverless functions and containers safely and efficiently, and nothing more.
Copy link
Contributor

@bcressey bcressey Sep 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternatively: Firecracker really just runs micro VMs and talking about specifics of what's inside those micro VMs (containers, serverless functions) is actually what creates the confusion, since Bottlerocket is also built for running containers safely and efficiently, and nothing more.

The missing nuance here is that there are different ways to run containers:

  1. using the Linux kernel primitives for isolation (cgroups, namespaces)
  2. using userspace reimplementation of the Linux kernel API (gvisor)
  3. using micro VMs with micro Linux kernels for each container (Firecracker)

Bottlerocket could support all of these ways with various trade-offs in terms of security and functionality, and today just supports the first one.


Bottlerocket does not uses Firecracker.
Copy link
Contributor

@bcressey bcressey Sep 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: "uses"

There's an open issue for Firecracker support so it's not a foregone conclusion that this will always be true, especially as out-of-tree builds make the distro easier to customize and experiment with.

For me this is like saying "Bottlerocket does not use Docker" - it's true except when it's not.

Bottlerocket and Firecracker actually have very little in common except they:

* are open source projects started at AWS,
* use the Rust programming language,
* have names related to fireworks.
Comment on lines +12 to +16
Copy link
Contributor

@bcressey bcressey Sep 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sort of reads like dunking on the person who asked this question. It doesn't help that the sentence could be written as "Bottlerocket and Firecracker actually have a lot in common" without changing the bullet points at all.