Note, “function” as in “serverless” CGI-like server. I have no idea what they mean by “embedded”.
This seems to be Microsoft redoing AWS Firecracker, but they never mention Firecracker so it’s hard to tell why they are making a big deal about a six-year-old technology.
It’s basically a unikernel runtime for Hyper-V. It gives you a way of running fully isolated (lightweight VM interfaces, tiny attack surface, much smaller than a Linux syscall interface, let alone a Windows one) self-contained programs. You can put a language runtime (including a WAsm runtime) in there if you want, but there’s little benefit to WAsm in this context unless you are running different trust domains (and Hyperlight would prefer that you simply run those in different VMs with shared memory for communication).
Wasm is designed for portability and is very limited by semantics, eg stacks, concurrency, io. Additionally modern hw can prevent one from observing VM memory via encryption.This might be useful for some sort of private computing.
Perhaps a system like this will make JIT compilers safer
Honestly, it gave me flashbacks to COM/DCOM marshalling etc. back in the late 90s. Hard to see anything particularly innovative here? It may end up being a nicer or slightly more lightweight solution than existing stuff, but it doesn’t seem as earth-shattering as portrayed.
Note, “function” as in “serverless” CGI-like server. I have no idea what they mean by “embedded”.
This seems to be Microsoft redoing AWS Firecracker, but they never mention Firecracker so it’s hard to tell why they are making a big deal about a six-year-old technology.
That seems overly dismissive; Hyperlight claims 1-2ms startup time, Firecracker claims “<= 125ms”. Indeed, Firecracker does start a kernel, etc.
I myself was curious what this offers over WASM. They even mention using a WASM module inside of a VM, but I don’t know why you’d want or need that.
It’s basically a unikernel runtime for Hyper-V. It gives you a way of running fully isolated (lightweight VM interfaces, tiny attack surface, much smaller than a Linux syscall interface, let alone a Windows one) self-contained programs. You can put a language runtime (including a WAsm runtime) in there if you want, but there’s little benefit to WAsm in this context unless you are running different trust domains (and Hyperlight would prefer that you simply run those in different VMs with shared memory for communication).
Wasm is designed for portability and is very limited by semantics, eg stacks, concurrency, io. Additionally modern hw can prevent one from observing VM memory via encryption.This might be useful for some sort of private computing. Perhaps a system like this will make JIT compilers safer
[Comment removed by author]
Honestly, it gave me flashbacks to COM/DCOM marshalling etc. back in the late 90s. Hard to see anything particularly innovative here? It may end up being a nicer or slightly more lightweight solution than existing stuff, but it doesn’t seem as earth-shattering as portrayed.