Video recording and post production done by OpenStack Foundation.
Containers are driving down the overhead that has been necessary for traditional virtualization. But there have been serious tradeoffs made with their adoption. Containerization's resource sharing approach is exposing more of the host system. We're choosing to compromise the isolation of executables from kernel, accepting it as an inevitable price for low overhead. In multi-tenant environments, that's a heck of a gamble.
Tightrope acts like that do not need to happen.
ZeroVM has taken an entirely distincive approach to lightweight virtualization: strong security, from the beginning. Processes are kept on lockdown, jobs are horizontally scalable, and they execute with such fine-grained accuracy that metering by the second is no problem. End the cost-inefficiencies of metering by minutes and hours.
ZeroVM provides a secure execution environment for untrusted code, by applying the Chromium project's proven Native Client (NaCl) technology for validation and sandboxing. Moreover, when paired with OpenStack Swift, the two become a unique platform for executing arbitrary queries within a datastore, using any language of one's choosing.
We'll walk through the basics of the ZeroVM open source project, compelling use cases, and opportunities to take advantage of ZeroVM + Swift -- for solving problems at scale without compromising on either security, speed, or affordability.