With cloud computing, we started with virtual machines. They allow us to virtualize an entire server, while providing strong isolation and security.

Then containers came along. They allow us to virtualize just our applications, making containers faster and less resource intensive than VMs. But with these gains we lose strong isolation.

What if we could have the speed and resource efficiency of containers coupled with the enhanced security and isolation of VMs?

In this episode of Mobycast, Jon and Chris kick off a three-part series on the future of containers. We dive deep on microVMs, unikernels and container sandboxes, understanding what they are, how they work, and how well they combine the best of both VM and container worlds.

Show Notes

In this episode, we cover the following topics:
  • We review virtual machines (full virtualization) and their benefits and tradeoffs.
  • We then revisit containers (OS-level virtualization) and briefly recap how they use OS kernel features to enable virtualization.
  • Containers provide great performance and resource efficiency, but at the cost of losing strong isolation. Can we have the performance and efficiency benefits of containers but with the strong isolation of VMs? There are some promising technologies that aim to combine the best of both VM and container worlds: microVMs, unikernels and container sandboxes.
  • What are microVMs?
  • What are unikernels?
  • What are container sandboxes?
  • AWS Firecracker is one of the most talked about microVMs. We discuss what it is, and the key benefits of using Firecracker.

Want the complete episode outline with detailed notes? Sign up here:


Smooth Modulator by aMIGAaMIGO

For a full transcription of this episode, please visit the episode webpage.

We'd love to hear from you! You can reach us at:

What is Mobycast?

A Podcast About Cloud Native Software Development, AWS, and Distributed Systems