Author of "All you need to know about KVM userspace" here! I am happy that you liked it. Some things have changed since then, some have not...
Red Hat is now shipping Kata Containers, which does not (much to my dismay) use Libvirt, and also KubeVirt which uses Libvirt but not for sandboxing (only to drive QEMU; Kubernetes takes care of the sandboxing by running one VM per pod). But the original architecture is still in use and new users appeared such as cockpit-machine and crun-vm.
Another super interesting project for KVM userspace is libkrun which, among other things, is being used for gaming on Arm Mac's. :)
Firecracker's scope has grown somewhat, in particular it supports snapshots for warm start of VMs.
QEMU's microvm didn't have a huge success but recently Amazon contributed support for running Nitro enclaves in QEMU, which reuses a lot of the microvm code.
Some Rust components have been developed to build virtio devices out of process (for example virtiofsd). QEMU is also experimenting with devices written in Rust, and I expect to have two almost-entirely-safe-Rust devices (converted from C) within a month or two.
We use Ubicloud for our GHA runners, because we have a very extensive test suite and need the extra parallelisation. Extremely easy to roll out from GHA, reduced our CI costs from CircleCI by 80% and we've been very pleased. Thanks for the great product!
On the data plane side, we use different open source components and our choice of programming language depends on them. For example for virtualization, we rely on Linux KVM and the Cloud Hypervisor. The former is in C and the latter in Rust.
The Ruby we write is quite strange by the normal reckoning. In particular, it has 100% branch coverage. Being able to do this affordably is one reason I use it.
A fair number of the dependencies we have also have 100% branch coverage, because I copied the practice, starting about ten years ago, from Jeremy Evans, who maintains a huge number of libraries under that principle. That includes "Sequel," the ORM that I've used for many years and originally copied the practice from, around 2015. You can see the libraries he maintains in this way: http://code.jeremyevans.net/ruby.html. He has joined Ubicloud somewhat recently, so I look forward to getting a sense of how he completes the rest of his rather singular & extraordinary maintenance regime.
To have Ubicloud rest at this standard is my objective. My tendentious claim is as follows: this is higher than any other constellation of libraries I have seen in any programming language. If anyone knows of any constellation of libraries that is more capably and rigorously maintained in any language, let me know. The bar as roughly as follows they need to release every month, or something like that (yes really: https://rubygems.org/gems/sequel/versions/), have a wide interface with your program, and break it no more than once every five years.
It's also not a Rails program, and I have never written or maintained a Rails program in any seriousness, which makes me an odd duck among longtime Ruby programmers.
Is there an actual underlying message to this or is this just wordplay? Don't know much about Ruby, but what I do know doesn't suggest it would make our (already all too "interesting") times even more "interesting".
Author of "All you need to know about KVM userspace" here! I am happy that you liked it. Some things have changed since then, some have not...
Red Hat is now shipping Kata Containers, which does not (much to my dismay) use Libvirt, and also KubeVirt which uses Libvirt but not for sandboxing (only to drive QEMU; Kubernetes takes care of the sandboxing by running one VM per pod). But the original architecture is still in use and new users appeared such as cockpit-machine and crun-vm.
Another super interesting project for KVM userspace is libkrun which, among other things, is being used for gaming on Arm Mac's. :)
Firecracker's scope has grown somewhat, in particular it supports snapshots for warm start of VMs.
QEMU's microvm didn't have a huge success but recently Amazon contributed support for running Nitro enclaves in QEMU, which reuses a lot of the microvm code.
Some Rust components have been developed to build virtio devices out of process (for example virtiofsd). QEMU is also experimenting with devices written in Rust, and I expect to have two almost-entirely-safe-Rust devices (converted from C) within a month or two.
Thank you Paolo — for what was an excellent post, and also for this helpful update!
I've become a huge fan of incus as of late. I do wish it had more out of the box support for some of the firecracker/microvm qemu workflows
Qemu's response to Firecracker is microvm:
https://www.qemu.org/docs/master/system/i386/microvm.html
We use Ubicloud for our GHA runners, because we have a very extensive test suite and need the extra parallelisation. Extremely easy to roll out from GHA, reduced our CI costs from CircleCI by 80% and we've been very pleased. Thanks for the great product!
Ubicloud is built on Ruby, interesting take for 2025.
Yes, it is. :) Our CTO, Daniel, described why we chose Ruby for our control plane in a blog post.
https://www.ubicloud.com/blog/building-infrastructure-contro...
On the data plane side, we use different open source components and our choice of programming language depends on them. For example for virtualization, we rely on Linux KVM and the Cloud Hypervisor. The former is in C and the latter in Rust.
The Ruby we write is quite strange by the normal reckoning. In particular, it has 100% branch coverage. Being able to do this affordably is one reason I use it.
A fair number of the dependencies we have also have 100% branch coverage, because I copied the practice, starting about ten years ago, from Jeremy Evans, who maintains a huge number of libraries under that principle. That includes "Sequel," the ORM that I've used for many years and originally copied the practice from, around 2015. You can see the libraries he maintains in this way: http://code.jeremyevans.net/ruby.html. He has joined Ubicloud somewhat recently, so I look forward to getting a sense of how he completes the rest of his rather singular & extraordinary maintenance regime.
To have Ubicloud rest at this standard is my objective. My tendentious claim is as follows: this is higher than any other constellation of libraries I have seen in any programming language. If anyone knows of any constellation of libraries that is more capably and rigorously maintained in any language, let me know. The bar as roughly as follows they need to release every month, or something like that (yes really: https://rubygems.org/gems/sequel/versions/), have a wide interface with your program, and break it no more than once every five years.
It's also not a Rails program, and I have never written or maintained a Rails program in any seriousness, which makes me an odd duck among longtime Ruby programmers.
May you live in interesting times.
Is there an actual underlying message to this or is this just wordplay? Don't know much about Ruby, but what I do know doesn't suggest it would make our (already all too "interesting") times even more "interesting".
It's an infamous quote: https://en.wikipedia.org/wiki/May_you_live_in_interesting_ti... and likely GP means it due to the yolo attitude of many ruby projects
May the gods give you everything you ask for
ewww
Very good article indeed.it would be great if AWS sold nitro cards for assembling onprem servers. Maybe a new OSS project worth pondering on.
[dead]