Software

Barkhausen Institute: Container insulation rethought with micro cores

January 29, 2025. How can cloud computing meet the increasing demands for security, efficiency and scalability? Researchers from the Barkhausen Institute and TU Dresden have addressed this question in an accessible overview article. This summarizes the findings of their current publication “A Perfect Fit? – Towards Containers on Microkernels”. The article shows how microkernel-based systems could revolutionize container technologies by overcoming the limitations of traditional Linux-based approaches.

Graphic: Barkhausen Institute

Important findings

– What are microkernels?
Microkernels divide basic system functions into smaller, independent components. This reduces complexity and enables robust isolation mechanisms. This distinguishes them from monolithic kernels such as Linux, where all system functions are closely interlinked.
– Why rethink containers?
Containers are essential for the isolation of cloud workloads. However, their dependency on post-integrated mechanisms in Linux increases complexity and poses potential security risks. Microkernel architectures, with their inherent capability-based access control model, offer a more secure and simpler alternative.
– What are the implications of this?
First performance tests show that microkernel-based containers can match or exceed the efficiency of Linux containers – although further testing with real workloads is still pending. These results are particularly relevant for Function-as-a-Service (FaaS) workloads that require fast, lightweight and secure isolation.

Read the full article and original publication on the Kudos research platform.

Authors: The findings are based on the publication “A Perfect Fit? – Towards Containers on Microkernels” by Till Miemietz, Viktor Reusch, Matthias Hille, Max Kurze, Adam Lackorzynski, Michael Roitzsch and Hermann Härtig.

– – – – – –