In this talk I'll be presenting libkrun, a dynamic library that provides KVM-based process isolation capabilities to other programs. Combined with an OCI runtime, enables podman to run VM-isolated containers. Combined with an HTTP server, it enables it to self-isolate in a compact VM without requiring any additional configuration nor maintenance.
libkrun enables KVM to go beyond the realm of traditional virtualization providing a novel approach to the concept of lightweight and compact VMs.
Video Stream