# Firecracker Firecracker is the open-source virtual machine monitor (VMM) from AWS that popularized the [[microVM]]. Written in Rust and built on Linux KVM, it strips the virtual hardware down to the bare minimum so a microVM can boot in around 125ms and run with only a few MB of memory overhead. It powers AWS Lambda and Fargate, where it isolates enormous numbers of short-lived workloads on shared hardware. ## Why it matters Firecracker is the reference answer to "how do I run untrusted code with VM-grade isolation but container-like speed and density". That is exactly the need behind modern agent sandboxes, which is why it shows up as a runtime under [[OpenSandbox]] and as the inspiration (Linux/KVM-only) that [[Docker Sandboxes]] rebuilt cross-platform with its own VMM. ## Compared to - Stronger isolation than shared-kernel containers; lighter than a full VM - A peer of [[gVisor]] (userspace kernel) and [[Kata Containers]] (OCI-compatible microVM runtime) in the strong-isolation space - Apache 2.0 licensed ## Related - [[microVM]] - [[Docker Sandboxes]] - [[OpenSandbox]] - [[gVisor]] - [[Kata Containers]] - [[Containerization]] - [[AI Agents]] - [[Apache 2.0 License]]