# microVM A microVM is a lightweight virtual machine with a minimal device model and a stripped-down virtual machine monitor (VMM), built to boot in milliseconds and run with very little memory overhead. It gives you the hardware-level isolation of a full VM (its own kernel, enforced by the CPU's virtualization extensions) without the slow cold starts and heavy footprint that made VMs impractical for short-lived, high-density workloads. ## Why it matters The classic isolation tradeoff: containers are fast but share the host kernel (a weaker boundary), while full VMs are strongly isolated but slow and heavy. microVMs collapse that tradeoff. They are the technology of choice for running untrusted or AI-generated code safely at scale, which is why they sit under modern agent sandboxes (see [[AI Agents]]). ## Where it shows up - **Firecracker**: the open-source VMM from AWS that popularized the term; powers AWS Lambda and Fargate - **[[Docker Sandboxes]]**: a custom cross-platform VMM giving each agent session its own microVM - **[[OpenSandbox]]**: offers Firecracker (and gVisor, Kata Containers) as hardened runtime backends - General building block alongside Cloud Hypervisor, QEMU microvm, and KVM ## Related concepts Sits between [[Containerization|containers]] (shared kernel) and full VMs (dedicated everything). Compare with gVisor and Kata Containers (other strong-isolation runtimes), and [[WebAssembly System Interface (WASI)|WASM/WASI]] (a different, language-level sandboxing approach). ## Related - [[Firecracker]] - [[gVisor]] - [[Kata Containers]] - [[Docker Sandboxes]] - [[OpenSandbox]] - [[Containerization]] - [[AI Agents]] - [[Agentic Engineering]] - [[Cloudflare Sandbox SDK]] - [[Vercel Sandboxes]]