Ignition is a Serverless Compute Platform designed for speed and absolute security.

While traditional containers share the host kernel (a security risk), Ignition utilizes Firecracker MicroVMs to provide the isolation of a virtual machine with the startup time of a container.

To achieve the strict <100ms latency goal, Ignition abandons the traditional centralized queue model.

Instead of a single global bottleneck, Ignition employs a decentralized scheduling architecture:

• Local Queues: Each worker node manages its own queue of pending function invocations.
• Work Stealing: When a node is idle, it randomly probes other nodes to "steal" tasks, ensuring efficient load balancing without lock contention on a central scheduler.

The system maintains a pool of "warm" MicroVM slots. When a function is invoked, Ignition attaches the user code and network interface via a Tap device in milliseconds.

Every execution occurs in a sterile environment. Egress traffic is strictly controlled via iptables policies to prevent data exfiltration.

• Hypervisor: Firecracker (KVM)
• Control Plane: Go (Golang)
• Communication: gRPC
• Networking: CNI (Container Network Interface)

# Run the cold-start benchmark go run cmd/benchmark/main.go --concurrency 1000 # Output: # P50 Cold Start: 85ms # P99 Cold Start: 110ms