Firecracker has more tooling for the orchestration layer that manages many sandboxes at once. Stuff like K8S integration, an external REST API control plane, more first-class support for snapshotting, etc.

You'd have to build more of that with libkrun

The core tech of both are great though.

That's super interesting - have you written up anything on this? I'd love to read it.

libkrun is not production ready compared to Firecracker which the latter is used in 99.9% of many companies.