Serverless computing relies on extreme multi-tenancy to remain economically viable, driving providers to rely on virtual machines (VMs) that ensure strong isolation and seamless ecosystem compatibility with the FaaS programming model. However, current architectures tightly couple application processing logic with I/O processing, forcing every VM to duplicate a heavy communication fabric (cloud SDK, RPC, and TCP/IP). Our analysis reveals this duplication consumes over 25% of a function's memory footprint, and may double the CPU cycles in VMs compared to bare-metal execution. While prior systems attempt to solve this using WebAssembly or library OSes, they naively sacrifice ecosystem compatibility, forcing developers to migrate code and dependencies to new languages. We introduce Nexus, a serverless-native KVM-based hypervisor that transparently decouples compute from I/O. Nexus shifts the execution model by intercepting communication fabric at the API boundary and offloading it to an always-on host shared backend via zero-copy shared memory. This removes the heavyweight communication fabric from the guest VM, while preserving the conventional serverless programming model. By structurally separating these domains, Nexus unlocks asynchronous I/O optimizations: overlapping input payload prefetching with VM restoration from a snapshot and writing output payloads back to storage off the critical path. Compared to the production baseline, Nexus reduces overall node-level CPU and memory consumption by up to 44% and 31%, respectively, thus increasing deployment density by 37%. Also, Nexus reduces warm- and cold-start latency by 39% and 10%, respectively, bringing the response time within 20% of that of a WASM-based, ecosystem-incompatible hypervisor.

翻译：无服务器计算依赖于极致的多租户特性以保持经济可行性，这促使提供商采用虚拟机（VM）来确保强隔离性及与FaaS编程模型的无缝生态兼容性。然而，当前架构将应用处理逻辑与I/O处理紧密耦合，迫使每个虚拟机复制繁重的通信框架（云SDK、RPC及TCP/IP）。我们的分析表明，这种重复消耗了函数超过25%的内存占用，且可能导致虚拟机CPU周期相比裸机执行翻倍。尽管先前系统尝试使用WebAssembly或库级操作系统解决该问题，但它们天真地牺牲了生态兼容性，迫使开发者将代码和依赖项迁移至新语言。我们提出Nexus——一种基于KVM的无服务器原生虚拟机监控器，通过透明方式解耦计算与I/O。Nexus在API边界拦截通信框架并将其通过零拷贝共享内存卸载至始终在线的宿主机共享后端，从而转变执行模型。这既移除了客户虚拟机中的繁重通信框架，又保留了传统的无服务器编程模型。通过结构分离这两个域，Nexus解锁了异步I/O优化：将输入载荷预取与快照恢复虚拟机重叠，并在关键路径之外将输出载荷写回存储。与生产基线相比，Nexus将节点级CPU和内存消耗分别降低44%和31%，因此部署密度提升37%。此外，Nexus将冷启动和温启动延迟分别降低39%和10%，使响应时间接近基于WASM但生态不兼容的虚拟机监控器（差距在20%以内）。