SlideShare a Scribd company logo

Microservices in Unikernels

Download as PPTX, PDF
M
Madhuri Yechuri

An evaluation of microservices in Unikernels (presented at Microservices and Cloud Native Apps meetup in San Jose on 9/22/16).

Technology
1 of 26
Microservices in Unikernels Rean Griffith, Madhuri Yechuri 1
Agenda Introduction - bios Unikernel Background Developer/DevOps care about Metric Set 1: Application lifecycle overhead CIO cares about Metric Set 2: Application datacenter footprint 2
What is a Unikernel? A single purpose (virtual) appliance (Madhavapeddy et al.) Specialized at compile-time into a standalone kernel A single-process, single address-space runtime environment No fork() No shared memory No IPC Smaller attack surface (potentially) 3 fork() Shared memory Application IPC networking sched Application networking thread sched services vmm vmm
Unikernel Background 4 Unmodified Legacy App support Multi-threaded App support OSv Partial Yes (1: glibc subset, no fork/exec) Yes* (pthread subset) Rumprun Yes* (no fork/execve/sigaction/mmap) Yes (pthread) MirageOS No* (until non-OCAML language bindings are available, no fork/execve) Green threads (event loop) only IncludeOS No Green threads (event loop) only
Developer/DevOps care about Enterprise Application Lifecycle management Developer: Time to build app from source code, preferably unmodified DevOps: Time to configure runtime parameters (ex: TCP port, log file location) DevOps: Time to deploy application DevOps: Qualitative ease of managing+debugging long-running (weeks / months) application 5
App Lifecycle Experiment Environment Machine CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz Memory: 4GB RAM OS: Ubuntu 16.04 LTS Applications Web tier: Nginx Application tier: Tomcat Deployment Options (local image) 6
Metric Set 1: Application Lifecycle Convert Code to Image (Hours) VM 8 (Nginx, Issues: 1 , 2, 3) 8 (Tomcat, Issues with Alpine glibc availability) Container 0 (Nginx) 0 (Tomcat) Unikernel 40 (Nginx, Issues: 1, 2) 4 (Tomcat) 7
Unikernel conversion - ukonvrt Demo 8
Metric Set 1: Application Lifecycle Convert Code to Image (Hours) Start Time (Seconds) VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) Unikernel 40 (Nginx) 0 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 9
Metric Set 1: Application Lifecycle Convert Code to Image (Hours) Start Time (Seconds) Stop Time (Seconds) VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) 7.478 (Nginx) 5.418 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) 0.685 (Nginx) 0.016 (Tomcat) Unikernel 40 (Nginx) 4 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 0.019 (Nginx) 0.006 (Tomcat) 10
Metric Set 1: Application Lifecycle Code to Image (Hours) Start Time (Seconds) Stop Time (Seconds) Debuggability VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) 7.478 (Nginx) 5.418 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) 0.685 (Nginx) 0.016 (Tomcat) Unikernel 40 (Nginx) 4 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 0.019 (Nginx) 0.006 (Tomcat)
CIO cares about Consolidation of applications on finite hardware resources Multi-tenant security isolation amongst applications on a compute node Multi-tenant Resource Management Manageability, Accounting, Auditability Infrastructure Power consumption 12
Metric Set 2: Data center footprint Image Size (MB) VM 143 (Nginx) 447 (Tomcat, Issue 1 - Alpine musl vs glibc) Container 182.8 (Nginx) 357.5 (Tomcat) Unikernel 27.8 (Nginx) 106 (Tomcat)
Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) (/proc/{vboxpid}/status/{VmSize} - Configured) Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) (containerd-shim /proc/{pid}/status/{VmSize}) Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) (/proc/{qemupid}/status/{VmSize} - Configured)
Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) Security (Tenant Isolation) VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) Strong Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) Weak Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) Strong
Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) Security (Tenant Isolation) Resource Knobs VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) Strong Strong (Reservation, Limits) Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) Weak Moderate (Limits) Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) Strong Moderate (knobs available, not used yet)
Customer cares about Application Performance Resource Isolation Security Application high-availability 17
Performance Experiment Environment Machine Lenovo W520, CPU: Intel i7-2760QM CPU 2.40 GHz x 8 logical cores, Memory: 19.5 GB RAM OS: Ubuntu 16.04.1 LTS (64-bit) Deployment Options Linux (host machine) - Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP VM: VirtualBox (v5.1.2) - Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP, 8GB RAM, 4 vCPUs Container: Docker (v1.12.0) - Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP Unikernel: OSv (based on git hash: f53c0c39) - v0.24-176-g2e19ba4 (Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP), 4 vCPUs, 2GB RAM 18
Metric Set 3a: Application Performance (nginx) 19
Metrics Set 3: Throughput Explanation nginx-osv > nginx-linux > nginx-docker > nginx-vm Baseline: 1 thread/client Nginx-linux (bare metal) ~600 requests/sec Nginx-vm slightly lower: expected because the client request needs to traverse two I/O stacks - the hypervisor’s and the Guest OS’s Nginx-docker is close to bare metal: expected since the only thing separating the container from the workload generator is a network bridge Nginx-osv slightly better than bare metal: client requests still have to go through the unikernel’s I/O stack but the I/O stack for OSV was designed to be light/lower-overhead - influenced by a design based on Van Jacobson’s net channels 10 threads Results get slightly more than 10X better (this is mostly because of reductions in average latency - next graph) but the ordering remains the same 20
Metrics Set 3: Response Time Explanation nginx-osv > nginx-linux > nginx-docker > nginx-vm Overall response times between 1ms and 2ms Single thread case ~1.5ms, and 10 thread case < 1.5ms Reduction in response time moving 1 to 10 threads is mostly a result of caching and multiplexing. With multiple threads, more work gets done per-unit time. While thread A is processing the results of a response, thread B, which was waiting, can quickly be given a cached copy of the static file being served. 21
Metric Set 3b Application Performance (Apache Tomcat) 22
Summary Many microservice tools can be deployed in a unikernel Nginx, Tomcat, JVM, Nodejs, Redis, Memcached etc. (list is growing) Performance is comparable Smaller “attack” surface (no extraneous services) Lean network-stack (e.g., OSv) Lean OS (no kernel-userspace crossing, no context-switching, heavy mem mgt etc.,) Opportunities in tooling to help flesh out the workflow for planning or 23
Acknowledgements Thank you! OSv: Nadav Har’El Nirmata: Jim Bugwadia Microservices and Cloud Native Apps Meetup Mike Larkin, Carl Waldspurger, Anne Holler 24
Links Tools: Ukonvrt, ukdctl Rain Workload Toolkit Nginx VirtualBox repo Nginx OSv OSv networking hack Performance evaluation of OSv 25
Q & A Madhuri cosmokramer@gmail.com GitHub: myechuri Rean rean@caa.columbia.edu GitHub: rean 26

Recommended

Unikernels
UnikernelsUnikernels
Unikernelssally.de
 
Unikernels and Cloud Computing
Unikernels and Cloud ComputingUnikernels and Cloud Computing
Unikernels and Cloud ComputingSKORDEMIR
 
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)The Linux Foundation
 
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisXPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisThe Linux Foundation
 
Unikernels Introduction
Unikernels IntroductionUnikernels Introduction
Unikernels IntroductionPradipta Banerjee
 
Présentation d'Unikernel
Présentation d'UnikernelPrésentation d'Unikernel
Présentation d'UnikernelProto204
 
Metrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMetrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMadhuri Yechuri
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernelsMichael Bright
 

Recommended

Unikernels
UnikernelsUnikernels
Unikernelssally.de
 
Unikernels and Cloud Computing
Unikernels and Cloud ComputingUnikernels and Cloud Computing
Unikernels and Cloud ComputingSKORDEMIR
 
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)
Next Generation Cloud: Rise of the Unikernel V3 (UPDATED)The Linux Foundation
 
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisXPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisThe Linux Foundation
 
Unikernels Introduction
Unikernels IntroductionUnikernels Introduction
Unikernels IntroductionPradipta Banerjee
 
Présentation d'Unikernel
Présentation d'UnikernelPrésentation d'Unikernel
Présentation d'UnikernelProto204
 
Metrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMetrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMadhuri Yechuri
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernelsMichael Bright
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker, Inc.
 
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...The Linux Foundation
 
Unik Slides
Unik SlidesUnik Slides
Unik SlidesIdit Levine
 
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)The Linux Foundation
 
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...The Linux Foundation
 
Unikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernelUnikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernelThe Linux Foundation
 
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...Russell Pavlicek
 
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...The Linux Foundation
 
Unikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare MetalUnikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare MetalPivorak MeetUp
 
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...The Linux Foundation
 
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)The Linux Foundation
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016The Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
Unikernelized Linux
Unikernelized LinuxUnikernelized Linux
Unikernelized LinuxLinuxCon ContainerCon CloudOpen China
 
IITCC15: Xen Project 4.6 Update
IITCC15: Xen Project 4.6 UpdateIITCC15: Xen Project 4.6 Update
IITCC15: Xen Project 4.6 UpdateThe Linux Foundation
 
ICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using VirtualizationICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using VirtualizationOmer Khalid
 
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)The Linux Foundation
 
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationIITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
Status of Embedded Linux
Status of Embedded LinuxStatus of Embedded Linux
Status of Embedded LinuxLinuxCon ContainerCon CloudOpen China
 
4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer Day4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer DayKimihiko Kitase
 
ClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptxClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptxBiHongPhc
 
mTCP使ってみた
mTCP使ってみたmTCP使ってみた
mTCP使ってみたHajime Tazaki
 

More Related Content

What's hot

Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker, Inc.
 
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...The Linux Foundation
 
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)The Linux Foundation
 
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...The Linux Foundation
 
Unikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernelUnikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernelThe Linux Foundation
 
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...Russell Pavlicek
 
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...The Linux Foundation
 
Unikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare MetalUnikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare MetalPivorak MeetUp
 
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...The Linux Foundation
 
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)The Linux Foundation
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016The Linux Foundation
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...The Linux Foundation
 
ICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using VirtualizationICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using VirtualizationOmer Khalid
 
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)The Linux Foundation
 
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationIITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationThe Linux Foundation
 
4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer Day4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer DayKimihiko Kitase
 

What's hot (20)

Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
 
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
CIF16: Unikernels, Meet Docker! Containing Unikernels (Richard Mortier, Anil ...
 
Unik Slides
Unik SlidesUnik Slides
Unik Slides
 
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
 
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
 
Unikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernelUnikernel User Summit 2015: Getting started in unikernels using the rump kernel
Unikernel User Summit 2015: Getting started in unikernels using the rump kernel
 
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
 
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
CIF16: Rethinking Foundations for Zero-devops Clouds (Maxim Kharchenko, Cloud...
 
Unikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare MetalUnikernels - Keep It Simple to the Bare Metal
Unikernels - Keep It Simple to the Bare Metal
 
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
Unikernel User Summit 2015: The Next Generation Cloud: Unleashing the Power o...
 
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016
 
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
 
Unikernelized Linux
Unikernelized LinuxUnikernelized Linux
Unikernelized Linux
 
IITCC15: Xen Project 4.6 Update
IITCC15: Xen Project 4.6 UpdateIITCC15: Xen Project 4.6 Update
IITCC15: Xen Project 4.6 Update
 
ICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using VirtualizationICALEPCS 2011: Testing Environments using Virtualization
ICALEPCS 2011: Testing Environments using Virtualization
 
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
CIF16: Solo5: Building a Unikernel Base From Scratch (Dan Williams, IBM)
 
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for InnovationIITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
IITCC15: The Bare-Metal Hypervisor as a Platform for Innovation
 
Status of Embedded Linux
Status of Embedded LinuxStatus of Embedded Linux
Status of Embedded Linux
 
4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer Day4 virtual router CloudStack Developer Day
4 virtual router CloudStack Developer Day
 

Similar to Microservices in Unikernels

ClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptxClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptxBiHongPhc
 
Mpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchMpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchAricent
 
”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016Kuniyasu Suzaki
 
Playing BBR with a userspace network stack
Playing BBR with a userspace network stackPlaying BBR with a userspace network stack
Playing BBR with a userspace network stackHajime Tazaki
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Community
 
Direct Code Execution - LinuxCon Japan 2014
Direct Code Execution - LinuxCon Japan 2014Direct Code Execution - LinuxCon Japan 2014
Direct Code Execution - LinuxCon Japan 2014Hajime Tazaki
 
Evolution of the Windows Kernel Architecture, by Dave Probert
Evolution of the Windows Kernel Architecture, by Dave ProbertEvolution of the Windows Kernel Architecture, by Dave Probert
Evolution of the Windows Kernel Architecture, by Dave Probertyang
 
Supermicro X12 Performance Update
Supermicro X12 Performance UpdateSupermicro X12 Performance Update
Supermicro X12 Performance UpdateRebekah Rodriguez
 
Achieving Performance Isolation with Lightweight Co-Kernels
Achieving Performance Isolation with Lightweight Co-KernelsAchieving Performance Isolation with Lightweight Co-Kernels
Achieving Performance Isolation with Lightweight Co-KernelsJiannan Ouyang, PhD
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...The Linux Foundation
 
Comparison of Open Source Virtualization Technology
Comparison of Open Source Virtualization TechnologyComparison of Open Source Virtualization Technology
Comparison of Open Source Virtualization TechnologyBenoit des Ligneris
 
The Modern Telco Network: Defining The Telco Cloud
The Modern Telco Network: Defining The Telco CloudThe Modern Telco Network: Defining The Telco Cloud
The Modern Telco Network: Defining The Telco CloudMarco Rodrigues
 
Superfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artSuperfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artStefano Salsano
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpJames Denton
 
BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017Kuniyasu Suzaki
 

Similar to Microservices in Unikernels (20)

ClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptxClickOS_EE80777777777777777777777777777.pptx
ClickOS_EE80777777777777777777777777777.pptx
 
mTCP使ってみた
mTCP使ってみたmTCP使ってみた
mTCP使ってみた
 
Mpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-marchMpls conference 2016-data center virtualisation-11-march
Mpls conference 2016-data center virtualisation-11-march
 
”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016”Bare-Metal Container" presented at HPCC2016
”Bare-Metal Container" presented at HPCC2016
 
Playing BBR with a userspace network stack
Playing BBR with a userspace network stackPlaying BBR with a userspace network stack
Playing BBR with a userspace network stack
 
Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph Ceph Day Shanghai - On the Productization Practice of Ceph
Ceph Day Shanghai - On the Productization Practice of Ceph
 
Direct Code Execution - LinuxCon Japan 2014
Direct Code Execution - LinuxCon Japan 2014Direct Code Execution - LinuxCon Japan 2014
Direct Code Execution - LinuxCon Japan 2014
 
Userspace networking
Userspace networkingUserspace networking
Userspace networking
 
Oct2009
Oct2009Oct2009
Oct2009
 
Evolution of the Windows Kernel Architecture, by Dave Probert
Evolution of the Windows Kernel Architecture, by Dave ProbertEvolution of the Windows Kernel Architecture, by Dave Probert
Evolution of the Windows Kernel Architecture, by Dave Probert
 
Supermicro X12 Performance Update
Supermicro X12 Performance UpdateSupermicro X12 Performance Update
Supermicro X12 Performance Update
 
2337610
23376102337610
2337610
 
Mina2
Mina2Mina2
Mina2
 
Achieving Performance Isolation with Lightweight Co-Kernels
Achieving Performance Isolation with Lightweight Co-KernelsAchieving Performance Isolation with Lightweight Co-Kernels
Achieving Performance Isolation with Lightweight Co-Kernels
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
 
Comparison of Open Source Virtualization Technology
Comparison of Open Source Virtualization TechnologyComparison of Open Source Virtualization Technology
Comparison of Open Source Virtualization Technology
 
The Modern Telco Network: Defining The Telco Cloud
The Modern Telco Network: Defining The Telco CloudThe Modern Telco Network: Defining The Telco Cloud
The Modern Telco Network: Defining The Telco Cloud
 
Superfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the artSuperfluid networking for 5G: vision and state of the art
Superfluid networking for 5G: vision and state of the art
 
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack UpPushing Packets - How do the ML2 Mechanism Drivers Stack Up
Pushing Packets - How do the ML2 Mechanism Drivers Stack Up
 
BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017BMC: Bare Metal Container @Open Source Summit Japan 2017
BMC: Bare Metal Container @Open Source Summit Japan 2017
 

Recently uploaded

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Microservices in Unikernels

  • 1. Microservices in Unikernels Rean Griffith, Madhuri Yechuri 1
  • 2. Agenda Introduction - bios Unikernel Background Developer/DevOps care about Metric Set 1: Application lifecycle overhead CIO cares about Metric Set 2: Application datacenter footprint 2
  • 3. What is a Unikernel? A single purpose (virtual) appliance (Madhavapeddy et al.) Specialized at compile-time into a standalone kernel A single-process, single address-space runtime environment No fork() No shared memory No IPC Smaller attack surface (potentially) 3 fork() Shared memory Application IPC networking sched Application networking thread sched services vmm vmm
  • 4. Unikernel Background 4 Unmodified Legacy App support Multi-threaded App support OSv Partial Yes (1: glibc subset, no fork/exec) Yes* (pthread subset) Rumprun Yes* (no fork/execve/sigaction/mmap) Yes (pthread) MirageOS No* (until non-OCAML language bindings are available, no fork/execve) Green threads (event loop) only IncludeOS No Green threads (event loop) only
  • 5. Developer/DevOps care about Enterprise Application Lifecycle management Developer: Time to build app from source code, preferably unmodified DevOps: Time to configure runtime parameters (ex: TCP port, log file location) DevOps: Time to deploy application DevOps: Qualitative ease of managing+debugging long-running (weeks / months) application 5
  • 6. App Lifecycle Experiment Environment Machine CPU: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz Memory: 4GB RAM OS: Ubuntu 16.04 LTS Applications Web tier: Nginx Application tier: Tomcat Deployment Options (local image) 6
  • 7. Metric Set 1: Application Lifecycle Convert Code to Image (Hours) VM 8 (Nginx, Issues: 1 , 2, 3) 8 (Tomcat, Issues with Alpine glibc availability) Container 0 (Nginx) 0 (Tomcat) Unikernel 40 (Nginx, Issues: 1, 2) 4 (Tomcat) 7
  • 8. Unikernel conversion - ukonvrt Demo 8
  • 9. Metric Set 1: Application Lifecycle Convert Code to Image (Hours) Start Time (Seconds) VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) Unikernel 40 (Nginx) 0 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 9
  • 10. Metric Set 1: Application Lifecycle Convert Code to Image (Hours) Start Time (Seconds) Stop Time (Seconds) VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) 7.478 (Nginx) 5.418 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) 0.685 (Nginx) 0.016 (Tomcat) Unikernel 40 (Nginx) 4 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 0.019 (Nginx) 0.006 (Tomcat) 10
  • 11. Metric Set 1: Application Lifecycle Code to Image (Hours) Start Time (Seconds) Stop Time (Seconds) Debuggability VM 8 (Nginx) 8 (Tomcat) 66.557 (Nginx) 68.964 (Tomcat) 7.478 (Nginx) 5.418 (Tomcat) Container 0 (Nginx) 0 (Tomcat) 1.113 (Nginx) 4.1 (Tomcat) 0.685 (Nginx) 0.016 (Tomcat) Unikernel 40 (Nginx) 4 (Tomcat) 0.483 (Nginx) 10 (Tomcat) 0.019 (Nginx) 0.006 (Tomcat)
  • 12. CIO cares about Consolidation of applications on finite hardware resources Multi-tenant security isolation amongst applications on a compute node Multi-tenant Resource Management Manageability, Accounting, Auditability Infrastructure Power consumption 12
  • 13. Metric Set 2: Data center footprint Image Size (MB) VM 143 (Nginx) 447 (Tomcat, Issue 1 - Alpine musl vs glibc) Container 182.8 (Nginx) 357.5 (Tomcat) Unikernel 27.8 (Nginx) 106 (Tomcat)
  • 14. Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) (/proc/{vboxpid}/status/{VmSize} - Configured) Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) (containerd-shim /proc/{pid}/status/{VmSize}) Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) (/proc/{qemupid}/status/{VmSize} - Configured)
  • 15. Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) Security (Tenant Isolation) VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) Strong Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) Weak Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) Strong
  • 16. Metric Set 2: Data center footprint Image Size (MB) Runtime Memory Overhead (MB) Security (Tenant Isolation) Resource Knobs VM 143 (Nginx) 447 (Tomcat) 619 (Nginx) 878 (Tomcat) Strong Strong (Reservation, Limits) Container 182.8 (Nginx) 357.5 (Tomcat) 274.4 (Nginx) 210.5 (Tomcat) Weak Moderate (Limits) Unikernel 7.8 (Nginx) 106 (Tomcat) 1222 (Nginx) 2056 (Tomcat) Strong Moderate (knobs available, not used yet)
  • 17. Customer cares about Application Performance Resource Isolation Security Application high-availability 17
  • 18. Performance Experiment Environment Machine Lenovo W520, CPU: Intel i7-2760QM CPU 2.40 GHz x 8 logical cores, Memory: 19.5 GB RAM OS: Ubuntu 16.04.1 LTS (64-bit) Deployment Options Linux (host machine) - Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP VM: VirtualBox (v5.1.2) - Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP, 8GB RAM, 4 vCPUs Container: Docker (v1.12.0) - Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP Unikernel: OSv (based on git hash: f53c0c39) - v0.24-176-g2e19ba4 (Ubuntu 16.04.1 LTS, Linux kernel: 4.4.0-34-generic #53-Ubuntu SMP), 4 vCPUs, 2GB RAM 18
  • 19. Metric Set 3a: Application Performance (nginx) 19
  • 20. Metrics Set 3: Throughput Explanation nginx-osv > nginx-linux > nginx-docker > nginx-vm Baseline: 1 thread/client Nginx-linux (bare metal) ~600 requests/sec Nginx-vm slightly lower: expected because the client request needs to traverse two I/O stacks - the hypervisor’s and the Guest OS’s Nginx-docker is close to bare metal: expected since the only thing separating the container from the workload generator is a network bridge Nginx-osv slightly better than bare metal: client requests still have to go through the unikernel’s I/O stack but the I/O stack for OSV was designed to be light/lower-overhead - influenced by a design based on Van Jacobson’s net channels 10 threads Results get slightly more than 10X better (this is mostly because of reductions in average latency - next graph) but the ordering remains the same 20
  • 21. Metrics Set 3: Response Time Explanation nginx-osv > nginx-linux > nginx-docker > nginx-vm Overall response times between 1ms and 2ms Single thread case ~1.5ms, and 10 thread case < 1.5ms Reduction in response time moving 1 to 10 threads is mostly a result of caching and multiplexing. With multiple threads, more work gets done per-unit time. While thread A is processing the results of a response, thread B, which was waiting, can quickly be given a cached copy of the static file being served. 21
  • 22. Metric Set 3b Application Performance (Apache Tomcat) 22
  • 23. Summary Many microservice tools can be deployed in a unikernel Nginx, Tomcat, JVM, Nodejs, Redis, Memcached etc. (list is growing) Performance is comparable Smaller “attack” surface (no extraneous services) Lean network-stack (e.g., OSv) Lean OS (no kernel-userspace crossing, no context-switching, heavy mem mgt etc.,) Opportunities in tooling to help flesh out the workflow for planning or 23
  • 24. Acknowledgements Thank you! OSv: Nadav Har’El Nirmata: Jim Bugwadia Microservices and Cloud Native Apps Meetup Mike Larkin, Carl Waldspurger, Anne Holler 24
  • 25. Links Tools: Ukonvrt, ukdctl Rain Workload Toolkit Nginx VirtualBox repo Nginx OSv OSv networking hack Performance evaluation of OSv 25
  • 26. Q & A Madhuri cosmokramer@gmail.com GitHub: myechuri Rean rean@caa.columbia.edu GitHub: rean 26

Editor's Notes

  1. Unikernels: Library Operating Systems for the Cloud - Madhavapeddy et al. (ASPLOS 2013) Note: Mention VENOM attack
  2. Madhuri: Add Tomcat info
  3. Mention ukvm and lkvm work.
  4. Owner: Rean Note: Refer to image size and overhead for cost estimates.
  5. Worker connections = #clients simultaneously served Worker processes * worker connections = anticipated upper limit on reqs/sec Workload version of Rain (git hash b0b29438) Workload configuration files: https://github.com/rean/rain-workload-toolkit/blob/master/config/rain.config.nginx.json (determines workload duration, warm up and warm down) https://github.com/rean/rain-workload-toolkit/blob/master/config/profiles.config.nginx.json (controls the IP address and port, number of threads, workload generator to use)
  6. Experiment description * simple HTTP GET workload, run for 5 minutes (10 sec warmup before, 10 sec rampdown afterwards) x 5 repeats * Load generator and nginx instance run on the same machine so there’s no network jitter. We’re mainly capturing I/O stack overheads/differences * Results reported = average over 5 repeats, error bars are 95% confidence intervals Response time results * 1 thread/client is the baseline case * bare metal (Nginx-linux) ~600 requests/sec, Nginx-vm slightly lower (expected because the client request needs to traverse two I/O stacks - the hypervisor’s and the Guest OS’s), Nginx-docker is close to bare metal (expected since the only thing separating the container from the workload generator is a network bridge), Nginx-osv slightly better than bare metal (client requests still have to go through the unikernel’s I/O stack but the I/O stack for OSV was designed to be light/lower-overhead - influenced by a design based on Van Jacobson’s net channels) * General ordering is nginx-osv > nginx-linux > nginx-docker > nginx-vm * 10 threads * Results get slightly more than 10X better (this is mostly because of reductions in average latency - next graph) but the ordering remains the same nginx-osv > nginx-linux > nginx-docker > nginx-vm Response time results * Overall response times between 1ms and 2ms * Single thread case ~1.5ms, and 10 thread case < 1.5ms * The reduction in response time moving 1 to 10 threads is mostly a result of caching and multiplexing. With multiple threads more work gets done per-unit time. While thread A is processing the results of a response, thread B, which was waiting, can quickly be given a cached copy of the static file being served.
  7. Experiment description * simple HTTP GET workload, run for 5 minutes (10 sec warmup before, 10 sec rampdown afterwards) x 5 repeats * Load generator and nginx instance run on the same machine so there’s no network jitter. We’re mainly capturing I/O stack overheads/differences * Results reported = average over 5 repeats, error bars are 95% confidence intervals
  8. Owner: Rean Summarize: 3 perspectives on what might be important (CIO, developer, customer). Measurements.