Unikernels using include.os

1. Look Ma’ No O.S.
An Introduction to
Unikernels
Ioannis Tsagatakis
Ioannis Stefanis
Msc in Informatics & Multimedia
Department of Informatics Engineering TEI of Crete
Embedded Systems
From bootloader to a REST API with modern C++

2. 2
What is A Unikernel
● A unikernel is a specialised, single address space
machine image constructed by using library
operating systems.
– Run on top of level 1 or 2 hypervisor
– Run in a docker container
– Run in bare metal
● Back in history (batch processing)
Single App in a single (virtual) machine

3. 3
From Apps to Unikernel Apps
● Many layers
● Many memory
transfers
● Many security
checks
● Blocking system
calls
● Dead code
● Complexity

4. 4
But Why ?
● Performance and Size
– A few kilobytes in size, Fast (really fast) boot
– High performance, No content switches
– Easy hardware /software interfaces (POSIX is hard)
● Security and Correctness
– Small attack (and «unique») surface
– No shell. So you crack my app, now what ?
● Cost effective
– Cloud is the new hardware

5. 5
Let’s write an OS
● It’s easy !
– No hardware drivers need it (almost)
● Hypervisor provides a common hardware
● Xen, Qemu, kvm
– No users, no processes, no bosses
● Single address space
● No ring levels, no boundaries, no overhead
– Multiple processes ?
– Update and deployment ?

6. 6
Implementations
● Clean State
– Mirage OS (Ocaml)
– Ling (Erlang)
– HalVM (Haskell)
– Include OS (C++)
– Solo 5
– ClickOS
● Legacy
– Osv
(Tomcat, jetty,
Cassandra ..)
– Rumprun
(MySQL, Ngingx, PHP)
– Clive (Go)
– Runtime.js
UniK

7. 7
Application Domains
● Cloud Computing
● Network Functional Virtualization (NFV)
– Decouple software from hardware
– Ericsson, NEC, Cisco
● IoT
– Build an App not a stripped OS
● Hight Prorformance Computing (HPC)
– Possible, but no implementations yet

8. 8
History
● 1990: Exokernel and Nemesis (Univ Cambridge)
● 2014: Unikernels: Rise of the Virtual Library
Operating System, ACM
● 2015: 7 Unikernel Projects to Take on Docker
● 2017: Mirage OS 3
http://unikernel.org/

9. 9
Use cases
● Cloud Computing (AWS, digital occean, ...)
– A simple static web site
– A memcached appliance
● Iot device
– Simple Web server
– REST Interface
● Custom network appliance
– In a cheap board like Raspberry Pi

10. 10
A simple echo server

11. 11
#include <os>
Demo Time
From bootloader to REST API in 5mins

12. 12
#include <XXX>
Libraries and utilities
● Acorn
– Acorn Web Server Appliance,
built with IncludeOS
● Mana
– IncludeOS C++ Web Application
Framework
● Buttler, Director
– A Mana middleware for serving
static content from a IncludeOS
drive
● Dashboard
– Dashboard back-end module for
IncludeOS Mana framework
● NaCL
● Support Libs
– Botan (TLS), cookie, http, uri,
● Bucket
– A magical bucket with the
power of storing stuff
● Unik
– The Unikernel Compilation
and Deployment Platform

13. 13
Web server demo
● Static content
● REST interface
● Memory DB
● Dashboard
$ git clone https://github.com/hioa­cs/IncludeOS
$ export INCLUDEOS_PREFIX=~/includeos/
$ export PATH=$PATH:$INCLUDEOS_PREFIX/bin
$ cd IncludeOS
$ ./install.sh
$ export CC="clang­3.8"
$ export CXX="clang++­3.8"
$ cd examples/acorm
$ boot –create­bridge .
$ xdg­open http://10.0.0.42/
Host OS -Linux (x86)
qemu (or docker)
Drivers
Include OS
& libs
App Logic
Filesystem
ROM
Memory Store
App Image
4.277K
Don’t Try this at
home

14. 14

15. 15

16. 16

17. 17
More info
● https://github.com/hioa-cs/IncludeOS
● http://www.includeos.org/
● Google it
Let’s have thousands of self-contained,
secure micro services

18. 18
Questions ?