SlideShare a Scribd company logo
1 of 19
Download to read offline
© 2019 UNICORE
@jordiguijarro - UNICORE DESIGN WP LEADER
May 2019 – Barcelona OpenNebula Tech Day
Unikernels POWER
© 2019 UNICORE
• We are in DevOps era
• quickly developing, upgrading and deploying applications is at the
core of the new IT industry
• Software is more and more massively running on shared
hardware
• efficiency but also need for isolation, lightweight sw image footprints,
• fast boot, etc.
• Standard VMs can be heavy load (image size, excessive
memory and disk space, long boot time)
• Containers are faster, but offer poor isolation 
The problem...
UNIKERNELS (lightweight VM) can be the
solution
© 2019 UNICORE
Symbolic execution,
deterministic
execution,
NFV use case
Project Coordinator
Host infrastructure in
support
of unikernels (containers,
VMs)
WP4 leader
Microlibraries, build system,
performance tools
Technical Coordinator & WP3
leader
Deterministic
execution support,
smart contracts use
case
Microlibraries,
APIs, security
primitives,
performance
tool
System reqs,
NFV use case
(5G vRAN)
Systems security
and safety
primitives
NFV use cases,
industrial
exploitation
NFV use
case
Home automation / IoT
use case
WP6 leader
Testbeds/infrastructure,
tools integration,
serverless use case
WP2 leader
Serverless
/ IoT use
cases
Consortium
© 2019 UNICORE
Unikernels‘ Potential
▌Fast instantiation, destruction and migration time
▌10s of milliseconds or less (and as little as 2.3ms)
(LigthVM [Manco SOSP 2017], Jitsu [Madhvapeddy, NSDI 2015])
▌Low memory footprint
Few MBs of RAM or less (ClickOS [Martins NSDI 2014])
▌High density
8k guests on a singlex86 server (LigthVM [Manco SOSP 2017])
▌High Performance
▌10-40Gbit/s throughput with a single guest CPU
(ClickOS [Martins NSDI 2014], Elastic CDNs [Kuenzer VEE 2017])
▌Reduced attack surface
Small trusted compute base
Strong isolation by hypervisor
• Today, each optimized unikernel is manually built
• Image build takes several months or longer
• Wash, rinse, repeat for each target application
• Need for significant expert resources on OS, computer systems,
kernel, etc.
The (Big) Downside with Unikernels
© 2019 UNICORE
UNICORE is developing tools to enable lightweight VM development to be
as easy as compiling an app for an existing OS
UNICORE will release an open-source toolchain to enable secure and
portable unikernel development
Developing unikernel based applications will be reduced to slight changes in the app
Makefile, choosing from a menu of available implementations for the required system
functionality, and compiling the app
UNICORE can unleash the use of next generation of cloud computing
services and technologies
UNICORE in a nutshell
© 2019 UNICORE
Unicore Tool Ecosystem
© 2019 UNICORE
Project Objectives
Unikerne
l
toolchain Objective 1: Fine-Grained OS Decomposition and Code Re-use
 Objective 2: Automated, Multi-platform Unikernel Construction
 Objective 3: Automated Unikernel Verification, Security and
Safety
 Objective 4: Automated Unikernel Performance Optimization
Use
Cases
 Objective 5: Efficient Serverless Computing in Clouds
 Objective 6: Efficient and Secure NFV Deployment
 Objective 7: Privacy-aware, Cheap IoT Platform Cloud
Offloading
 Objective 8: Secure, Deterministic Smart Contracts
Impact
achieve
ment
 Objective 9: Foster Market Adoption for Unikernels
 Objective 10: Time-to-Market Reduction for Secure
Software Development and Deployment
© 2019 UNICORE
Work breakdown
WP1: Project Management
WP6:ExploitationandDissemination
H2020
projects
Open
source
WP2:
Platform
Design and
Evaluation
WP3: Core
Implementati
on
WP4:
Toolstack
Implementati
on
WP5: Unikernels in Practice
Serverless
computing –
lambda services
Home
automation/Io
T
NFV/MEC/RA
N
virtualization
Smart
contracts
Industrial
exploitati
on
dissemina
tion
• Rationale: Current implementations of serverless computing
platforms either use containers (being thus insecure) or rely on full
blown VMs which makes them highly inefficient (e.g. Amazon EC2’s
lambda services)
• Goal: Use UNICORE technology and APIs to enable novel
serverless computing
• Develop a lambda services offering based on UNICORE and
execute trial in Barcelona, providing services (web crawling and
video transcoding functions) to citizens and especially to the
university and research community
• Integrate unikernels in PacketCloud, an edge serverless computing
platform developed by Correct Networks, and use UNICORE tools
to develop a unikernel to run lambda functions written in Node.js
• Target TRL: 7-8
UNICORE Use Case
Serverless Computing for novel cloud platforms
© 2019 UNICORE
Unikraft & OpenNebula
First steps...
© 2019 UNICORE
Demo Scenario
Unikraft & OpenNebula
Intel(R) Xeon(R) CPU E5540 @ 2.53GHz
36 GB RAM
© 2019 UNICORE
Build First Unikernel for KVM
https://github.com/sysml/ucc-unikraft/wiki
Use docker to build the image:
https://hub.docker.com/_/gcc/
Unikraft & OpenNebula
docker run --rm -v "$(pwd)"/myapp:/usr/src -w /usr/src/apps/helloworld gcc:latest
bash -c make
© 2019 UNICORE
Upload the image to Files & Kernels Datastore
Unikraft & OpenNebula
© 2019 UNICORE
Update VM Template with the kernel image
Unikraft & OpenNebula
© 2019 UNICORE
Instantiate a VM Template
Unikraft & OpenNebula
© 2019 UNICORE
Automating deployments with Terraform:
Running 1, 5, 10, 25 and 50 unikernels...
Unikraft & OpenNebula
© 2019 UNICORE
The default scheduler takes 54’’ to deploy 50
unikernels.
It’s the time to execute the terraform plan using the XML-
RPC API
#1
terraform apply unikraft 0,18s user 0,07s system 2% cpu 10,275 total
#5
terraform apply unikraft 0,24s user 0,06s system 2% cpu 10,429 total
#10
terraform apply unikraft 0,42s user 0,16s system 4% cpu 13,458 total
#25
terraform apply unikraft 1,07s user 0,30s system 4% cpu 30,894 total
#50
terraform apply unikraft 2,12s user 0,55s system 4% cpu 54,445 total
Unikraft & OpenNebula
10.28 10.43 13.46 30.89 54.45
0
10
20
30
40
50
60
unikernels
© 2019 UNICORE
www.linkedin.com/groups/8752067
info@unicore-project.eu
@unicore_project
This project has received funding from the European Union's Horizon
2020 research and innovation programme under grant agreement No

More Related Content

Similar to The UNICORE Project: Unikraft and OpenNebula

Unik: Unikernel Backend to Cloud Foundry
Unik: Unikernel Backend to Cloud FoundryUnik: Unikernel Backend to Cloud Foundry
Unik: Unikernel Backend to Cloud FoundryVMware Tanzu
 
Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation SummitIdit Levine
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Idit Levine
 
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...Infosecurity2010
 
Container Ecosystem and Docker Technology
Container Ecosystem and Docker TechnologyContainer Ecosystem and Docker Technology
Container Ecosystem and Docker Technologyijtsrd
 
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez Blanco
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez BlancoOSDC 2012 | OpenNebula Tutorial by Constantino Vazquez Blanco
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez BlancoNETWAYS
 
Unikernel Hands-on tutorial
Unikernel Hands-on tutorialUnikernel Hands-on tutorial
Unikernel Hands-on tutorialUNICORE_project
 
"Current and Planned Standards for Computer Vision and Machine Learning," a P...
"Current and Planned Standards for Computer Vision and Machine Learning," a P..."Current and Planned Standards for Computer Vision and Machine Learning," a P...
"Current and Planned Standards for Computer Vision and Machine Learning," a P...Edge AI and Vision Alliance
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker, Inc.
 
如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备Rex Tsai
 
Demo: The First Virtualized Phone
Demo: The First Virtualized PhoneDemo: The First Virtualized Phone
Demo: The First Virtualized PhoneOpen Kernel Labs
 
Strata - Scaling Jupyter with Jupyter Enterprise Gateway
Strata - Scaling Jupyter with Jupyter Enterprise GatewayStrata - Scaling Jupyter with Jupyter Enterprise Gateway
Strata - Scaling Jupyter with Jupyter Enterprise GatewayLuciano Resende
 
nokia and opensource n800
nokia and opensource n800nokia and opensource n800
nokia and opensource n800winsopc
 
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...The Linux Foundation
 
Network Function Virtualisation: a tutorial
Network Function Virtualisation: a tutorialNetwork Function Virtualisation: a tutorial
Network Function Virtualisation: a tutorialAPNIC
 
IoT - Innovating without compromising security
IoT - Innovating without compromising securityIoT - Innovating without compromising security
IoT - Innovating without compromising securityVictor Tuson Palau
 
Kubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationKubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationCloud Standards Customer Council
 

Similar to The UNICORE Project: Unikraft and OpenNebula (20)

Craft april17
Craft april17Craft april17
Craft april17
 
Unik: Unikernel Backend to Cloud Foundry
Unik: Unikernel Backend to Cloud FoundryUnik: Unikernel Backend to Cloud Foundry
Unik: Unikernel Backend to Cloud Foundry
 
Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation Summit
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
 
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...
Nick Barcet, Open Source tijdens Infosecurity.nl Storage Expo en Tooling Even...
 
Container Ecosystem and Docker Technology
Container Ecosystem and Docker TechnologyContainer Ecosystem and Docker Technology
Container Ecosystem and Docker Technology
 
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez Blanco
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez BlancoOSDC 2012 | OpenNebula Tutorial by Constantino Vazquez Blanco
OSDC 2012 | OpenNebula Tutorial by Constantino Vazquez Blanco
 
Unikernel Hands-on tutorial
Unikernel Hands-on tutorialUnikernel Hands-on tutorial
Unikernel Hands-on tutorial
 
Unikernel Hands-on tutorial
Unikernel Hands-on tutorialUnikernel Hands-on tutorial
Unikernel Hands-on tutorial
 
"Current and Planned Standards for Computer Vision and Machine Learning," a P...
"Current and Planned Standards for Computer Vision and Machine Learning," a P..."Current and Planned Standards for Computer Vision and Machine Learning," a P...
"Current and Planned Standards for Computer Vision and Machine Learning," a P...
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
 
如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备如何在 Ubuntu 上更快、更便捷地部署物联网设备
如何在 Ubuntu 上更快、更便捷地部署物联网设备
 
Demo: The First Virtualized Phone
Demo: The First Virtualized PhoneDemo: The First Virtualized Phone
Demo: The First Virtualized Phone
 
Strata - Scaling Jupyter with Jupyter Enterprise Gateway
Strata - Scaling Jupyter with Jupyter Enterprise GatewayStrata - Scaling Jupyter with Jupyter Enterprise Gateway
Strata - Scaling Jupyter with Jupyter Enterprise Gateway
 
nokia and opensource n800
nokia and opensource n800nokia and opensource n800
nokia and opensource n800
 
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...
OSSEU18: From Handcraft to Unikraft: Simpler Unikernelization of Your Applica...
 
Network Function Virtualisation: a tutorial
Network Function Virtualisation: a tutorialNetwork Function Virtualisation: a tutorial
Network Function Virtualisation: a tutorial
 
Unik Slides
Unik SlidesUnik Slides
Unik Slides
 
IoT - Innovating without compromising security
IoT - Innovating without compromising securityIoT - Innovating without compromising security
IoT - Innovating without compromising security
 
Kubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing FoundationKubernetes and Container Technologies from Cloud Native Computing Foundation
Kubernetes and Container Technologies from Cloud Native Computing Foundation
 

More from OpenNebula Project

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebula Project
 
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...OpenNebula Project
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebula Project
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebula Project
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebula Project
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebula Project
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebula Project
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebula Project
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaOpenNebula Project
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItOpenNebula Project
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula Project
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHOpenNebula Project
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayOpenNebula Project
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaOpenNebula Project
 
NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10OpenNebula Project
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud EnvironmentsOpenNebula Project
 
CheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaCheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaOpenNebula Project
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaOpenNebula Project
 

More from OpenNebula Project (20)

OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
OpenNebulaConf2019 - Welcome and Project Update - Ignacio M. Llorente, Rubén ...
 
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
OpenNebulaConf2019 - Building Virtual Environments for Security Analyses of C...
 
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
OpenNebulaConf2019 - CORD and Edge computing with OpenNebula - Alfonso Aureli...
 
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
OpenNebulaConf2019 - 6 years (+) OpenNebula - Lessons learned - Sebastian Man...
 
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
OpenNebulaConf2019 - Performant and Resilient Storage the Open Source & Linux...
 
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAFOpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
OpenNebulaConf2019 - Image Backups in OpenNebula - Momčilo Medić - ITAF
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
OpenNebulaConf2019 - Crytek: A Video gaming Edge Implementation "on the shoul...
 
Replacing vCloud with OpenNebula
Replacing vCloud with OpenNebulaReplacing vCloud with OpenNebula
Replacing vCloud with OpenNebula
 
NTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do ItNTS: What We Do With OpenNebula - and Why We Do It
NTS: What We Do With OpenNebula - and Why We Do It
 
OpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISPOpenNebula from the Perspective of an ISP
OpenNebula from the Perspective of an ISP
 
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbHNTS CAPTAIN / OpenNebula at Julius Blum GmbH
NTS CAPTAIN / OpenNebula at Julius Blum GmbH
 
Performant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux WayPerformant and Resilient Storage: The Open Source & Linux Way
Performant and Resilient Storage: The Open Source & Linux Way
 
NetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebulaNetApp Hybrid Cloud with OpenNebula
NetApp Hybrid Cloud with OpenNebula
 
NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10NSX with OpenNebula - upcoming 5.10
NSX with OpenNebula - upcoming 5.10
 
Security for Private Cloud Environments
Security for Private Cloud EnvironmentsSecurity for Private Cloud Environments
Security for Private Cloud Environments
 
CheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebulaCheckPoint R80.30 Installation on OpenNebula
CheckPoint R80.30 Installation on OpenNebula
 
DE-CIX: CloudConnectivity
DE-CIX: CloudConnectivityDE-CIX: CloudConnectivity
DE-CIX: CloudConnectivity
 
DDC Demo
DDC DemoDDC Demo
DDC Demo
 
Cloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebulaCloud Disaggregation with OpenNebula
Cloud Disaggregation with OpenNebula
 

Recently uploaded

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 

Recently uploaded (20)

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 

The UNICORE Project: Unikraft and OpenNebula

  • 1. © 2019 UNICORE @jordiguijarro - UNICORE DESIGN WP LEADER May 2019 – Barcelona OpenNebula Tech Day Unikernels POWER
  • 2. © 2019 UNICORE • We are in DevOps era • quickly developing, upgrading and deploying applications is at the core of the new IT industry • Software is more and more massively running on shared hardware • efficiency but also need for isolation, lightweight sw image footprints, • fast boot, etc. • Standard VMs can be heavy load (image size, excessive memory and disk space, long boot time) • Containers are faster, but offer poor isolation  The problem... UNIKERNELS (lightweight VM) can be the solution
  • 3. © 2019 UNICORE Symbolic execution, deterministic execution, NFV use case Project Coordinator Host infrastructure in support of unikernels (containers, VMs) WP4 leader Microlibraries, build system, performance tools Technical Coordinator & WP3 leader Deterministic execution support, smart contracts use case Microlibraries, APIs, security primitives, performance tool System reqs, NFV use case (5G vRAN) Systems security and safety primitives NFV use cases, industrial exploitation NFV use case Home automation / IoT use case WP6 leader Testbeds/infrastructure, tools integration, serverless use case WP2 leader Serverless / IoT use cases Consortium
  • 4. © 2019 UNICORE Unikernels‘ Potential ▌Fast instantiation, destruction and migration time ▌10s of milliseconds or less (and as little as 2.3ms) (LigthVM [Manco SOSP 2017], Jitsu [Madhvapeddy, NSDI 2015]) ▌Low memory footprint Few MBs of RAM or less (ClickOS [Martins NSDI 2014]) ▌High density 8k guests on a singlex86 server (LigthVM [Manco SOSP 2017]) ▌High Performance ▌10-40Gbit/s throughput with a single guest CPU (ClickOS [Martins NSDI 2014], Elastic CDNs [Kuenzer VEE 2017]) ▌Reduced attack surface Small trusted compute base Strong isolation by hypervisor
  • 5. • Today, each optimized unikernel is manually built • Image build takes several months or longer • Wash, rinse, repeat for each target application • Need for significant expert resources on OS, computer systems, kernel, etc. The (Big) Downside with Unikernels
  • 6. © 2019 UNICORE UNICORE is developing tools to enable lightweight VM development to be as easy as compiling an app for an existing OS UNICORE will release an open-source toolchain to enable secure and portable unikernel development Developing unikernel based applications will be reduced to slight changes in the app Makefile, choosing from a menu of available implementations for the required system functionality, and compiling the app UNICORE can unleash the use of next generation of cloud computing services and technologies UNICORE in a nutshell
  • 7. © 2019 UNICORE Unicore Tool Ecosystem
  • 8. © 2019 UNICORE Project Objectives Unikerne l toolchain Objective 1: Fine-Grained OS Decomposition and Code Re-use  Objective 2: Automated, Multi-platform Unikernel Construction  Objective 3: Automated Unikernel Verification, Security and Safety  Objective 4: Automated Unikernel Performance Optimization Use Cases  Objective 5: Efficient Serverless Computing in Clouds  Objective 6: Efficient and Secure NFV Deployment  Objective 7: Privacy-aware, Cheap IoT Platform Cloud Offloading  Objective 8: Secure, Deterministic Smart Contracts Impact achieve ment  Objective 9: Foster Market Adoption for Unikernels  Objective 10: Time-to-Market Reduction for Secure Software Development and Deployment
  • 9. © 2019 UNICORE Work breakdown WP1: Project Management WP6:ExploitationandDissemination H2020 projects Open source WP2: Platform Design and Evaluation WP3: Core Implementati on WP4: Toolstack Implementati on WP5: Unikernels in Practice Serverless computing – lambda services Home automation/Io T NFV/MEC/RA N virtualization Smart contracts Industrial exploitati on dissemina tion
  • 10. • Rationale: Current implementations of serverless computing platforms either use containers (being thus insecure) or rely on full blown VMs which makes them highly inefficient (e.g. Amazon EC2’s lambda services) • Goal: Use UNICORE technology and APIs to enable novel serverless computing • Develop a lambda services offering based on UNICORE and execute trial in Barcelona, providing services (web crawling and video transcoding functions) to citizens and especially to the university and research community • Integrate unikernels in PacketCloud, an edge serverless computing platform developed by Correct Networks, and use UNICORE tools to develop a unikernel to run lambda functions written in Node.js • Target TRL: 7-8 UNICORE Use Case Serverless Computing for novel cloud platforms
  • 11. © 2019 UNICORE Unikraft & OpenNebula First steps...
  • 12. © 2019 UNICORE Demo Scenario Unikraft & OpenNebula Intel(R) Xeon(R) CPU E5540 @ 2.53GHz 36 GB RAM
  • 13. © 2019 UNICORE Build First Unikernel for KVM https://github.com/sysml/ucc-unikraft/wiki Use docker to build the image: https://hub.docker.com/_/gcc/ Unikraft & OpenNebula docker run --rm -v "$(pwd)"/myapp:/usr/src -w /usr/src/apps/helloworld gcc:latest bash -c make
  • 14. © 2019 UNICORE Upload the image to Files & Kernels Datastore Unikraft & OpenNebula
  • 15. © 2019 UNICORE Update VM Template with the kernel image Unikraft & OpenNebula
  • 16. © 2019 UNICORE Instantiate a VM Template Unikraft & OpenNebula
  • 17. © 2019 UNICORE Automating deployments with Terraform: Running 1, 5, 10, 25 and 50 unikernels... Unikraft & OpenNebula
  • 18. © 2019 UNICORE The default scheduler takes 54’’ to deploy 50 unikernels. It’s the time to execute the terraform plan using the XML- RPC API #1 terraform apply unikraft 0,18s user 0,07s system 2% cpu 10,275 total #5 terraform apply unikraft 0,24s user 0,06s system 2% cpu 10,429 total #10 terraform apply unikraft 0,42s user 0,16s system 4% cpu 13,458 total #25 terraform apply unikraft 1,07s user 0,30s system 4% cpu 30,894 total #50 terraform apply unikraft 2,12s user 0,55s system 4% cpu 54,445 total Unikraft & OpenNebula 10.28 10.43 13.46 30.89 54.45 0 10 20 30 40 50 60 unikernels
  • 19. © 2019 UNICORE www.linkedin.com/groups/8752067 info@unicore-project.eu @unicore_project This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No