SlideShare a Scribd company logo

Unikernels

Download as ODP, PDF
J
jtsagata

This document provides an introduction to unikernels. It defines a unikernel as a specialised, single address space machine image constructed using library operating systems that can run on hypervisors, in docker containers, or directly on hardware. Unikernels are described as being small in size, fast booting, and high performance since they avoid context switches and have a minimal attack surface. Examples of unikernel implementations and applications are given, such as using unikernels for cloud computing, network functions virtualization, IoT, and high performance computing. The document then demonstrates building a simple echo web server unikernel in 5 minutes using the IncludeOS libraries and tools.

1 of 18
Look Ma’ No O.S. An Introduction to Unikernels Ioannis Tsagatakis Ioannis Stefanis Msc in Informatics & Multimedia Department of Informatics Engineering TEI of Crete Embedded Systems From bootloader to a REST API with modern C++
2 What is A Unikernel ● A unikernel is a specialised, single address space machine image constructed by using library operating systems. – Run on top of level 1 or 2 hypervisor – Run in a docker container – Run in bare metal ● Back in history (batch processing) Single App in a single (virtual) machine
3 From Apps to Unikernel Apps ● Many layers ● Many memory transfers ● Many security checks ● Blocking system calls ● Dead code ● Complexity
4 But Why ? ● Performance and Size – A few kilobytes in size, Fast (really fast) boot – High performance, No content switches – Easy hardware /software interfaces (POSIX is hard) ● Security and Correctness – Small attack (and «unique») surface – No shell. So you crack my app, now what ? ● Cost effective – Cloud is the new hardware
5 Let’s write an OS ● It’s easy ! – No hardware drivers need it (almost) ● Hypervisor provides a common hardware ● Xen, Qemu, kvm – No users, no processes, no bosses ● Single address space ● No ring levels, no boundaries, no overhead – Multiple processes ? – Update and deployment ?
6 Implementations ● Clean State – Mirage OS (Ocaml) – Ling (Erlang) – HalVM (Haskell) – Include OS (C++) – Solo 5 – ClickOS ● Legacy – Osv (Tomcat, jetty, Cassandra ..) – Rumprun (MySQL, Ngingx, PHP) – Clive (Go) – Runtime.js UniK
7 Application Domains ● Cloud Computing ● Network Functional Virtualization (NFV) – Decouple software from hardware – Ericsson, NEC, Cisco ● IoT – Build an App not a stripped OS ● Hight Prorformance Computing (HPC) – Possible, but no implementations yet
8 History ● 1990: Exokernel and Nemesis (Univ Cambridge) ● 2014: Unikernels: Rise of the Virtual Library Operating System, ACM ● 2015: 7 Unikernel Projects to Take on Docker ● 2017: Mirage OS 3 http://unikernel.org/
9 Use cases ● Cloud Computing (AWS, digital occean, ...) – A simple static web site – A memcached appliance ● Iot device – Simple Web server – REST Interface ● Custom network appliance – In a cheap board like Raspberry Pi
10 A simple echo server
11 #include <os> Demo Time From bootloader to REST API in 5mins
12 #include <XXX> Libraries and utilities ● Acorn – Acorn Web Server Appliance, built with IncludeOS ● Mana – IncludeOS C++ Web Application Framework ● Buttler, Director – A Mana middleware for serving static content from a IncludeOS drive ● Dashboard – Dashboard back-end module for IncludeOS Mana framework ● NaCL ● Support Libs – Botan (TLS), cookie, http, uri, ● Bucket – A magical bucket with the power of storing stuff ● Unik – The Unikernel Compilation and Deployment Platform
13 Web server demo ● Static content ● REST interface ● Memory DB ● Dashboard $ git clone https://github.com/hioa­cs/IncludeOS $ export INCLUDEOS_PREFIX=~/includeos/ $ export PATH=$PATH:$INCLUDEOS_PREFIX/bin $ cd IncludeOS $ ./install.sh $ export CC="clang­3.8" $ export CXX="clang++­3.8" $ cd examples/acorm $ boot –create­bridge . $ xdg­open http://10.0.0.42/ Host OS -Linux (x86) qemu (or docker) Drivers Include OS & libs App Logic Filesystem ROM Memory Store App Image 4.277K Don’t Try this at home
14
15
16
17 More info ● https://github.com/hioa-cs/IncludeOS ● http://www.includeos.org/ ● Google it Let’s have thousands of self-contained, secure micro services
18 Questions ?

Recommended

Unikernels Introduction
Unikernels IntroductionUnikernels Introduction
Unikernels Introduction
Pradipta Banerjee
 
Continous UI testing with Espresso and Jenkins
Continous UI testing with Espresso and JenkinsContinous UI testing with Espresso and Jenkins
Continous UI testing with Espresso and Jenkins
Sylwester Madej
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
MANAOUIL Karim
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basics
Sourabh Saxena
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS
Akihiro Suda
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Sparkbit
 
A la découverte de kubernetes
A la découverte de kubernetesA la découverte de kubernetes
A la découverte de kubernetes
Julien Maitrehenry
 
Building mobile app with Ionic Framework
Building mobile app with Ionic FrameworkBuilding mobile app with Ionic Framework
Building mobile app with Ionic Framework
Huy Trần
 

Recommended

Unikernels Introduction
Unikernels IntroductionUnikernels Introduction
Unikernels Introduction
Pradipta Banerjee
 
Continous UI testing with Espresso and Jenkins
Continous UI testing with Espresso and JenkinsContinous UI testing with Espresso and Jenkins
Continous UI testing with Espresso and Jenkins
Sylwester Madej
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
MANAOUIL Karim
 
Dockers and containers basics
Dockers and containers basicsDockers and containers basics
Dockers and containers basics
Sourabh Saxena
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS
Akihiro Suda
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Sparkbit
 
A la découverte de kubernetes
A la découverte de kubernetesA la découverte de kubernetes
A la découverte de kubernetes
Julien Maitrehenry
 
Building mobile app with Ionic Framework
Building mobile app with Ionic FrameworkBuilding mobile app with Ionic Framework
Building mobile app with Ionic Framework
Huy Trần
 
Hybrid mobile app
Hybrid mobile appHybrid mobile app
Hybrid mobile app
Palani Kumar
 
Red Hat Container Strategy
Red Hat Container StrategyRed Hat Container Strategy
Red Hat Container Strategy
Red Hat Events
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
Dongwon Kim
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
dotCloud
 
Introduction to Mobile Application Development
Introduction to Mobile Application DevelopmentIntroduction to Mobile Application Development
Introduction to Mobile Application Developmentshikishiji
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
Krishna-Kumar
 
Qemu
QemuQemu
QemuKoganti Ravikumar
 
Modul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With AnsibleModul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With Ansible
I Putu Hariyadi
 
Ionic in 30
Ionic in 30Ionic in 30
Ionic in 30
Ionic Framework
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on Kubernetes
Opsta
 
Google Firebase presentation - English
Google Firebase presentation - EnglishGoogle Firebase presentation - English
Google Firebase presentation - English
Alexandros Tsichouridis
 
Les tests behat par la pratique
Les tests behat par la pratiqueLes tests behat par la pratique
Les tests behat par la pratique
Guilhem Bourgoin
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloud
Innfinision Cloud and BigData Solutions
 
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Edureka!
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
Jeeva Chelladhurai
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Frederik Mogensen
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
DLT Solutions
 
이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오
Lee ByeongCheol
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Pubudu Jayawardana
 
Unikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy WayUnikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy Way
ScyllaDB
 
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Kento Aoyama
 

More Related Content

What's hot

Hybrid mobile app
Hybrid mobile appHybrid mobile app
Hybrid mobile app
Palani Kumar
 
Red Hat Container Strategy
Red Hat Container StrategyRed Hat Container Strategy
Red Hat Container Strategy
Red Hat Events
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
Dongwon Kim
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
dotCloud
 
Introduction to Mobile Application Development
Introduction to Mobile Application DevelopmentIntroduction to Mobile Application Development
Introduction to Mobile Application Developmentshikishiji
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
Krishna-Kumar
 
Modul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With AnsibleModul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With Ansible
I Putu Hariyadi
 
Ionic in 30
Ionic in 30Ionic in 30
Ionic in 30
Ionic Framework
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on Kubernetes
Opsta
 
Google Firebase presentation - English
Google Firebase presentation - EnglishGoogle Firebase presentation - English
Google Firebase presentation - English
Alexandros Tsichouridis
 
Les tests behat par la pratique
Les tests behat par la pratiqueLes tests behat par la pratique
Les tests behat par la pratique
Guilhem Bourgoin
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloud
Innfinision Cloud and BigData Solutions
 
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Edureka!
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
Jeeva Chelladhurai
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Frederik Mogensen
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
DLT Solutions
 
이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오
Lee ByeongCheol
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Pubudu Jayawardana
 

What's hot (20)

Hybrid mobile app
Hybrid mobile appHybrid mobile app
Hybrid mobile app
 
Red Hat Container Strategy
Red Hat Container StrategyRed Hat Container Strategy
Red Hat Container Strategy
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
Introduction to Mobile Application Development
Introduction to Mobile Application DevelopmentIntroduction to Mobile Application Development
Introduction to Mobile Application Development
 
Containers and workload security an overview
Containers and workload security an overview Containers and workload security an overview
Containers and workload security an overview
 
Qemu
QemuQemu
Qemu
 
Modul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With AnsibleModul One Day Workshop Proxmox Automation With Ansible
Modul One Day Workshop Proxmox Automation With Ansible
 
Ionic in 30
Ionic in 30Ionic in 30
Ionic in 30
 
Deploy Application on Kubernetes
Deploy Application on KubernetesDeploy Application on Kubernetes
Deploy Application on Kubernetes
 
Google Firebase presentation - English
Google Firebase presentation - EnglishGoogle Firebase presentation - English
Google Firebase presentation - English
 
Les tests behat par la pratique
Les tests behat par la pratiqueLes tests behat par la pratique
Les tests behat par la pratique
 
OpenStack vs VMware vCloud
OpenStack vs VMware vCloudOpenStack vs VMware vCloud
OpenStack vs VMware vCloud
 
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
Docker Explained | What Is A Docker Container? | Docker Simplified | Docker T...
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Openshift Container Platform
Openshift Container PlatformOpenshift Container Platform
Openshift Container Platform
 
이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오이병철의 개발자 포트폴리오
이병철의 개발자 포트폴리오
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 

Similar to Unikernels

Unikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy WayUnikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy Way
ScyllaDB
 
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Kento Aoyama
 
OSCON: Unikernels and Docker: From revolution to evolution
OSCON: Unikernels and Docker: From revolution to evolutionOSCON: Unikernels and Docker: From revolution to evolution
OSCON: Unikernels and Docker: From revolution to evolution
Docker, Inc.
 
UniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtimeUniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtime
Lee Calcote
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
Patrick Chanezon
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
Adam Dunkels
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
Paris Open Source Summit
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernels
Michael Bright
 
Unik Slides
Unik SlidesUnik Slides
Unik Slides
Idit Levine
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
Docker, Inc.
 
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
NETWAYS
 
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
NETWAYS
 
Unikernelized Linux
Unikernelized LinuxUnikernelized Linux
Unikernelized Linux
LinuxCon ContainerCon CloudOpen China
 
End-to-end IoT solutions with Java and Eclipse IoT
End-to-end IoT solutions with Java and Eclipse IoTEnd-to-end IoT solutions with Java and Eclipse IoT
End-to-end IoT solutions with Java and Eclipse IoT
Benjamin Cabé
 
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
Nikos Zois
 
Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation Summit
Idit Levine
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Idit Levine
 
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storageWebinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
MayaData Inc
 
Microcontainers, Microservices, Microservers? Less [Linux] is more!
Microcontainers, Microservices, Microservers? Less [Linux] is more!Microcontainers, Microservices, Microservers? Less [Linux] is more!
Microcontainers, Microservices, Microservers? Less [Linux] is more!
Dermot Bradley
 
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
Russell Pavlicek
 

Similar to Unikernels (20)

Unikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy WayUnikraft: Fast, Specialized Unikernels the Easy Way
Unikraft: Fast, Specialized Unikernels the Easy Way
 
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
Journal Seminar: Is Singularity-based Container Technology Ready for Running ...
 
OSCON: Unikernels and Docker: From revolution to evolution
OSCON: Unikernels and Docker: From revolution to evolutionOSCON: Unikernels and Docker: From revolution to evolution
OSCON: Unikernels and Docker: From revolution to evolution
 
UniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtimeUniK - a unikernel compiler and runtime
UniK - a unikernel compiler and runtime
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
Building the Internet of Things with Thingsquare and Contiki - day 1, part 3
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
 
Lightning talk unikernels
Lightning talk unikernelsLightning talk unikernels
Lightning talk unikernels
 
Unik Slides
Unik SlidesUnik Slides
Unik Slides
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
 
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
OSDC 2016 - rkt and Kubernentes what's new with Container Runtimes and Orches...
 
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
OSDC 2016 | rkt and Kubernetes: What’s new with Container Runtimes and Orches...
 
Unikernelized Linux
Unikernelized LinuxUnikernelized Linux
Unikernelized Linux
 
End-to-end IoT solutions with Java and Eclipse IoT
End-to-end IoT solutions with Java and Eclipse IoTEnd-to-end IoT solutions with Java and Eclipse IoT
End-to-end IoT solutions with Java and Eclipse IoT
 
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
Slides of Kubernetes Athens Meetup vol3 - Unikernels An alternative OS Archit...
 
Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation Summit
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
 
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storageWebinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
Webinar: OpenEBS - Still Free and now FASTEST Kubernetes storage
 
Microcontainers, Microservices, Microservers? Less [Linux] is more!
Microcontainers, Microservices, Microservers? Less [Linux] is more!Microcontainers, Microservices, Microservers? Less [Linux] is more!
Microcontainers, Microservices, Microservers? Less [Linux] is more!
 
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
OSAC16: Unikernel-powered Transient Microservices: Changing the Face of Softw...
 

More from jtsagata

Advanced Notes on Pointers
Advanced Notes on PointersAdvanced Notes on Pointers
Advanced Notes on Pointers
jtsagata
 
C locales
C localesC locales
C locales
jtsagata
 
GPGPU Computation
GPGPU ComputationGPGPU Computation
GPGPU Computation
jtsagata
 
Eισαγωγή στο TDD
Eισαγωγή στο TDDEισαγωγή στο TDD
Eισαγωγή στο TDD
jtsagata
 
Παιγνίδια με Πίνακες και Δείκτες
Παιγνίδια με Πίνακες και ΔείκτεςΠαιγνίδια με Πίνακες και Δείκτες
Παιγνίδια με Πίνακες και Δείκτες
jtsagata
 
Linux and C
Linux and CLinux and C
Linux and C
jtsagata
 
Git intro
Git introGit intro
Git intro
jtsagata
 
Greek utf8
Greek utf8Greek utf8
Greek utf8
jtsagata
 
Function pointers in C
Function pointers in CFunction pointers in C
Function pointers in C
jtsagata
 
Why computers can' compute
Why computers can' computeWhy computers can' compute
Why computers can' compute
jtsagata
 
Τι είναι υπολογισμός
Τι είναι υπολογισμόςΤι είναι υπολογισμός
Τι είναι υπολογισμός
jtsagata
 
IEEE 754 Floating point
IEEE 754 Floating pointIEEE 754 Floating point
IEEE 754 Floating point
jtsagata
 
Η Τέχνη του TeX/LaTeX
Η Τέχνη του TeX/LaTeXΗ Τέχνη του TeX/LaTeX
Η Τέχνη του TeX/LaTeX
jtsagata
 
FPGA on the Cloud
FPGA on the Cloud FPGA on the Cloud
FPGA on the Cloud
jtsagata
 
Evolutionary keyboard Layout
Evolutionary keyboard LayoutEvolutionary keyboard Layout
Evolutionary keyboard Layout
jtsagata
 
Το εργαλείο
Το εργαλείοΤο εργαλείο
Το εργαλείοjtsagata
 

More from jtsagata (17)

Advanced Notes on Pointers
Advanced Notes on PointersAdvanced Notes on Pointers
Advanced Notes on Pointers
 
C locales
C localesC locales
C locales
 
GPGPU Computation
GPGPU ComputationGPGPU Computation
GPGPU Computation
 
Eισαγωγή στο TDD
Eισαγωγή στο TDDEισαγωγή στο TDD
Eισαγωγή στο TDD
 
Παιγνίδια με Πίνακες και Δείκτες
Παιγνίδια με Πίνακες και ΔείκτεςΠαιγνίδια με Πίνακες και Δείκτες
Παιγνίδια με Πίνακες και Δείκτες
 
Linux and C
Linux and CLinux and C
Linux and C
 
Git intro
Git introGit intro
Git intro
 
Greek utf8
Greek utf8Greek utf8
Greek utf8
 
Function pointers in C
Function pointers in CFunction pointers in C
Function pointers in C
 
Why computers can' compute
Why computers can' computeWhy computers can' compute
Why computers can' compute
 
Τι είναι υπολογισμός
Τι είναι υπολογισμόςΤι είναι υπολογισμός
Τι είναι υπολογισμός
 
IEEE 754 Floating point
IEEE 754 Floating pointIEEE 754 Floating point
IEEE 754 Floating point
 
Η Τέχνη του TeX/LaTeX
Η Τέχνη του TeX/LaTeXΗ Τέχνη του TeX/LaTeX
Η Τέχνη του TeX/LaTeX
 
FPGA on the Cloud
FPGA on the Cloud FPGA on the Cloud
FPGA on the Cloud
 
Evolutionary keyboard Layout
Evolutionary keyboard LayoutEvolutionary keyboard Layout
Evolutionary keyboard Layout
 
Omilia
OmiliaOmilia
Omilia
 
Το εργαλείο
Το εργαλείοΤο εργαλείο
Το εργαλείο
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

Unikernels

  • 1. Look Ma’ No O.S. An Introduction to Unikernels Ioannis Tsagatakis Ioannis Stefanis Msc in Informatics & Multimedia Department of Informatics Engineering TEI of Crete Embedded Systems From bootloader to a REST API with modern C++
  • 2. 2 What is A Unikernel ● A unikernel is a specialised, single address space machine image constructed by using library operating systems. – Run on top of level 1 or 2 hypervisor – Run in a docker container – Run in bare metal ● Back in history (batch processing) Single App in a single (virtual) machine
  • 3. 3 From Apps to Unikernel Apps ● Many layers ● Many memory transfers ● Many security checks ● Blocking system calls ● Dead code ● Complexity
  • 4. 4 But Why ? ● Performance and Size – A few kilobytes in size, Fast (really fast) boot – High performance, No content switches – Easy hardware /software interfaces (POSIX is hard) ● Security and Correctness – Small attack (and «unique») surface – No shell. So you crack my app, now what ? ● Cost effective – Cloud is the new hardware
  • 5. 5 Let’s write an OS ● It’s easy ! – No hardware drivers need it (almost) ● Hypervisor provides a common hardware ● Xen, Qemu, kvm – No users, no processes, no bosses ● Single address space ● No ring levels, no boundaries, no overhead – Multiple processes ? – Update and deployment ?
  • 6. 6 Implementations ● Clean State – Mirage OS (Ocaml) – Ling (Erlang) – HalVM (Haskell) – Include OS (C++) – Solo 5 – ClickOS ● Legacy – Osv (Tomcat, jetty, Cassandra ..) – Rumprun (MySQL, Ngingx, PHP) – Clive (Go) – Runtime.js UniK
  • 7. 7 Application Domains ● Cloud Computing ● Network Functional Virtualization (NFV) – Decouple software from hardware – Ericsson, NEC, Cisco ● IoT – Build an App not a stripped OS ● Hight Prorformance Computing (HPC) – Possible, but no implementations yet
  • 8. 8 History ● 1990: Exokernel and Nemesis (Univ Cambridge) ● 2014: Unikernels: Rise of the Virtual Library Operating System, ACM ● 2015: 7 Unikernel Projects to Take on Docker ● 2017: Mirage OS 3 http://unikernel.org/
  • 9. 9 Use cases ● Cloud Computing (AWS, digital occean, ...) – A simple static web site – A memcached appliance ● Iot device – Simple Web server – REST Interface ● Custom network appliance – In a cheap board like Raspberry Pi
  • 11. 11 #include <os> Demo Time From bootloader to REST API in 5mins
  • 12. 12 #include <XXX> Libraries and utilities ● Acorn – Acorn Web Server Appliance, built with IncludeOS ● Mana – IncludeOS C++ Web Application Framework ● Buttler, Director – A Mana middleware for serving static content from a IncludeOS drive ● Dashboard – Dashboard back-end module for IncludeOS Mana framework ● NaCL ● Support Libs – Botan (TLS), cookie, http, uri, ● Bucket – A magical bucket with the power of storing stuff ● Unik – The Unikernel Compilation and Deployment Platform
  • 13. 13 Web server demo ● Static content ● REST interface ● Memory DB ● Dashboard $ git clone https://github.com/hioa­cs/IncludeOS $ export INCLUDEOS_PREFIX=~/includeos/ $ export PATH=$PATH:$INCLUDEOS_PREFIX/bin $ cd IncludeOS $ ./install.sh $ export CC="clang­3.8" $ export CXX="clang++­3.8" $ cd examples/acorm $ boot –create­bridge . $ xdg­open http://10.0.0.42/ Host OS -Linux (x86) qemu (or docker) Drivers Include OS & libs App Logic Filesystem ROM Memory Store App Image 4.277K Don’t Try this at home
  • 14. 14
  • 15. 15
  • 16. 16
  • 17. 17 More info ● https://github.com/hioa-cs/IncludeOS ● http://www.includeos.org/ ● Google it Let’s have thousands of self-contained, secure micro services