Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen Project Evangelist)

This talk will give an overview of Unikernel technology: what they are, why they are important, and what challenges and innovations are likely to appear in the future. We will discuss the nature of the Unikernel, what capabilities it brings to the table, and how it changes the nature of the cloud as we know it.

  • Login to see the comments

CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen Project Evangelist)

  1. 1. Cloud Innovators Forum (#CIF16) • 10:00 CIF16 Opening • 10:05 Unikernels: The Past, the Present, the Future, Russell Pavlicek, Xen Project Evangelist • 10:30 Knock, Knock: Unikernels Calling!, Richard Mortier, Cambridge University • 11:00 Running Go on Rumprun, Ian Eyberg, DeferPanic Founder • 11:30 Solo5: Building a Unikernel Base From Scratch, Dan Williams, IBM • 12:00 Lunch • 13:00 Tor in Haskell, or How To Write Programs For Unikernels, Adam Wick, Galois Inc • 13:45 Rethinking Foundations for Zero-devops Clouds, Maxim Kharchenko, Cloudozer CTO • 14:30 Break • 14:45 Unikernels, Meet Docker! Containing Unikernels, Richard Mortier & Anil Madhavapeddy, MirageOS • 15:15 Building the Superfluid Cloud with Unikernels, Simon Kuenzer, NEC Europe • 15:45 Unikernels Meet NFVs: Architecture, Performance and Challenges, Wassim Haddad, Heikki Mahkonen, & Ravi Manghirmalani, Ericsson • 16:15 Break • 16:30, Amir Chaudhry, Unikernel Systems • 17:00 The Latest From Xen Project, Lars Kurth, Chairman of Xen Project Advisory Board • 17:30 CIF16 Closing
  2. 2. CIF16 at SCALE 14X Unikernels: Past, Present, and Future An Introduction to a Day of Unikernels Russell Pavlicek Xen Project Evangelist
  3. 3. About the Old, Fat Geek Up Front • Linux user since 1995; became a Linux advocate immediately • Delivered many early talks on Open Source Advocacy • Former Open Source columnist for Infoworld, Processor magazines • Former weekly panelist on “The Linux Show” • Wrote one of the first books on Open Source: Embracing Insanity: Open Source Software Development • 30 years in the industry; 20+ years in software services consulting • Evangelist for the Xen Project (until the close of SCALE; looking for a new opportunity) • Over 100 FOSS talks delivered; over 200 FOSS pieces published
  4. 4. Problem: The Fat, Slow, Cloud • Field of innovation is in the orchestration – The Cloud Engine is paramount (OpenStack, CloudStack, etc.) – Workloads adapted to the cloud strongly resemble their non- cloud predecessors • Some basic adaptations to facilitate life in the cloud, but basically the same stuff that was used before the cloud • Applications with full stacks (operating system, utilities, languages, and apps) which could basically run on hardware, but are run on VMs instead. • VMs are beefy; large memory footprint, slow to start up • It all works, but its not overly efficient • 10s of VMs per physical host
  5. 5. Solution: A Thin, Fast Cloud • Turning the scrutiny to the workloads – Should be easier to deploy and manage – Smaller footprint, removing unnecessary duplication – Faster startup – Transient microservices – Higher levels of security – 1000s of VMs per host
  6. 6. Aren't Docker and Containers the Answer? We've already got Docker and Containers, so why do we need Unikernels?
  7. 7. What Docker Brings to the Table • Cool tech • Makes deployment easier • Smaller footprint by leveraging kernel of host • Less memory needed to replicate shared kernel space • Less disk needed to replicate shared executables • Really fast startup times • Higher number of VMs per host
  8. 8. Docker Downsides • Improvements, yes; but not without issues – Can't run any payload that can't use host kernel – Potential limits to scaleability • Linux not really optimized for 1000s of processes – Security • Security is a HUGE issue in clouds • Docker folks working hard to increase Container security – But will end-users use the additions? For example, so many people disable SELINUX because they don't want to spend the time to configure it • But we need to raise the bar higher in the cloud; the old status quo is not good enough
  9. 9. The Unikernel: A Real Cloud Concept • Very small • Very efficient • Very quick to boot • And very, VERY secure! • It's a Green (energy) technology which saves you green (cash); extremely important to foster adoption • Many unikernels already exist, including MiniOS and MirageOS, a Xen Project Incubator Project
  10. 10. What is a Unikernel? From MirageOS
  11. 11. Unikernel Approach: MirageOS
  12. 12. Unikernel Approach: MirageOS
  13. 13. Unikernel Approach: MirageOS
  14. 14. Unikernel Concepts • Use just enough to do the job – No need for multiple users; one VM per user – No need for a general purpose operating system – No need for utilities – No need for a full set of operating system functions • Lean and mean – Minimal waste – Tiny size
  15. 15. Unikernel Concepts • Similar to an embedded application development environment – Limited debugging available for deployed production system • You have exactly the tools you built into the stack – Instead, system failures are reproduced and analyzed on a full operating system stack and then encapsulated into a new image to deploy – Tradeoff is required for ultralight images
  16. 16. What Do the Results Look Like? • Mirage OS examples: – DNS Server: 449 KB – Web Server: 674 KB – OpenFlow Learning Switch: 393 KB • LING metrics: – Boot time to shell in under 100ms – memory usage: 8.7 MB • ClickOS: – Network devices processing >5 million pkt/sec – 6 MB memory with 30 ms boot time
  17. 17. What About Security? • Type-Safe Solution Stack – Can be Certified – Certification is crucial for certain highly critical tasks, like airplane fly-by-wire control systems • Image footprints are unique to the image – Intruders cannot rely on always finding certain libraries – No utilities to exploit, no shell to manipulate
  18. 18. Where Are Unikernels Going?
  19. 19. Unikernels: The Past Once upon a time, in a far off land of Codertown, there were little coder elves with names like Anil, Amir, and Adam who worked with esoteric languages like Ocaml, Haskell, and Erlang doing strange and wonderful things. They built things called Unikernels – but, sadly, few people cared. The townspeople of Codertown cried, “Edge technology! No one works in these languages! And the use cases look small and unimportant to us. We dismiss this technology as mere lab experiments – nothing more!”
  20. 20. Unikernels: The Past • Unikernels were focused on type-safe languages, which though very practical for software certification, are not very popular • Unikernels were mostly proof-of-concept exercises with some production potential, but with little adoption • The Unikernel concept was not well understood • As a result, people felt free to overlook and dismiss Unikernels
  21. 21. Unikernels: The Present • Unikernels have expanded into a wide variety of popular languages, including C, C++, Java, Python, and many more • Unikernels have the potential be applied to most POSIXy applications • Various Unikernels like ClickOS and HaLVM have been used for network function virtualization (NVM; learn more at 3:45 today) • Events like CIF16, the Unikernel User Mini-Summit at TXLF14, and other meetings have spread the word; the concept is catching on • The creation of the RAMP stack last year (Rumprun, NGINX, MySQL, and PHP) shows that the potential use cases are very mainstream
  22. 22. Unikernels: The Future • This is the fun part! • The fusion between Docker and Unikernels: the ease of use of Docker with the security of Unikernels (learn more at 2:45 today) • Unikernel-enabled clouds (1:45 & 3:15 today) • More languages (like Go) and applications (11:00 & 1:00 today)
  23. 23. What's Out There Right Now? • MirageOS, from the Xen Project Incubator • HaLVM, from Galois • LING, from Erlang-on-Xen • ClickOS, from NEC Europe Labs • OSv, from Cloudius Systems • Rumprun, from the Rump Kernel Project • IncludeOS • And that's just the beginning...
  24. 24. Are Unikernels a Panacea? • Nope! – But it doesn't have to be a panacea to return value – There will always be really large databases and beefy apps which won't fit in this mold – The truth is that different problems are likely to require different optimal solutions for the foreseeable future – It is likely that the solution spectrum of the next few years will include a blend of unikernels, containers, and standard virtualization – But the arrival of unikernels means that the bar to efficiency has been raised to new heights
  25. 25. What Does This Mean for Architecture? • We like to talk about Microservices; we are witnessing the birth of Transient MicroservicesTransient Microservices – Lifetimes possibly measured in fractions of second – Populations in the thousands per host – Now these aren't small just from an external standpoint, but internally as well – It's much easier manipulating smaller items than bigger ones, so what was once difficult to change becomes easier to change
  26. 26. Xen Project as Ecosystem Enabler • Work proceeds on support for 1000s of VMs per host – Recent redesign of Event Channels removes obstacles to uncap VM growth (theoretically, into millions of VMs) – Currently, performance is strong up to around 600 VMs per host – Other areas identified and targeted to enable 2000-3000 VMs per host • Paravirtualization makes creation of a unikernel much simpler – Simpler PV interfaces remove need for complex H/W drivers
  27. 27. Open Source Leading the Way • This is an example of how Open Source is working to expand horizons of the cloud – The closed source cloud just isn't the way to go – The real innovation in cloud is in Open Source – Xen Project is at the forefront of new cloud thinking, incubating and facilitating new technologies, including unikernels – Friends don't let friends go closed source in the cloud!
  28. 28. Questions? Twitter: @RCPavlicek Information about job opportunities gratefully appreciated. Thank you! Thanks to the MirageOS team for the use of their images.