Unikernels and hyper-elastic clouds

A93b8ed15efe8a33d4045befbed219c2?s=47 Amir
November 03, 2015
Technology
3
11k

Unikernels and hyper-elastic clouds

Talk at CodeMesh in November 2015. See the associated blog post at:
http://amirchaudhry.com/codemesh2015

A93b8ed15efe8a33d4045befbed219c2?s=128

Amir

November 03, 2015
Tweet

Want more?

A93b8ed15efe8a33d4045befbed219c2?s=48 amirmc
0
49
A93b8ed15efe8a33d4045befbed219c2?s=48 amirmc
0
59
A93b8ed15efe8a33d4045befbed219c2?s=48 amirmc
4
4.1k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
2
150
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
1
74
766b9746b59e6f09e280cd33cf4ed419?s=48 skipperchong
0
68
61857dafbd287b3027c4dcea9008ad3c?s=48 carmenhchung
5
140
06f8b41980eb4c577fa40c41d5030c19?s=48 keathley
4
160
C0390e8b11079f8761c0cd3274ed61cb?s=48 productmarketing
2
220
C35e01544a0dd94a2cf1619ee8a42ebb?s=48 clairelew
2
430
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
1
110
B3ace07412a5178ea778e7eec161fc0a?s=48 jcasabona
4
200

Transcript

  1. 1.

    Unikernels
 and hyper-elastic clouds … on behalf of a merry

    crew: Anil Madhavapeddy, Thomas Gazagnaire, David Scott, Thomas Leonard, Richard Mortier, Magnus Skjegstad, David Sheets, Balraj Singh, Jon Crowcroft, Mindy Preston, and many others! CodeMesh November 2015 @amirmc Amir Chaudhry
  2. 2.

    About me Work on MirageOS (herd cats) I like systems

    stuff! Previously Physicist, Neuroscientist,
 CompSci (ish), Startups, BigCo. @amirmc
  3. 3.

    Software today… …is an application … @amirmc

  4. 4.

    Software today… …is an application … … on top of

    an Operating System. @amirmc
  5. 5.

    Software today… … is built locally… @amirmc

  6. 6.

    Software today… … is built locally… … but deployed remotely.

    @amirmc
  7. 7.

    Software today… … needs more tools. @amirmc

  8. 8.

    Software today… …is complex! Even though most apps are single-purpose

    @amirmc
  9. 9.

    Complexity is the enemy… More layers -> tricky config Duplication

    -> inefficiency Large sizes -> long boot times More stuff -> larger attack surface @amirmc
  10. 10.

    We build for clouds as we do for desktops Why?

  11. 11.

    Can we do better? @amirmc Hardware Kernel Userland App A

    App B App C Full OS
  12. 12.

    Can we do better? @amirmc Hardware Hardware Kernel Userland App

    A App B App C Kernel Container A Container B Container C Full OS Minimal OS
  13. 13.

    Can we do better? @amirmc Hardware Hardware Hardware Kernel Userland

    App A App B App C Kernel Container A Container B Container C Full OS Minimal OS ? Specialisation
  14. 14.

    Can we do better? Disentangle applications from the OS Break

    up OS functionality into modular libraries Link only the system functionality your app needs Target alternative platforms from a single codebase @amirmc
  15. 15.

    Can we do better? @amirmc Hardware Hardware Hardware Kernel Userland

    App A App B App C Kernel Container A Container B Container C Full OS Minimal OS ? Specialisation
  16. 16.

    Can we do better? @amirmc Hardware Hardware Hardware Kernel Userland

    App A App B App C Kernel Container A Container B Container C A B C Full OS Minimal OS Unikernels Specialisation
  17. 17.

    The Rise of the Unikernel Unikernels are specialised machine images

    built from a modular stack adding system libraries and configuration to application code Every application is compiled into its own specialised OS that runs on the cloud or embedded devices @amirmc https://en.wikipedia.org/wiki/Unikernel
  18. 18.

    • ClickOS • Clive • Drawbridge • HaLVM • IncludeOS

    • LING • MirageOS • OSv • Rumprun The Rise of the Unikernel @amirmc
  19. 19.

    MirageOS @amirmc

  20. 20.

    MirageOS unikernel } @amirmc

  21. 21.

    MirageOS unikernel } @amirmc Familiar development cycle Broad deployment scenarios

  22. 22.

    MirageOS Unix Develop logic MirageOS System Libs @amirmc

  23. 23.

    MirageOS Specialise for deploy… … to multiple environments @amirmc Xen

  24. 24.

    So what?

  25. 25.

    Example: Static websites (though applicable to any application)

  26. 26.

    Examples • Secure services • Jekyll to Unikernel • Automated

    deployment • Summon on demand • Upcoming releases!
  27. 27.
    None
  28. 28.

    • Rewrote TLS • Functional core • Less code Bitcoin

    Piñata Secure services
  29. 29.
    None
  30. 30.
    None
  31. 31.

    8.2MB 102 kloc 2560 kloc ~200MB No extra stuff! Small

    &
 Secure! Much better security
  32. 32.

    Easy deployment • Jekyll to Unikernel • Automated deployment

  33. 33.

    Develop Deploy Test Example …in ~100 lines of code @amirmc

  34. 34.

    Summon on demand • Boots on demand • Masks latency

    • Increased Efficiency Jitsu
  35. 35.

    Recap • Secure services • Easy deployment • Summon on

    demand • Upcoming releases!
  36. 36.

    General workflow …in ~100 lines of code Develop Deploy Test

  37. 37.

    Deployments @amirmc

  38. 38.

    Trade-off (for now)… @amirmc

  39. 39.

    … however :)

  40. 40.

    Why I care @amirmc Empower individuals Distributed personal clouds Resilient,

    scalable systems
  41. 41.
    None
  42. 42.
    None
  43. 43.
    None
  44. 44.

    Why I care MirageOS (OS/application) Irmin (Storage/Sync) Signpost (Identity/Connectivity) OCaml

    (Safety/Modularity) Mail Contacts Calendar @amirmc
  45. 45.

    Contribute! @amirmc https://mirage.io http://nymote.org http://ocaml.org