Unikernels: How we got here and where we're going

Transcript

1. Unikernels … on behalf of many others! CraftConf April 2016

   @amirmc How we got here and where we're going Amir Chaudhry

2. Unikernels @amirmc How we got here and where we're going

   amirchaudhry.com/craftconf2016

3. About me @amirmc Work at Docker I have more hair

   on my face since this pic

4. Software today… @amirmc

5. …is an application … Software today… @amirmc

6. …is an application … … on top of an Operating

   System. Software today… @amirmc

7. Software today… @amirmc

8. Software today… @amirmc

9. Code you care about Code the OS insists you need

   @amirmc

10. Code you care about Code the OS insists you need

    @amirmc

11. Software today… … is built locally… @amirmc

12. Software today… … is built locally… … but deployed remotely.

    @amirmc

13. Software today… …is complex! Even though most apps
 are single-purpose

    @amirmc

14. Complexity is the enemy… More pieces -> tricky config Duplication

    -> inefficiency Large sizes -> long boot times More stuff -> larger attack surface @amirmc

15. Things are getting easier

16. BUILD Developer Workflows SHIP Registry Services RUN Management Docker Toolbox

    Docker Trusted Registry Docker Universal Control Plane Docker Cloud Docker Engine Ecosystem Plugins and Integrations Docker Containers as a Service Platform

17. An extreme view? Disentangle applications from the OS Break up

    OS functionality into modular components Link only the system functionality your app needs Target alternative platforms from a single codebase @amirmc

18. An extreme view? Disentangle applications from the OS Break up

    OS functionality into modular components Link only the system functionality your app needs Target alternative platforms from a single codebase Unikernels! @amirmc

19. The Rise of the Unikernel Unikernels are specialised single address

    space machine images built from a modular stack adding system libraries and configuration to application code Every application is compiled into its own specialised OS, targeted for the cloud or embedded devices https://en.wikipedia.org/wiki/Unikernel @amirmc

20. “… but … but what
 about Docker?”

21. Continuum Disentangle applications from the OS Break up OS functionality

    into modular components Link only the system functionality your app needs Target alternative platforms from a single codebase @amirmc

22. • LING • MirageOS • OSv • Rumprun • runtime.js

    The Rise of the Unikernel • ClickOS • Clive • Drawbridge • HaLVM • IncludeOS @amirmc

23. The Rise of the Unikernel Two broad approaches Consider legacy

    @amirmc Clean Slate

24. MirageOS

25. MirageOS unikernel } @amirmc

26. unikernel } MirageOS Familiar development cycle Broad deployment scenarios @amirmc

27. unikernel } MirageOS Familiar development cycle Broad deployment scenarios Target

    different environments Your usual tools @amirmc

28. Example: Static websites (though applicable to any application)

29. mirage.io

30. • Rewrote TLS • Functional core • Less code Bitcoin


    Piñata
31. None
32. None

33. Puts the ‘micro’ in microservice! 8.2MB
 Unikernel 102 kloc 2560


    kloc ~200MB
 Full OS Contains everything
 No extra stuff! Much smaller attack surface

34. 8.2MB
 Unikernel 102 kloc 2560
 kloc ~200MB
 Full OS Contains

    everything
 No extra stuff! Much smaller attack surface Puts the ‘micro’ in microservice!

35. Unikernel Recap • Highly specialised • Continuum with containers •

    Robust deployments • Everything’s a library! @amirmc

36. Deployments

37. Deployments

38. Systems programming is difficult?

39. … is just programming! Systems programming is difficult?

40. unikernel.org Still early days!

41. Why I care Resilient, scalable systems Distributed personal clouds Better,

    safer products @amirmc
42. None
43. None

44. Why I care MirageOS (OS/application) Irmin (Storage/Sync) Signpost (Identity/Connectivity) OCaml

    (Safety/Modularity) Mail Contacts Calendar @amirmc This is a long-term side project :)

45. Contribute! unikernel.org 
 nymote.org @amirmc

46. @amirmc Questions?