Unikernels

The cloud has ushered in a new era of computing, but its tenants still use old-school methods to deploy poorly secured, resource-hogging applications. This 40-page report provides a high-level overview of unikernels: small, secure, and fast workloads that could usher in a new phase in cloud computing.

Author Russell Pavlicek examines several key problems that unikernels address. Virtual machines loaded with full operating systems and thousands of utilities don’t make sense in the cloud. They waste resources and provide a wide attack surface with a target-rich environment, as demonstrated by massive data breaches in the past few years.

Unikernels use only the OS resources necessary make their applications work. Because these single-address-space machine images introduce low-level OS operations at compile time, they typically measure just kilobytes in size, with tiny attack surfaces.

With this report, you’ll examine:

• What a unikernel is and why it should matter to you
• What their development, testing, and deployment stages look like
• How unikernels derive from embedded programming
• Why unikernels help reduce data-center resource overload
• How unikernels could significantly increase cloud security
• Key projects, including MirageOS, HaLVM, LING, and ClickOS
• Ecosystem projects that support the development and use of unikernels
• Limitations to consider when adopting unikernel-based solutions
• Future developments, including integration with Docker and possible fusion with container technology