ooooo        ooooo ooooo      ooo ooooo     ooo ooooooo  ooooo   .oooooo.   ooooooooo.   
     `888'        `888' `888b.     `8' `888'     `8'  `8888    d8'   d8P'  `Y8b  `888   `Y88. 
      888          888   8 `88b.    8   888       8     Y888..8P    888      888  888   .d88' 
      888          888   8   `88b.  8   888       8      `8888'     888      888  888ooo88P'  
      888          888   8     `88b.8   888       8     .8PY888.    888      888  888`88b.    
      888       o  888   8       `888   `88.    .8'    d8'  `888b   `88b    d88'  888  `88b.  
     o888ooooood8 o888o o8o        `8     `YbodP'    o888o  o88888o  `Y8bood8P'  o888o  o888o 

Unikernel technologies - Build tools

unik - The Unikernel & MicroVM Compilation and Deployment Platform (License: Apache-2.0)
unik - Company: DELL/EMC
UniK (pronounced you-neek) is a tool for compiling application sources into unikernels (lightweight bootable disk images) rather than binaries. UniK runs and manages instances of compiled images across a variety of cloud providers as well as locally on Virtualbox. UniK utilizes a simple docker-like command line interface, making building unikernels as easy as building containers. Supported providers:

  • AWS Firecracker
  • Virtualbox
  • AWS
  • vSphere
  • QEMU
  • UKVM
  • Xen
  • OpenStack
  • Photon Controller

Unikraft - Automated Building of Specialized OSes and Unikernels (License: BSD-3-Clause)
Unikraft - Company: NEC Laboratories Europe / NEC Laboratories Europe - Systems and Machine Learning
Unikraft - GitHub
Unikraft - WIKI
In recent years, several papers and projects dedicated to unikernels have shown the immense potential for performance gains that these have. By leveraging specialization and the use of minimalistic OSes, unikernels are able to yield impressive numbers, including fast instantiation times (tens of milliseconds or less), tiny memory footprints (a few MBs or even KBs), high network throughput (10-40 Gb/s), and high consolidation (e.g., being able to run thousands of instances on a single commodity server), not to mention a reduced attack surface and the potential for easier certification. Unikernel projects worthy of mention include MirageOS, ClickOS, Erlang on Xen, OSv, HALVM, and Minicache, Rump, among others. The fundamental drawback of unikernels is that they require that applications be manually ported to the underlying minimalistic OS (e.g. having to port nginx, snort, mysql or memcached to MiniOS or OSv); this requires both expert work and often considerable amount of time. In essence, we need to pick between either high performance with unikernels, or no porting effort but decreased performance and decreased efficiency with standard OS/VM images. The goal of this proposal is to change this status quo by providing a highly configurable unikernel code base; we call this base Unikraft.

Unikernel technologies - Implementations

A community site for Unikernels

HermitCore - A lightweight unikernel for a scalable and predictable runtime behavior (License: BSD-3-Clause)
HermitCore - Company: RWTH Aachen University
HermitCore - GitHub
HermitCore is a novel unikernel operating system targeting a scalable and predictable runtime behavior for HPC and cloud environments. The current version supports C/C++, Fortran, Go, Pthreads, OpenMP and iRCCE as message passing library. HermitCore can be used as classical unikernel within a virtual machine. In addition, it extends the multi-kernel approach (like FusedOS, McKernel and mOS) and combines it with unikernel features. HermitCore is designed for KVM/Linux but also for x86_64 bare-metal environments and provides a better programmability and scalability for hierarchical systems, which based on multiple cluster-on-a-chip processors.

OSv - the operating system designed for the cloud (License: BSD-3-Clause)
OSv - Company: Cloudius Systems / ScyllaDB / Avi Kivity
OSV - GitHub
DOC - OSv - Hypervisors Are Dead, Long Live the Hypervisor - Part1
DOC - OSv - Hypervisors Are Dead, Long Live the Hypervisor - Part2
DOC - OSv - Hypervisors Are Dead, Long Live the Hypervisor - Part3
OSv is a new open-source operating system for virtual-machines. OSv was designed from the ground up to execute a single application on top of a hypervisor, resulting in superior performance and effortless management when compared to traditional operating systems which were designed for a vast range of physical machines. OSv has new APIs for new applications, but also runs unmodified Linux applications (most of Linux's ABI is supported) and in particular can run an unmodified JVM, and applications built on top of one.

RumpKernels (License: BSD-2-Clause)
RumpKernels - BOOK - The Design and Implementation of the Anykernel and Rump Kernels
RumpKernels - GitHub
RumpKernels - WIKI
Rump kernels enable you to build the software stack you need without forcing you to reinvent the wheels. The key observation is that a software stack needs driver-like components which are conventionally tightly-knit into operating systems — even if you do not desire the limitations and infrastructure overhead of a given OS, you do need drivers.

MirageOS - A programming framework for building type-safe, modular systems (License: LGPLv2 / ISC)
MirageOS - Company: Unikernel Systems / Docker / Anil Madhavapeddy
MirageOS - GitHub
MirageOS - DOC
MirageOS is a library operating system that constructs unikernels for secure, high-performance network applications across a variety of cloud computing and mobile platforms. Code can be developed on a normal OS such as Linux or MacOS X, and then compiled into a fully-standalone, specialised unikernel that runs under a Xen or KVM hypervisor. This lets your services run more efficiently, securely and with finer control than with a full conventional software stack. MirageOS uses the OCaml language, with libraries that provide networking, storage and concurrency support that work under Unix during development, but become operating system drivers when being compiled for production deployment. The framework is fully event-driven, with no support for preemptive threading.

IncludeOS (License: Apache-2.0)
IncludeOS - Company: IncludeOS
IncludeOS - GitHub
IncludeOS - Blog
IncludeOS allows you to run your application in the cloud without an operating system. IncludeOS adds operating system functionality to your application allowing you to create performant, secure and resource efficient virtual machines. IncludeOS applications boot in tens of milliseconds and require only a few megabytes of disk and memory.

ClickOS - Fast and Lightweight Network Function Virtualization (License: MIT / W3C)
ClickOS - Company: NEC Laboratories Europe / NEC Laboratories Europe - Systems and Machine Learning
ClickOS - GitHub
ClickOS - DOC
Over the years middleboxes have become a fundamental part of today’s networks. Despite their usefulness, they come with a number of problems, many of which arise from the fact that they are hardware-based: they are costly, difficult to manage, and their functionality is hard or impossible to change, to name a few. To address these issues, there is a recent trend towards network function virtualization (NFV), in essence proposing to turn these middleboxes into software-based, virtualized entities. Towards this goal we introduce ClickOS, a high-performance, virtualized software middlebox platform. ClickOS virtual machines are small (5MB), boot quickly (about 30 milliseconds), add little delay (45 microseconds) and over one hundred of them can be concurrently run while saturating a 10Gb pipe on a commodity server. We further implement a wide range of middleboxes including a firewall, a carrier-grade NAT and a load balancer and show that ClickOS can handle packets in the millions per second.

Unikernel technologies - Problems