SlideShare a Scribd company logo

UniK - a unikernel compiler and runtime

Lee Calcote
Lee Calcote

Presented at Scale 15x, March, 2017

Software
1 of 31
Download to read offline
UniK: Unikernel Compiler and Runtime http://calcotestudios.com/talks Lee Calcote March 5th, 2017
http://calcotestudios.com/talks Lee Calcote linkedin.com/in/leecalcote @lcalcote blog.gingergeek.com lee@calcotestudios.com clouds, containers, infrastructure, applications  and their management
Show of Hands
Project Container Network Performance Tool @lcalcote Contact for early access. Learn more - https://github.com/solarwinds/containers Preview
Project Container Network Performance Tool @lcalcote Cluster visibility - See container network flows (current bandwidth and direction) across Kubernetes and Docker Swarm nodes. Bandwidth test - Test throughput (performance) of each type of container network (compare network drivers). Choose wisely - Be aware of the cost of overlay convenience. Avoid MAC address overload in underlays. Preview
Hello. I'm new.
We hold these truths to be self-evident:   bare metal      AND           virtual machines                AND                     containers                          AND                               unikernels                                    AND                                         functions the future is AND not OR @lcalcote
bare metalvirtual machinescontainersunikernelsfunctionsno one cares about  they care about the application infrastructure @lcalcote
Current Challenges
Fat systems Application Configuration Application Binary Language Runtime Shared Library Docker Runtime OS User Processes OS Kernel Virtual Hardware Drivers Hypervisor Hardware Drivers Hardware Application Inefficient Long startup times.   Designed for many users, running many processes.   Hardware has evolved.   Package managers pull in many unneeded packages.   Decades of backwards compatibility.
Very large attack surface a  huge kernel code base. Lots of unused applications, services and drivers lying around. by Russell Pavlicek (free ebook)Unikernels Security Other Issues @lcalcote Lee Calcote and Idit Levine How Unikernels Can Better Defend against DDoS Attacks
The Promise
What is a Unikernel? A library operating system application openGL gtk iconv libgmp libz libstd++libgcclibc kernel libtls application a way of cross-compiling (existing) applications down to very small, lightweight, secure virtual machine @lcalcote
Unikernel Landscape Language Specific HalVM - - (Haskell) MirageOS -  - (OCamel) LING - - (Erlang)  Runtime.js - - (Javascript) IncludeOS - - (C++) Clive - -  (Go) General OSv  Rumprun  Drawbridge Projects / Tools ClickOS - - (NFV) Jitsu - - (DNS) Unik - - (Build, Deploy) unikernel.org @lcalcote
Security No multi-user support no passwords and authorization info lying around   Many attack vectors closed - simply not present. only use libraries specific to your application produce a single process, single address space image   Security be default - not necassarily policy that will be defined later @lcalcote
Microservices are (intended to be) small, self-contained, single- purpose applications.   Unikernels cannot handle multiple processes, so forking is not allowed. Unikernels can handle threads. Are single user, but who needs multiple users?   Can statically link data into application. Immutable infrastructure (enforced) @lcalcote
$avings Access to a high-end system for a fraction of second   Increase speed - smaller artifacts, which boot faster (microseconds)   Target multiple platforms from a single code base   @lcalcote
Purpose A tool for simplifying compilation and deployment of unikernels.   Akin to how Docker builds and deploys containers.   Automates compilation of popular languages (C/C++, Golang, Java, Node.js. Python) into unikernels.   Deploys unikernels as virtual machines on many virtualization platforms.   Incorporates work from a number of unikernel projects.   A young project (~9 months old from announcement) @lcalcote
Stewarded by these fine folks http://project-unik.io @uvgroovy @ilackarms @Idit_Levine https://github.com/emc-advanced-dev/unik @ProjectUniK @lcalcote
Compilers Java OCaml C++ Python, Node.js and Go OSv MirageOS IncludeOS Rump 3 Major Components Providers Virtualbox AWS Google Cloud vSphere QEMU UKVM Xen OpenStack Photon Controller API Server daemon @lcalcote
UniK Hub a community exchange   Currently: Cloud-hosted S3-backed May be run on-premises @lcalcote
Integrations Processor Architectures @lcalcote
Use Docker API to run Unikernels  @lcalcote
Use Unik as a CloudFoundry runtime @lcalcote
Use Unik as a Kubernetes runtime $ kubectl run nginx --image=nginx:AWS --namespace=unik --replicas=3 multiple container runtimes AND unikernels docker, rkt and unik @lcalcote
Walk-through
Getting Started 1. git clone 2. make 3. unik @lcalcote
setup providers: aws: - name: aws region: us-east-1 zone: us-east-1a gcloud: [] vsphere: [] virtualbox: - name: unik-vbox adapter_name: vboxnet0 adapter_type: host_only qemu: [] photon: [] xen: [] openstack: [] ukvm: [] version: "" unik configure ~/.unik/daemon-config.yaml unik daemon api server familiarize w/unik @lcalcote
Developer Workflow a familiar treadmill 1. Code app per usual   2. Test and debug app   3. Deploy   4. Logs unik build --name go-calcote --path ./ --base rump --language go --provider virtualbox unik run --instanceName=scale15x --imageName=go-calcote fmt.Fprintf(w, "<img src='http://calcotestudios.com/talks/img/unik.jpg' />") fmt.Fprintf(w, "<p /> My first unikernel!") unik logs --instanceName=scale15x @lcalcote
Lee Calcote linkedin.com/in/leecalcote @lcalcote blog.gingergeek.com lee@calcotestudios.com Thank you. Questions? clouds, containers, infrastructure, applications  and their management http://calcotestudios.com/ talks

Recommended

Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation SummitIdit Levine
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Idit Levine
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Idit Levine
 
Craft april17
Craft april17Craft april17
Craft april17Idit Levine
 
Unik Slides
Unik SlidesUnik Slides
Unik SlidesIdit Levine
 
Unikernels and docker from revolution to evolution — unikernels and docker ...
Unikernels and docker from revolution to evolution — unikernels and docker ...Unikernels and docker from revolution to evolution — unikernels and docker ...
Unikernels and docker from revolution to evolution — unikernels and docker ...Docker, Inc.
 
Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Docker, Inc.
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 

Recommended

Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation SummitIdit Levine
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Idit Levine
 
Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Debugging Microservices - QCON 2017
Debugging Microservices - QCON 2017Idit Levine
 
Craft april17
Craft april17Craft april17
Craft april17Idit Levine
 
Unik Slides
Unik SlidesUnik Slides
Unik SlidesIdit Levine
 
Unikernels and docker from revolution to evolution — unikernels and docker ...
Unikernels and docker from revolution to evolution — unikernels and docker ...Unikernels and docker from revolution to evolution — unikernels and docker ...
Unikernels and docker from revolution to evolution — unikernels and docker ...Docker, Inc.
 
Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Secure Substrate: Least Privilege Container Deployment
Secure Substrate: Least Privilege Container Deployment Docker, Inc.
 
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby
Docker 1.11 Meetup: Containerd and runc, by Arnaud Porterie and Michael Crosby Michelle Antebi
 
Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsAnanth Padmanabhan
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Docker, Inc.
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDocker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
Continuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with KubernetesContinuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with KubernetesLuke Marsden
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component Docker, Inc.
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016Phil Estes
 
Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!Docker, Inc.
 
Secure Containers with EPT Isolation
Secure Containers with EPT IsolationSecure Containers with EPT Isolation
Secure Containers with EPT IsolationLinuxCon ContainerCon CloudOpen China
 
DockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon HykesDockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon HykesDocker, Inc.
 
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryRevolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryImesh Gunaratne
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Docker, Inc.
 
Containers & Security
Containers & SecurityContainers & Security
Containers & SecurityAll Things Open
 
Continous delivery at docker age
Continous delivery at docker ageContinous delivery at docker age
Continous delivery at docker ageAdrien Blind
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker, Inc.
 
Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6Opcito Technologies
 
Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Vietnam Open Infrastructure User Group
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Stanislav Pogrebnyak
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitDocker, Inc.
 
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...Docker, Inc.
 
Cont0519
Cont0519Cont0519
Cont0519Samuel Dratwa
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 

More Related Content

What's hot

Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsAnanth Padmanabhan
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Docker, Inc.
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDocker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiMike Goelzer
 
Continuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with KubernetesContinuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with KubernetesLuke Marsden
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component Docker, Inc.
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016Phil Estes
 
Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!Docker, Inc.
 
DockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon HykesDockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon HykesDocker, Inc.
 
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryRevolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryImesh Gunaratne
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Docker, Inc.
 
Continous delivery at docker age
Continous delivery at docker ageContinous delivery at docker age
Continous delivery at docker ageAdrien Blind
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker, Inc.
 
Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6Opcito Technologies
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitDocker, Inc.
 
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...Docker, Inc.
 

What's hot (20)

Monitoring docker container and dockerized applications
Monitoring docker container and dockerized applicationsMonitoring docker container and dockerized applications
Monitoring docker container and dockerized applications
 
Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0 Online Meetup: What's new in docker 1.13.0
Online Meetup: What's new in docker 1.13.0
 
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SIDeep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
Deep Dive in Docker Overlay Networks - Laurent Bernaille - Architect, D2SI
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Continuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with KubernetesContinuous Delivery the hard way with Kubernetes
Continuous Delivery the hard way with Kubernetes
 
Containerd - core container runtime component
Containerd - core container runtime component Containerd - core container runtime component
Containerd - core container runtime component
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016
 
Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!Skynet vs. Planet of The Apes: Duel!
Skynet vs. Planet of The Apes: Duel!
 
Secure Containers with EPT Isolation
Secure Containers with EPT IsolationSecure Containers with EPT Isolation
Secure Containers with EPT Isolation
 
DockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon HykesDockerCon 2017 - General Session Day 1 - Solomon Hykes
DockerCon 2017 - General Session Day 1 - Solomon Hykes
 
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App FactoryRevolutionizing WSO2 PaaS with Kubernetes & App Factory
Revolutionizing WSO2 PaaS with Kubernetes & App Factory
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
 
Containers & Security
Containers & SecurityContainers & Security
Containers & Security
 
Continous delivery at docker age
Continous delivery at docker ageContinous delivery at docker age
Continous delivery at docker age
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 
Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6Kubernetes Introduction & Whats new in Kubernetes 1.6
Kubernetes Introduction & Whats new in Kubernetes 1.6
 
Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?Building Containers: How Many Ways Are Too Many?
Building Containers: How Many Ways Are Too Many?
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Online Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKitOnline Meetup: Intro to LinuxKit
Online Meetup: Intro to LinuxKit
 
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
DockerCon EU 2015: Docker and PCI-DSS - Lessons learned in a security sensiti...
 

Similar to UniK - a unikernel compiler and runtime

Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016Patrick Chanezon
 
Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015Patrick Chanezon
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1Docker, Inc.
 
Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Patrick Chanezon
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapPatrick Chanezon
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDr Ganesh Iyer
 
A Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using DockerA Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using DockerAjeet Singh Raina
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Docker Platform and Ecosystem
Docker Platform and EcosystemDocker Platform and Ecosystem
Docker Platform and EcosystemPatrick Chanezon
 
Introduction to Docker and Linux Containers @ Cloud Computing Rhein Main
Introduction to Docker and Linux Containers @ Cloud Computing Rhein MainIntroduction to Docker and Linux Containers @ Cloud Computing Rhein Main
Introduction to Docker and Linux Containers @ Cloud Computing Rhein MainPuja Abbassi
 
Reactive Microservices with Spring 5: WebFlux
Reactive Microservices with Spring 5: WebFlux Reactive Microservices with Spring 5: WebFlux
Reactive Microservices with Spring 5: WebFlux Trayan Iliev
 
Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Binary Studio
 
Docker Application to Scientific Computing
Docker Application to Scientific ComputingDocker Application to Scientific Computing
Docker Application to Scientific ComputingPeter Bryzgalov
 
DockerDay2015: Keynote
DockerDay2015: KeynoteDockerDay2015: Keynote
DockerDay2015: KeynoteDocker-Hanoi
 

Similar to UniK - a unikernel compiler and runtime (20)

Cont0519
Cont0519Cont0519
Cont0519
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015Docker Platform and Ecosystem Nov 2015
Docker Platform and Ecosystem Nov 2015
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1DockerCon SF 2015: Keynote Day 1
DockerCon SF 2015: Keynote Day 1
 
Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
Demystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data ScientistsDemystifying Containerization Principles for Data Scientists
Demystifying Containerization Principles for Data Scientists
 
A Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using DockerA Shift from Monolith to Microservice using Docker
A Shift from Monolith to Microservice using Docker
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetes
 
Docker Platform and Ecosystem
Docker Platform and EcosystemDocker Platform and Ecosystem
Docker Platform and Ecosystem
 
What is Docker?
What is Docker?What is Docker?
What is Docker?
 
Introduction to Docker and Linux Containers @ Cloud Computing Rhein Main
Introduction to Docker and Linux Containers @ Cloud Computing Rhein MainIntroduction to Docker and Linux Containers @ Cloud Computing Rhein Main
Introduction to Docker and Linux Containers @ Cloud Computing Rhein Main
 
Reactive Microservices with Spring 5: WebFlux
Reactive Microservices with Spring 5: WebFlux Reactive Microservices with Spring 5: WebFlux
Reactive Microservices with Spring 5: WebFlux
 
Hack the whale
Hack the whaleHack the whale
Hack the whale
 
Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1Academy PRO: Docker. Lecture 1
Academy PRO: Docker. Lecture 1
 
Docker Application to Scientific Computing
Docker Application to Scientific ComputingDocker Application to Scientific Computing
Docker Application to Scientific Computing
 
DockerDay2015: Keynote
DockerDay2015: KeynoteDockerDay2015: Keynote
DockerDay2015: Keynote
 

More from Lee Calcote

Benchmarking Service Meshes - CNCF Networking WG
Benchmarking Service Meshes - CNCF Networking WGBenchmarking Service Meshes - CNCF Networking WG
Benchmarking Service Meshes - CNCF Networking WGLee Calcote
 
Service Meshes, but at what cost?
Service Meshes, but at what cost?Service Meshes, but at what cost?
Service Meshes, but at what cost?Lee Calcote
 
Establishing an Open Source Program Office
Establishing an Open Source Program OfficeEstablishing an Open Source Program Office
Establishing an Open Source Program OfficeLee Calcote
 
Istio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyIstio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyLee Calcote
 
CNCF, State of Serverless & Project Nuclio
CNCF, State of Serverless & Project NuclioCNCF, State of Serverless & Project Nuclio
CNCF, State of Serverless & Project NuclioLee Calcote
 
Load Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLoad Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLee Calcote
 
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Lee Calcote
 
Understanding and Extending Prometheus AlertManager
Understanding and Extending Prometheus AlertManagerUnderstanding and Extending Prometheus AlertManager
Understanding and Extending Prometheus AlertManagerLee Calcote
 
Container World 2017 - Characterizing and Contrasting Container Orchestrators
Container World 2017 - Characterizing and Contrasting Container OrchestratorsContainer World 2017 - Characterizing and Contrasting Container Orchestrators
Container World 2017 - Characterizing and Contrasting Container OrchestratorsLee Calcote
 
Growing a Community - Leveraging Meetups to Educate, Grow and Facilitate
Growing a Community - Leveraging Meetups to Educate, Grow and FacilitateGrowing a Community - Leveraging Meetups to Educate, Grow and Facilitate
Growing a Community - Leveraging Meetups to Educate, Grow and FacilitateLee Calcote
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingLee Calcote
 
Container Summit Austin
Container Summit AustinContainer Summit Austin
Container Summit AustinLee Calcote
 
Dockercon 16 Recap
Dockercon 16 RecapDockercon 16 Recap
Dockercon 16 RecapLee Calcote
 
From Engines to Orchestrators
From Engines to OrchestratorsFrom Engines to Orchestrators
From Engines to OrchestratorsLee Calcote
 
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsCharacterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsLee Calcote
 
Characterizing and Contrasting Container Orchestrators
Characterizing and Contrasting Container Orchestrators Characterizing and Contrasting Container Orchestrators
Characterizing and Contrasting Container OrchestratorsLee Calcote
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 RecapLee Calcote
 

More from Lee Calcote (17)

Benchmarking Service Meshes - CNCF Networking WG
Benchmarking Service Meshes - CNCF Networking WGBenchmarking Service Meshes - CNCF Networking WG
Benchmarking Service Meshes - CNCF Networking WG
 
Service Meshes, but at what cost?
Service Meshes, but at what cost?Service Meshes, but at what cost?
Service Meshes, but at what cost?
 
Establishing an Open Source Program Office
Establishing an Open Source Program OfficeEstablishing an Open Source Program Office
Establishing an Open Source Program Office
 
Istio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxyIstio: Using nginMesh as the service proxy
Istio: Using nginMesh as the service proxy
 
CNCF, State of Serverless & Project Nuclio
CNCF, State of Serverless & Project NuclioCNCF, State of Serverless & Project Nuclio
CNCF, State of Serverless & Project Nuclio
 
Load Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & KubernetesLoad Balancing in the Cloud using Nginx & Kubernetes
Load Balancing in the Cloud using Nginx & Kubernetes
 
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
Create Great CNCF User-Base from Lessons Learned from Other Open Source Commu...
 
Understanding and Extending Prometheus AlertManager
Understanding and Extending Prometheus AlertManagerUnderstanding and Extending Prometheus AlertManager
Understanding and Extending Prometheus AlertManager
 
Container World 2017 - Characterizing and Contrasting Container Orchestrators
Container World 2017 - Characterizing and Contrasting Container OrchestratorsContainer World 2017 - Characterizing and Contrasting Container Orchestrators
Container World 2017 - Characterizing and Contrasting Container Orchestrators
 
Growing a Community - Leveraging Meetups to Educate, Grow and Facilitate
Growing a Community - Leveraging Meetups to Educate, Grow and FacilitateGrowing a Community - Leveraging Meetups to Educate, Grow and Facilitate
Growing a Community - Leveraging Meetups to Educate, Grow and Facilitate
 
Overlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container NetworkingOverlay/Underlay - Betting on Container Networking
Overlay/Underlay - Betting on Container Networking
 
Container Summit Austin
Container Summit AustinContainer Summit Austin
Container Summit Austin
 
Dockercon 16 Recap
Dockercon 16 RecapDockercon 16 Recap
Dockercon 16 Recap
 
From Engines to Orchestrators
From Engines to OrchestratorsFrom Engines to Orchestrators
From Engines to Orchestrators
 
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-orsCharacterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
Characterizing and contrasting kuhn tey-ner awr-kuh-streyt-ors
 
Characterizing and Contrasting Container Orchestrators
Characterizing and Contrasting Container Orchestrators Characterizing and Contrasting Container Orchestrators
Characterizing and Contrasting Container Orchestrators
 
Dockercon EU 2015 Recap
Dockercon EU 2015 RecapDockercon EU 2015 Recap
Dockercon EU 2015 Recap
 

Recently uploaded

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfproinshot.com
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplatePresentation.STUDIO
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxalwaysnagaraju26
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfayushiqss
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedDelhi Call girls
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfonteinmasabamasaba
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...kalichargn70th171
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfryanfarris8
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 

Recently uploaded (20)

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
ManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide DeckManageIQ - Sprint 236 Review - Slide Deck
ManageIQ - Sprint 236 Review - Slide Deck
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptxBUS PASS MANGEMENT SYSTEM USING PHP.pptx
BUS PASS MANGEMENT SYSTEM USING PHP.pptx
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdfThe Top App Development Trends Shaping the Industry in 2024-25 .pdf
The Top App Development Trends Shaping the Industry in 2024-25 .pdf
 
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verifiedSector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified
 
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 

UniK - a unikernel compiler and runtime

  • 4. Project Container Network Performance Tool @lcalcote Contact for early access. Learn more - https://github.com/solarwinds/containers Preview
  • 5. Project Container Network Performance Tool @lcalcote Cluster visibility - See container network flows (current bandwidth and direction) across Kubernetes and Docker Swarm nodes. Bandwidth test - Test throughput (performance) of each type of container network (compare network drivers). Choose wisely - Be aware of the cost of overlay convenience. Avoid MAC address overload in underlays. Preview
  • 7. We hold these truths to be self-evident:   bare metal      AND           virtual machines                AND                     containers                          AND                               unikernels                                    AND                                         functions the future is AND not OR @lcalcote
  • 8. bare metalvirtual machinescontainersunikernelsfunctionsno one cares about  they care about the application infrastructure @lcalcote
  • 10. Fat systems Application Configuration Application Binary Language Runtime Shared Library Docker Runtime OS User Processes OS Kernel Virtual Hardware Drivers Hypervisor Hardware Drivers Hardware Application Inefficient Long startup times.   Designed for many users, running many processes.   Hardware has evolved.   Package managers pull in many unneeded packages.   Decades of backwards compatibility.
  • 11. Very large attack surface a  huge kernel code base. Lots of unused applications, services and drivers lying around. by Russell Pavlicek (free ebook)Unikernels Security Other Issues @lcalcote Lee Calcote and Idit Levine How Unikernels Can Better Defend against DDoS Attacks
  • 13. What is a Unikernel? A library operating system application openGL gtk iconv libgmp libz libstd++libgcclibc kernel libtls application a way of cross-compiling (existing) applications down to very small, lightweight, secure virtual machine @lcalcote
  • 14. Unikernel Landscape Language Specific HalVM - - (Haskell) MirageOS -  - (OCamel) LING - - (Erlang)  Runtime.js - - (Javascript) IncludeOS - - (C++) Clive - -  (Go) General OSv  Rumprun  Drawbridge Projects / Tools ClickOS - - (NFV) Jitsu - - (DNS) Unik - - (Build, Deploy) unikernel.org @lcalcote
  • 15. Security No multi-user support no passwords and authorization info lying around   Many attack vectors closed - simply not present. only use libraries specific to your application produce a single process, single address space image   Security be default - not necassarily policy that will be defined later @lcalcote
  • 16. Microservices are (intended to be) small, self-contained, single- purpose applications.   Unikernels cannot handle multiple processes, so forking is not allowed. Unikernels can handle threads. Are single user, but who needs multiple users?   Can statically link data into application. Immutable infrastructure (enforced) @lcalcote
  • 17. $avings Access to a high-end system for a fraction of second   Increase speed - smaller artifacts, which boot faster (microseconds)   Target multiple platforms from a single code base   @lcalcote
  • 18.
  • 19. Purpose A tool for simplifying compilation and deployment of unikernels.   Akin to how Docker builds and deploys containers.   Automates compilation of popular languages (C/C++, Golang, Java, Node.js. Python) into unikernels.   Deploys unikernels as virtual machines on many virtualization platforms.   Incorporates work from a number of unikernel projects.   A young project (~9 months old from announcement) @lcalcote
  • 20. Stewarded by these fine folks http://project-unik.io @uvgroovy @ilackarms @Idit_Levine https://github.com/emc-advanced-dev/unik @ProjectUniK @lcalcote
  • 21. Compilers Java OCaml C++ Python, Node.js and Go OSv MirageOS IncludeOS Rump 3 Major Components Providers Virtualbox AWS Google Cloud vSphere QEMU UKVM Xen OpenStack Photon Controller API Server daemon @lcalcote
  • 22. UniK Hub a community exchange   Currently: Cloud-hosted S3-backed May be run on-premises @lcalcote
  • 24. Use Docker API to run Unikernels  @lcalcote
  • 25. Use Unik as a CloudFoundry runtime @lcalcote
  • 26. Use Unik as a Kubernetes runtime $ kubectl run nginx --image=nginx:AWS --namespace=unik --replicas=3 multiple container runtimes AND unikernels docker, rkt and unik @lcalcote
  • 28. Getting Started 1. git clone 2. make 3. unik @lcalcote
  • 29. setup providers: aws: - name: aws region: us-east-1 zone: us-east-1a gcloud: [] vsphere: [] virtualbox: - name: unik-vbox adapter_name: vboxnet0 adapter_type: host_only qemu: [] photon: [] xen: [] openstack: [] ukvm: [] version: "" unik configure ~/.unik/daemon-config.yaml unik daemon api server familiarize w/unik @lcalcote
  • 30. Developer Workflow a familiar treadmill 1. Code app per usual   2. Test and debug app   3. Deploy   4. Logs unik build --name go-calcote --path ./ --base rump --language go --provider virtualbox unik run --instanceName=scale15x --imageName=go-calcote fmt.Fprintf(w, "<img src='http://calcotestudios.com/talks/img/unik.jpg' />") fmt.Fprintf(w, "<p /> My first unikernel!") unik logs --instanceName=scale15x @lcalcote
  • 31. Lee Calcote linkedin.com/in/leecalcote @lcalcote blog.gingergeek.com lee@calcotestudios.com Thank you. Questions? clouds, containers, infrastructure, applications  and their management http://calcotestudios.com/ talks