At the time of writing, Docker had not yet acquired Unikernel Systems, and it’s remarkable that Vineet more or less predicted this acquisition. You’re going to gain a solid understanding of the context of the container, VM, and unikernel discussion, as well as see why it was only logical that Docker would acquire Unikernel Systems. Read on to learn more about the power of unikernels and why they are the way forward for microservices infrastructures!
A Brief History of the Cloud
Cloud computing is increasingly becoming a one-stop solution for large enterprises. The cloud enables large firms to treat all of their computing resources as a utility, thereby making budgeting and forecasting significantly less challenging. Because of the cloud’s rapid growth in the enterprise world, a number of supporting technologies have grown up alongside it.
Traditionally, hypervisor virtualization has allowed customers to multiplex virtual machines on a shared cluster of physical machines. If we look at traditional hypervisor virtualization in Linux, we’ll see an entire operating system running as a guest OS on top of the host OS using a hypervisor like Xen.
The Key Differences between Virtual Machines and Containers
Container virtualization is much lighter than the traditional hypervisors. In this form of virtualization, virtual machines are carved out of host operating systems sharing the same OS kernel — these carved-out VM’s are referred as Containers. You can take a quick look at an earlier post, Container Virtualization: what makes it work so well? for a bit of background.
Containers provide encapsulation for a set of processes to run in isolation from the rest of the system. This means that the applications running inside containers appear to be running on a separate environment or operating system with a dedicated set of resources.
Containers don’t employ the overhead of guest operating systems or of a supporting hypervisor, which means more applications can run on a single host OS compared to a traditional virtualization approach.
Booting and restarting container applications is faster than using VM’s because the host OS containers are nothing but process. Using containers this way contributes to less downtime and greater productivity.
Because of the container’s lightweight memory footprint, quick boot time, and ease of packaging, many experts believe that containers are the future of virtualization. The above advantages of containers offer an edge over hypervisor virtualization, but that doesn’t mean an end to hypervisor virtualization.
I’ll explain why.
The Rise of Unikernels – A Stripped-Down OS
Unikernels are largely seen as the answer from hypervisor virtualization for the emerging container concept.
Cloud operating systems or Unikernels are lightweight operating systems that are the backbone of a new form of cloud computing where a single hypervisor instance can support a large number of VMs. These Unikernels are meant to be used within a virtual machine and can’t be run directly on a host OS/machine.
The Constraints of Traditional Virtual Machines
If we look at the traditional architecture of VM’s we see an entire, fully-loaded guest OS running as part of a VM. These operating systems are monolithic even if slimmed down. They are designed to be multi-user, multi-purpose, multi-process, and are extremely complex even for an engineer. They are meant to interact with hardware and thus involve all sorts of complexity needed to support device drivers from various vendors. The complexities listed above will come along if we are running a copy of operating system even if it is not required.
These traditional systems are meant to interact with hardware, and therefore involve the complexity needed to support device drivers from various vendors. The complexities listed above are dragged along if we are running a copy of an OS — even if it is not required. This means we are bringing a big chunk of dead code with us when it isn’t required in the life-cycle of a Virtual Machine.
Even when the size of a container instance is in hundreds of MBs (if not in GBs) there is much more in the containers than the simple hosted application. This seems like a clumsy way to operate when we are all optimizing everything we can.
The Unikernel Approach: A Leaner System
The primary philosophy behind the unikernel is to tear off all the unnecessary sets of libraries and keep only a selected set of services which the application requires to function. Those libraries are compiled with internal applications, resulting in a complete system we call a unikernel. Unikernels are designed with the understanding that they will not need to run on hardware; consequently, unikernels lack the bloat and complexities of drivers. They aren’t meant to be multi-process or multi-user so they can focus on threads of code which are required to keep your applications running.
The unikernel model removes the need for an entire Operating System altogether, allowing applications to run directly on the hypervisor.
Some of the advantages of using the Unikernels model include:
Advantage #1: Smaller Size
By removing most of the unwanted libraries from operating systems and generating a runtime environment to enable a single application means that a unikernel requires fewer resources. Unikernels carry with them only what is required.
Advantage #2: Enhanced Security
Unikernels provide an excellent security mechanism. They accomplish this by reducing the surface area of a potential attack. Since unikernels compile with only essential elements, they reduce potential approaches for attacking the system. They don’t carry the potential vulnerabilities that would have come with the standard Operating System. There aren’t any shells or utilities to exploit.
Advantage #3: Faster Speed
Unikernels boot fast as they don’t possess the overhead of bringing up unnecessary services that are not required by the compiler’s application.
Advantage #4: Scalability
With reduced guest operating system overhead and smaller memory footprint, unikernels permit a considerably high number of Virtual Machines to run on the hypervisor as compared to traditional VM’s.
Putting It All Together
The cloud is an environment where resources are rented and charged based on usage. The major reasons customers choose cloud computing over the alternatives is the reduced price and the efficient utilization of their underlying resources.
Technologies like Docker and CoreOS have done fantastic work to modernize how we consume infrastructure so that microservices are a reality. These technologies must not rest on their laurels but need to evolve to leverage the power unikernels.
Unikernels will have a major impact on the way we work, now and in the future.
Want to learn more about all this? Check out our Docker and Container Technologies learning path. You’ll learn everything you ever wanted to know about these technologies, including Docker advanced concepts, Ubuntu Core Cloud Computing OS and Snappy Package Manager, and more!
Introducing Assessment Cycles
Today, cloud technology platforms and best practices around them move faster than ever, resulting in a paradigm shift for how organizations onboard and train their employees. While assessing employee skills on an annual basis might have sufficed a decade ago, the reality is that organiz...
Cloud Skills: Transforming Your Teams with Technology and Data
How building Cloud Academy helped us understand the challenges of transforming large teams, and how data and planning can help with your cloud transformation.When we started Cloud Academy a few years ago, our founding team knew that cloud was going to be a revolution for the IT indu...
Disadvantages of Cloud Computing
If you want to deliver digital services of any kind, you’ll need to compute resources including CPU, memory, storage, and network connectivity. Which resources you choose for your delivery, cloud-based or local, is up to you. But you’ll definitely want to do your homework first.Cloud ...
Announcing Skill Profiles Beta
Now that you’ve decided to invest in the cloud, one of your chief concerns might be maximizing your investment. With little time to align resources with your vision, how do you objectively know the capabilities of your teams?By partnering with hundreds of enterprise organizations, we’...
A New Paradigm for Cloud Training is Needed (and Other Insights We Can Democratize)
It’s no secret that cloud, its supporting technologies, and the capabilities it unlocks is disrupting IT. Whether you’re cloud-first, multi-cloud, or migrating workload by workload, every step up the ever-changing cloud capability curve depends on your people, your technology, and your ...
What is Chaos Engineering? Failure Becomes Reliability
In the IT world, failure is inevitable. A server might go down, an app may fail, etc. Does your team know what to do during a major outage? Do you know what instances may cause a larger systems failure? Chaos engineering, or chaos as a service, will help you fail responsibly.It almost...
AWS re:Invent 2017: Themes and Tools Shaping Cloud Computing in 2018
As the sixth annual re:Invent approaches, it’s a good time to look back at how the industry has progressed over the past year. How have last year’s trends held up, and what new trends are on the horizon? Where is AWS investing with its products and services? How are enterprises respondi...
Cloud Academy at Cloud Expo Santa Clara, Oct 31 – Nov 2
71% of IT decision-makers believe that a lack of cloud expertise in their organizations has resulted in lost revenue.1 That’s why building a culture of cloud—and the common language and skills to support cloud-first—is so important for companies who want to stay ahead of the transfor...
Product News: Announcing Cloud Academy Exams, Improved Filtering & Navigation, and More
At Cloud Academy, we’re obsessed with creating value for the organizations who trust us as the single source for the learning, practice, and collaboration that enables a culture of cloud.Today, we’re excited to announce the general availability of several new features in our Content L...
On 'the public understanding of encryption' Tweet by Paul Johnston
Some of the questions by journalists about encryption prove they don't get it. Politicians don't seem to get it either (most of them). In fact, outside technology, there are some ridiculous notions of what encryption means. Over and over again, the same rubbish around encrypti...
Our Hands-on Labs have a new look
Building new hands-on labs and improving our existing labs is a major focus of Cloud Academy for 2017 and beyond. If you search "types of adult learning," you will get approximately 16.9 gazillion hits. Many will boast about how they meet the needs of a certain type of learner (up to 70...
New infographic: Cloud computing in 2017
With 83% of businesses ranking cloud skills as critical for digital transformation in 2017, it’s great news for anyone with cloud architecting experience, and for those considering a career in cloud computing. In our new infographic, we compiled some of the latest industry research to l...