At the time of writing, Docker had not yet acquired Unikernel Systems, and it’s remarkable that Vineet more or less predicted this acquisition. You’re going to gain a solid understanding of the context of the container, VM, and unikernel discussion, as well as see why it was only logical that Docker would acquire Unikernel Systems. Read on to learn more about the power of unikernels and why they are the way forward for microservices infrastructures!
A Brief History of the Cloud
Cloud computing is increasingly becoming a one-stop solution for large enterprises. The cloud enables large firms to treat all of their computing resources as a utility, thereby making budgeting and forecasting significantly less challenging. Because of the cloud’s rapid growth in the enterprise world, a number of supporting technologies have grown up alongside it.
Traditionally, hypervisor virtualization has allowed customers to multiplex virtual machines on a shared cluster of physical machines. If we look at traditional hypervisor virtualization in Linux, we’ll see an entire operating system running as a guest OS on top of the host OS using a hypervisor like Xen.
The Key Differences between Virtual Machines and Containers
Container virtualization is much lighter than the traditional hypervisors. In this form of virtualization, virtual machines are carved out of host operating systems sharing the same OS kernel — these carved-out VM’s are referred to as Containers. You can take a quick look at an earlier post, Container Virtualization: what makes it work so well? for a bit of background.
Containers provide encapsulation for a set of processes to run in isolation from the rest of the system. This means that the applications running inside containers appear to be running on a separate environment or operating system with a dedicated set of resources.
Containers don’t employ the overhead of guest operating systems or of a supporting hypervisor, which means more applications can run on a single host OS compared to a traditional virtualization approach.
Booting and restarting container applications is faster than using VM’s because the host OS containers are nothing but process. Using containers this way contributes to less downtime and greater productivity.
Because of the container’s lightweight memory footprint, quick boot time, and ease of packaging, many experts believe that containers are the future of virtualization. The above advantages of containers offer an edge over hypervisor virtualization, but that doesn’t mean an end to hypervisor virtualization.
I’ll explain why.
The Rise of Unikernels – A Stripped-Down OS
Unikernels are largely seen as the answer from hypervisor virtualization for the emerging container concept.
Cloud operating systems or Unikernels are lightweight operating systems that are the backbone of a new form of cloud computing where a single hypervisor instance can support a large number of VMs. These Unikernels are meant to be used within a virtual machine and can’t be run directly on a host OS/machine.
The Constraints of Traditional Virtual Machines
If we look at the traditional architecture of VM’s we see an entire, fully-loaded guest OS running as part of a VM. These operating systems are monolithic even if slimmed down. They are designed to be multi-user, multi-purpose, multi-process, and are extremely complex even for an engineer. They are meant to interact with hardware and thus involve all sorts of complexity needed to support device drivers from various vendors. The complexities listed above will come along if we are running a copy of the operating system even if it is not required.
These traditional systems are meant to interact with hardware, and therefore involve the complexity needed to support device drivers from various vendors. The complexities listed above are dragged along if we are running a copy of an OS — even if it is not required. This means we are bringing a big chunk of dead code with us when it isn’t required in the life-cycle of a Virtual Machine.
Even when the size of a container instance is in hundreds of MBs (if not in GBs) there is much more in the containers than the simple hosted application. This seems like a clumsy way to operate when we are all optimizing everything we can.
The Unikernel Approach: A Leaner System
The primary philosophy behind the unikernel is to tear off all the unnecessary sets of libraries and keep only a selected set of services which the application requires to function. Those libraries are compiled with internal applications, resulting in a complete system we call a unikernel. Unikernels are designed with the understanding that they will not need to run on hardware; consequently, unikernels lack the bloat and complexities of drivers. They aren’t meant to be multi-process or multi-user so they can focus on threads of code which are required to keep your applications running.
The unikernel model removes the need for an entire Operating System altogether, allowing applications to run directly on the hypervisor.
Some of the advantages of using the Unikernels model include:
Advantage #1: Smaller Size
By removing most of the unwanted libraries from operating systems and generating a runtime environment to enable a single application means that a unikernel requires fewer resources. Unikernels carry with them only what is required.
Advantage #2: Enhanced Security
Unikernels provide an excellent security mechanism. They accomplish this by reducing the surface area of a potential attack. Since unikernels compile with only essential elements, they reduce potential approaches for attacking the system. They don’t carry the potential vulnerabilities that would have come with the standard Operating System. There aren’t any shells or utilities to exploit.
Advantage #3: Faster Speed
Unikernels boot fast as they don’t possess the overhead of bringing up unnecessary services that are not required by the compiler’s application.
Advantage #4: Scalability
With reduced guest operating system overhead and smaller memory footprint, unikernels permit a considerably high number of Virtual Machines to run on the hypervisor as compared to traditional VM’s.
Putting It All Together
The cloud is an environment where resources are rented and charged based on usage. The major reasons customers choose cloud computing over the alternatives is the reduced price and the efficient utilization of their underlying resources.
Technologies like Docker and CoreOS have done fantastic work to modernize how we consume infrastructure so that microservices are a reality. These technologies must not rest on their laurels but need to evolve to leverage the power unikernels.
Unikernels will have a major impact on the way we work, now and in the future.
Want to learn more about all this? Check out our Docker and Container Technologies learning path. You’ll learn everything you ever wanted to know about these technologies, including Docker advanced concepts, Ubuntu Core Cloud Computing OS and Snappy Package Manager, and more!