Shulou(Shulou.com)06/01 Report--

This article will explain in detail what Unikernel is, and the content of the article is of high quality, so the editor will share it with you for reference. I hope you will have a certain understanding of the relevant knowledge after reading this article.

If you keep following DevOps Weekly, DevOps-themed meetings or are really interested in technology, you may have heard of Unikernel many times. In the past few months, it seems to have attracted more and more attention.

However, what exactly is Unikernel? Is it what I want?

I have been obsessed with this problem for a long time. Do not know how to define Unikernel and the meaning of its existence?

What is Unikernel?

The source of the truth is only an obscure explanation on Wikipedia. Let's take a look at it first:

Unikernel is a single address space machine image built by using a special library operating system. Developers run applications by selecting stack modules and a series of minimum dependent libraries that correspond to the dependencies necessary to run applications in the operating system.

These libraries are responsible for compiling the application and configuration code and building them into closed, fixed-purpose images (that is, Unikernel) that can be run directly on the hypervisor hypervisor or hardware, without the need for an operating system like Linux or Windows to be in between.

-Wikipedia: Unikernel

It's all clear, right?

Okay! If it were me, maybe the above didn't say too much. Next is my explanation of Unikernel.

First of all, let's review with the example here. Suppose you are a developer writing PHP applications. When you run your PHP (other Ruby, Node, Perl are similar) applications, you are essentially running:

◆ language interpreter: PHP, Perl, Ruby,...

◆ calls the system-level API in the operating system.

◆ some of these API calls require different levels of permissions to force the context of the application to be switched. (user space vs. Kernel space).

◆ runs on operating systems, such as CentOS, Debian, Ubuntu,...

◆ may run on VM, such as VMware, Xen, KVM,...

◆ may be running on its own virtualization management system, such as ESXi, Xen Hypervisor...

◆ runs on hardware in turn

◆ is booted through BIOS or UEFI

To be honest, this can be a miraculous job if you are abstracting all the levels needed to build an application.

But they did. And do very well, have better performance. But you have to realize that there are many layers from the hardware that provides the application running environment to the application itself.

That's what Unikernel is trying to solve: remove the bloated part between the application and the hardware. Let the most "streamlined" operating system run your code.

Here is a paper summed up very well:

Unikernel's vision: when you see a cloud client, it's like seeing a single application hardware.

-The Rise and Fall of the Operating System

Unikernel tries to erase some of the complexity of modern operating systems. Because "generic" operating systems (like any Linux and Windows distributions) usually come with drivers, dependent packages, services, and so on that are not needed for your application, but these are necessary for every operating system to some extent.

Even the core modules of the Linux kernel do not need to be fully loaded every time. Things like USB drivers are considered useless in virtualized "cloud" environments, but they are still included in the kernel.

Compared with container and virtualization, the evolution of Unikernel is as follows:

Unikernels

Unikernel has many advantages over general-purpose operating systems such as Linux:

Improved ◆ security: run only the core of the operating system and discard video and USB drivers that may be sources of interference.

◆ takes up very little space: imagine being able to erase 95% of the size of the kernel, because your application doesn't need that.

Implementation of ◆ customization: be well versed in the application and streamline the kernel to the part you want.

◆ runs Unikernel instances quickly and accurately (just like running a Docker instance) with a startup time of less than 1 second.

In this way, we naturally regard Unikernel as an alternative to micro-services.

Erase the complex middle layer with Unikernel

If you want to run the application with minimal overhead, you may want to consider making a Unikernel.

To do this, use the library operating system LibOS. A library operating system will give you a way to build your own Unikernel. The most noteworthy are MirageOS (the creator of the term "unikernel") and Rump Kernels. Both are essentially a series of standardized drivers and libraries so you don't have to reinvent things like TCP stacks, persistence layers, and so on.

Unikernel is an operating system kernel customized in a high-level language and acts as an independent software component. The complete application (or application system) runs on a set of unikernels as a distributed system.

MirageOS is based on the OCaml language and lets unikernels run on Xen hypervisor.

-- queue.acm.org: Unikernels: Rise of the Virtual Library Operating System

At present, the language used to write unikernel is:

◆ Rust

◆ Go (or 'golang')

◆ OCaml

◆ Haskell

These are not all new programming languages. Except for Go and Rust, all of them have a history of more than 15 years.

In order for the operating system and applications to run more smoothly, these unikernel libraries need to use the kernel as small as possible.

Now, because of virtualization technology, virtual machine management systems like Xen or VMware abstract heterogeneous hardware devices into a bunch of standard virtualized devices, and unikernel can also be optimized for customized virtual devices.

Unikernel takes advantage of virtualization to create a proprietary and optimized operating system.

To compile the "unikernel" of an application, you need to rely on MirageOS's library and the OCaml language, and the result looks like this:

The compiler outputs a completely independent kernel instead of the Unix executable. These unikernels are library operating system VM implemented only to meet specific applications and configuration files, and rely on the reuse and isolation of resources provided by hypervisor.

-queue.acm.org: Unikernels: Rise of the Virtual Library Operating System

Eventually you run part of your application by running a Unikernel that streamlines your proprietary operating system. If your application and configuration need to be updated, you need to recompile your source code to generate a new Unikernel and deploy a new version. What if it's a new security upgrade? You also need to recompile and deploy.

This will make it more difficult to coordinate and orchestrate the deployment, but the benefit is that the application runs more efficiently.

The key to building an immutable infrastructure is that applications no longer save state and can be easily discarded and rebuilt.

On the one hand, we can have Unikernel run in a Docker container, but should we try to avoid adding other complex middle tiers? On the other hand, Docker's advantages in use and deployment do make up for this middle-tier overhead.

Who should use Unikernel?

To be honest, the answer to this question is not clear to me. I think if you are deploying web applications on WordPress now, there may be some gaps in using Unikernel.

On the other hand, the benefits of Unikernel are obvious, but it requires a completely different model to manage your infrastructure, a different set of skills to build such applications and kernels, and a deep understanding of a concept that is completely unfamiliar to us: an immutable infrastructure.

Maybe in the next 5 to 10 years, we will deploy Unikernel in the same way as the new specification. Currently, I think it is aimed at a small number of users who want fairly professional and secure applications. For most ordinary users, virtual machines (or, if you are at the forefront of technology, you will understand: Docker containers) is probably what you should focus on.

On what is Unikernel in the end to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.