O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Unikraft - Unleashing the Power of Unikernels

51 visualizações

Publicada em

Video and slides synchronized, mp3 and slide download available at URL https://bit.ly/2tX4yNq.

Felipe Huici introduces Unikraft, an open source, incubator project under the auspices of the Xen Project and the Linux Foundation aimed at automating the process of building customized images tailored to specific applications and significantly reducing development time. He describes Unikraft in greater detail, and gives a brief demo of how to use it in order to build a few different unikernels. Filmed at qconlondon.com.

Felipe Huici is a chief researcher in the Systems and Machine Learning Group at NEC Laboratories Europe in Heidelberg, Germany. His main research and work interests lie in the areas of high-performance software systems, and in particular specialization, virtualization, and the application of machine learning techniques to tackle open problems in the systems area.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Unikraft - Unleashing the Power of Unikernels

  1. 1. Unleashing the Power of Unikernels with Unikraft Felipe Huici felipe.huici@neclab.eu Systems and Machine Learning Group NEC Laboratories GmbH, Heidelberg EU H2020 Superfluidity
  2. 2. InfoQ.com: News & Community Site Watch the video with slide synchronization on InfoQ.com! https://www.infoq.com/presentations/ unikraft-unikernels • Over 1,000,000 software developers, architects and CTOs read the site world- wide every month • 250,000 senior developers subscribe to our weekly newsletter • Published in 4 languages (English, Chinese, Japanese and Brazilian Portuguese) • Post content from our QCon conferences • 2 dedicated podcast channels: The InfoQ Podcast, with a focus on Architecture and The Engineering Culture Podcast, with a focus on building • 96 deep dives on innovative topics packed as downloadable emags and minibooks • Over 40 new content items per week
  3. 3. Purpose of QCon - to empower software development by facilitating the spread of knowledge and innovation Strategy - practitioner-driven conference designed for YOU: influencers of change and innovation in your teams - speakers and topics driving the evolution and innovation - connecting and catalyzing the influencers and innovators Highlights - attended by more than 12,000 delegates since 2007 - held in 9 cities worldwide Presented at QCon London www.qconlondon.com
  4. 4. 2 © NEC Corporation 2018 Who am I? ▌ Chief Researcher @ l NEC Laboratories in Heidelberg, Germany l Systems and Machine Learning Group
  5. 5. 3 © NEC Corporation 2018 The Container Craze ▌ “Google runs all services in containers” ▌ Container-as-a-Service services: l Amazon Lambda, EC2 Container Service l Google Container Engine l Azure Container service l and so on…
  6. 6. 4 © NEC Corporation 2018 The Container Advantage ▌ Very fast instantiation times l 100s ms ▌ Small per-instance memory footprints l 10-100 MBs ▌ High density l 100-1000 instances on same host VMs
  7. 7. 5 © NEC Corporation 2018 The Unsafe Container ▌ Kernel API difficult to secure, lots of exploits ▌ An unsafe container affects all other containers on host l This includes DoS/exhaustion attacks (e.g., forkbombs, etc.) 200 250 300 350 400 2002 2004 2006 2008 2010 2012 2014 2016 2018 No.ofsyscalls Linux Release Year
  8. 8. 6 © NEC Corporation 2018 Isolating WorkloadsPick Your Poison Lightweight Iffy isolation Strong isolation Heavy weight ? Virtualization Hardware Hypervisor VM apps GuestOS (Linux) libs VM apps GuestOS FreeBSD libs VM apps GuestOS Windows libs vs. Containers Hardware Host OS (Linux) libs / services apps container apps container apps container
  9. 9. 7 © NEC Corporation 2018 Isolating Workloads Lightweight Iffy isolation Strong isolation Heavy weight ? Virtualization Hardware Hypervisor VM apps GuestOS (Linux) libs VM apps GuestOS FreeBSD libs VM apps GuestOS Windows libs Containersvs. Hardware Host OS (Linux) libs / services apps apps apps container container container Dispel the myth thatVMs are heavyweight
  10. 10. What’s a Unikernel Then?
  11. 11. 9 © NEC Corporation 2018 Standard VM: Application on Top of Distro Kernel User Application(s) 3rd Party Applications Libraries Services
  12. 12. 10 © NEC Corporation 2018 Most of the VM not Used… Nginx Kernel Services Libraries User Application memcached bash 3rd Party Applications libc libssl ssh init ext4 netfront blkfront
  13. 13. 11 © NEC Corporation 2018 Specialization in Practice ▌ Standard OS/VM/container: lots of unnecessary code = lots of overhead (and potentially bugs/security issues)! Nginx Kernel Services Libraries User Application memcached bash 3rd Party Applications libc libssl ssh init ext4 netfront blkfront Nginx memcached bash libc libssl ssh init ext4 netfront blkfront ▌ Unikernel: only what’s needed is there Nginx Kernel Services Libraries User Application memcached bash 3rd Party Applications libc libssl ssh init ext4 netfront blkfront unused! unused! unused! unikernelgeneral-purpose OS
  14. 14. 12 © NEC Corporation 2018 Unikernels - A Few More Details app1 USERSPACE app2 appN driver1 driver2 GENERAL-PURPOSE OPERATING SYSTEM (e.g., Linux, FreeBSD) KERNELSPACE driverN Vdriver1 vdriver2 app MINIMALISTIC OPERATING SYSTEM (e.g., MiniOS, OSv) SINGLEADDRESS SPACE
  15. 15. 13 © NEC Corporation 2018 When do I want a Unikernel? ▌ Unikernels are applicable to many domains! Fast boot, migration destroy Resource efficient High performance Mission critical Minimal SW stack Reactive VNFs, Lambda Functions, … Minimal SW stack Per-customer VNFs, IoT, MEC, … Small code base à cheap verification Strong isolation Automotive, Industrial-grade, … Specialization NFV, MEC, …
  16. 16. Some Unikernel Numbers… My VM is Lighter (and Safer) than your Container SOSP 2017
  17. 17. 15 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests Process Create Process: 0.7ms-10ms Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8
  18. 18. 16 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests Process Create Docker Boot Docker: 150ms-550ms Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8
  19. 19. 17 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests Docker Boot Debian Boot Debian Create Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 Debian: 2.6-82 secs
  20. 20. 18 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests Docker Boot Debian Boot Debian Create Traditional VMs are in fact heavy-weight Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 Debian: 2.6-82 secs
  21. 21. 19 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests MiniOS Boot MiniOS Create Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 unikernel:, 163ms-1.4secs
  22. 22. 20 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests MiniOS Boot MiniOS Create Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 unikernel:, 163ms-1.4secs Unikernels can be almost as fast as containers
  23. 23. 21 © NEC Corporation 2018 In Numbers: Instantiation Times 100 101 102 103 104 105 0 200 400 600 800 1000 Time[ms] Number of running guests MiniOS Boot MiniOS Create Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 unikernel:, 163ms-1.4secs Can we make them faster?
  24. 24. 22 © NEC Corporation 2018 LightVM A Lightweight Virtualization System
  25. 25. 23 © NEC Corporation 2018 Dom0 (Linux/NetBSD) Hardware (CPU, Memory, MMU, NICs, …) Xen Hypervisor libxc libxs libxl toolstack xl NIC drivers block SW switch virt drivers netback DomU 1 netfront xenbus OS (Linux) apps xenbusXen store A Quick Xen Primer
  26. 26. 24 © NEC Corporation 2018 Creation Times – Breakdown (unikernel) 0 200 400 600 800 1000 1200 1400 1600 1800 0 200 400 600 800 1000 Time[ms] Number of running guests toolstack load devices xenstore hypervisor config Biggest culprits: XenStore and device creation * Note: Spikes in graph due to XenStore’s log rotation
  27. 27. 25 © NEC Corporation 2018 Xen Hypervisor What’s Wrong with the XenStore? Frontend (VM) Backend (dom0) xl toolstack Xen store Create device x3 NotifyNotify Write status Notify x6 NotifyMore than 30 Xenstore entries are used per device, resulting in hundreds of XenStore accesses.
  28. 28. 26 © NEC Corporation 2018 LightVM Architecture 1.  Chaos – specialized toolstack (xl replacement) 2.  Noxs - no XenStore 3.  Split toolstack 4.  Xendevd – optimized hotplug script Dom0 (Linux/NetBSD) chaos NIC drivers block SW switch virt drivers netback libxc xendevd libchaos (prepare) chaos daemon libchaos (execute) NOXS
  29. 29. 27 © NEC Corporation 2018 1. Chaos - Specialized Toolstack ▌ Complete re-write of toolstack for paravirtualized guests l Replaces xl à chaos l Replaces libxl à libchaos ▌ Includes framework for easily plugging in different elements of a toolstack (e.g., use the XenStore or not)
  30. 30. 28 © NEC Corporation 2018 2. NoXS – Xen without a XenStore 3 netback dom0 NW frontend netfront NW backend toolstack hypervisor backend-id event channel id grant reference memory page 2 hypercall hypercall 1 device create 4 NOXS ioctl backend-id event channel id grant reference
  31. 31. 29 © NEC Corporation 2018 3. Split Toolstack ▌ Insight: a significant portion of the code does not need to be executed at VM creation time l Functionality common to all VMs (e.g., mem alloc) can be pre- executed ▌ Split toolstack into two: l Pre-create phase: run by a daemon, periodically l Run-time phase: run when VM creation commands (and others) are issued
  32. 32. 30 © NEC Corporation 2018 4. Xendevd – Hotplug Script ▌ Xen uses either a bash script or udevd to add virtual interfaces to software switch l Slow: 10s of milliseconds, slows creation/boot times ▌ Replace with xendevd, binary daemon l Listens to udev events from netback, execute pre-defined setup (e.g., add vif to OVS)
  33. 33. 31 © NEC Corporation 2018 Evaluation – Unikernels We Used ▌ Noop unikernel: self explanatory J ▌ Daytime unikernel: TCP server that responds with current time ▌ Minipython: Port of Micropython to MiniOS ▌ TLS unikernel: TLS termination proxy ▌ Ping unikernel: also self-explanatory Sample sizes: •  Daytime - 480KB disk, 3.4MB RAM •  Minipython - 3.52MB disk, 8MB RAM •  TLS – 3.58MB disk, 8MB RAM
  34. 34. 32 © NEC Corporation 2018 In Numbers: Instantiation Times with LightVM Server: 4 x AMD Opteron 6376 CPU@2.3GHz (64 cores total), 128GB DDR3 RAM, Xen 4.8/Linux 4.8 LightVM: http://sysml.neclab.eu/projects/lightvm Guests: Noop/Unikernel and Noop Docker image / No devices Docker: 150 ms-666ms Out of memory Unikernel: 5.2ms-8.6ms
  35. 35. 33 © NEC Corporation 2018 In Numbers: Instantiation Times with LightVM Server: 4 x AMD Opteron 6376 CPU@2.3GHz (64 cores total), 128GB DDR3 RAM, Xen 4.8/Linux 4.8 LightVM: http://sysml.neclab.eu/projects/lightvm Guests: Noop/Unikernel and Noop Docker image / No devices Docker: 150 ms-666ms Out of memory Unikernel: 5.2ms-8.6ms Unikernels are even faster & lighter when using an optimized hypervisor toolstack
  36. 36. 34 © NEC Corporation 2018 Checkpointing – Daytime Unikernel Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 2 4 8 16 32 64 128 256 0 200 400 600 800 1000 Time[ms] Number of Running VMs xl chaos+xenstore LightVM 1 4 16 64 256 1024 0 200 400 600 800 1000 Time[ms] Number of Running VMs xl chaos [XS] chaos [NoXS] LightVM (a) Save (b) Restore
  37. 37. 35 © NEC Corporation 2018 Migration – Daytime Unikernel Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 Time[ms] Number of Running VMs xl chaos [XS] chaos [NoXS] LightVM
  38. 38. 36 © NEC Corporation 2018 CPU Usage Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 0 5 10 15 20 25 0 200 400 600 800 1000 CPUUtilization(%) Number of Running VMs/Containers Debian Tinyx Unikernel Docker
  39. 39. 37 © NEC Corporation 2018 Memory Usage Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 16384 65536 0 200 400 600 800 1000 MemoryUsage[MB] VM/Container/Process # Debian Tinyx Docker Micropython Minipython Micropython Process
  40. 40. 38 © NEC Corporation 2018 Understanding LightVM’s components Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 xl CreationTime[ms] Number of Running VMs
  41. 41. 39 © NEC Corporation 2018 Understanding LightVM’s components Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 xl chaos [XS] CreationTime[ms] Number of Running VMs
  42. 42. 40 © NEC Corporation 2018 Understanding LightVM’s components Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 xl chaos [XS] chaos [XS+split] CreationTime[ms] Number of Running VMs
  43. 43. 41 © NEC Corporation 2018 Understanding LightVM’s components Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 xl chaos [XS] chaos [XS+split] chaos [NoXS] CreationTime[ms] Number of Running VMs
  44. 44. 42 © NEC Corporation 2018 Understanding LightVM’s components Server: Intel Xeon E5-1630 v3 CPU@3.7GHz (4 cores), 128GB DDR4 RAM, Xen/Linux versions 4.8 1 4 16 64 256 1024 4096 0 200 400 600 800 1000 xl chaos [XS] chaos [XS+split] chaos [NoXS] LightVM CreationTime[ms] Number of Running VMs Note: 2.3 ms with all optimizations and no devices
  45. 45. 43 © NEC Corporation 2018 The Potential of Unikernels – A Summary ▌ Fast instantiation, destruction and migration time l 10s of milliseconds or less (and as little as 2.3ms) (LigthVM [Manco SOSP 2017], Jitsu [Madhvapeddy, NSDI 2015]) ▌ Low memory footprint l Few MBs of RAM or less (ClickOS [Martins NSDI 2014]) ▌ High density l 8k guests on a singlex86 server (LigthVM [Manco SOSP 2017]) ▌ High Performance l 10-40Gbit/s throughput with a single guest CPU (ClickOS [Martins NSDI 2014], Elastic CDNs [Kuenzer VEE 2017]) ▌ Reduced attack surface l Small trusted compute base l Strong isolation by hypervisor
  46. 46. 44 © NEC Corporation 2018 So unikernels are perfect right?
  47. 47. 45 © NEC Corporation 2018 The (Big) Downside with Unikernels ▌ Each optimized Unikernel is manually built l Building takes several months or longer l Potentially wash, rinse, repeat for each target application
  48. 48. Unikraft A Unikernel and Specialized OS Build Framework
  49. 49. 47 © NEC Corporation 2018 Unikraft Goals ▌ Severely reduce development time ▌ Simultaneously target multiple platforms l Xen l KVM l Bare metal (X86_64, ARM32, etc.) ▌ Allow simple customization of the unikernel without having to tweak the actual code
  50. 50. 48 © NEC Corporation 2018 The Unikraft Way Decompose OSes and libraries into primitives Recompose them to meet the needs of particular applications profiling memory allocator scheduler drivers timers filesystem network stack Application(s)
  51. 51. 49 © NEC Corporation 2018 The Unikraft Way profiling memory allocator scheduler drivers timers filesystem network stack Application(s) Once decomposed, we can pick and choose which parts/libraries we actually need for our application Decompose OSes and libraries into primitives Recompose them to meet the needs of particular applications
  52. 52. 50 © NEC Corporation 2018 architecture libs main libs platform libs libarm32arch.olibx86_64arch.o Libdockerplat.o Unikernels unicore_docker_x86_64unicore_bare_x86_64 unicore_bare_ARM32 unicore_bare_MIPS unicore_xen_x86_64 unicore_xen_ARM32 unicore_xen_MIPS unicore_kvm_x86_64 unicore_kvm_ARM32 unicore_kvm_MIPS drivers libconsole.o libixgbe.o libnetfront.o network stack liblwip.o libtcpip.o libhttp.o memory allocators libbuddy.o libheap.o libmempool.o filesystems libvfs.o libfat.o libext3.o runtimes libocaml.o libpython.o liberlang.o schedulers libcoop.o libpreempt.o librt.o debug&profiling libgdb.o libucdebug.o libperf.o standard libs libc.o libnewlibc.o libopenssl.o Unikraft Overview – Everything as a Library libbaremetalplat.o Libkvmplat.o libmipsarch.o libxenplat.o myapp SELECT APP 1SELECT&CONFIGLIBS2BUILD3RUN4
  53. 53. 51 © NEC Corporation 2018 Two Library Types ▌ Built-in: functionality specific to Unikraft (e.g., ukboot, ukschedpreempt, etc.) ▌ External: software projects external to Unikraft (e.g., lwip, micropython, etc.)
  54. 54. 52 © NEC Corporation 2018 Putting Things Together – The Unikraft Build Tool ▌ Kconfig/Makefile based ▌ Type “make menuconfig” ▌ Choose options in the menu that you want for your application ▌ Choose your target platform(s) l Xen, KVM, bare-metal, Linux ▌ Save your config and type “make” .config
  55. 55. 53 © NEC Corporation 2018 Example System ▌ Python Unikernel for KVM on x86_64 liballocbuddy.o libkvmplat.o libx86_64arch.o libconsole.o libfilesystem.o liblwip.o libschedcoop.o apppython.o Unikernel
  56. 56. 54 © NEC Corporation 2018 Example System ▌ VNF Unikernel for KVM on x86_64 liballocbuddy.o libkvmlat.o libx86_64arch.o libconsole.o libfilesystem.olibschedcoop.o libdpdk.o unikernel
  57. 57. Building a Unikraft Hello World App
  58. 58. 56 © NEC Corporation 2018 Repo Structure ▌ Clone the main Unikraft repo ▌ Clone any external library repos ▌ Create repo for the actual application !"" unikraft !"" unikraft-apps │ └── helloworld !"" unikraft-libs │ !"" axtls │ !"" lwip │ !"" micropython │ !"" newlib │ !"" python │ !"" toybox Unikraft repo (+ built-in libs) application repo(s) external libraries repos
  59. 59. 57 © NEC Corporation 2018 Hello World – Four Required Files (I) UK_ROOT ?= $(PWD)/../../unikraft UK_LIBS ?= $(PWD)/../../unikraft-libs LIBS := $(UK_LIBS)/newlib all: @make -C $(UK_ROOT) A=$(PWD) L=$(LIBS) $(MAKECMDGOALS): @make -C $(UK_ROOT) A=$(PWD) L=$(LIBS) $(MAKECMDGOALS) path to unikraft repo path to external libs external libs needed Makefile: specify where the main Unikraft repo is, as well as repos for external libraries
  60. 60. 58 © NEC Corporation 2018 Hello World – Four Required Files (II) $(eval $(call addlib,apphelloworld)) APPHELLOWORLD_SRCS-y += $(APPHELLOWORLD_BASE)/main.c register app with uk Build system Add main.c to build Makefile.uk: specifies the sources to build for the application
  61. 61. 59 © NEC Corporation 2018 Hello World – Four Required Files (III) ### Invisible option for dependencies config APPHELLOWORLD_DEPENDENCIES bool default y select LIBNOLIBC if !HAVE_LIBC ### App configuration config APPHELLOWORLD_PRINTARGS bool "Print arguments" default y help Prints argument list (argv) to stdout Config.uk: to populate Unikraft’s menu with application-specific option
  62. 62. 60 © NEC Corporation 2018 Hello World – Four Required Files (IV) #include <stdio.h> /* Import user configuration: */ #include <uk/config.h> int main(int argc, char *argv[]) { printf("Hello world!n"); #if APPHELLOWORLD_PRINTARGS int i; printf("Arguments: "); for (i=0; i<argc; ++i) printf(" "%s"", argv[i]); printf("n"); #endif } main.c: source file to provide (at least) a main() function Unikernel entry point after boot defined by Config.uk
  63. 63. Porting an External Library
  64. 64. 62 © NEC Corporation 2018 How To Port an External Library ▌ Most of the work revolves around ensuring Unikraft supports your lib’s dependencies à we’re working on this! J ▌ Write Makefile.uk and add the external library source files to it ▌ Sometimes a bit of glue code is needed l E.g., in newlib to link POSIX thread creation to Unikraft’s thread library
  65. 65. 63 © NEC Corporation 2018 How To Port an External Library – Makefile.uk ################################################################################ # Library registration ################################################################################ $(eval $(call addlib_s,libaxtls,$(LIBAXTLS))) ################################################################################ # Sources ################################################################################ # Nothing here: sources are small and included directly in the uk library repo # Note: sources are from axTLS-2.1.4.tar.gz . ################################################################################ # Library includes ################################################################################ CINCLUDES-y += -I$(LIBAXTLS_BASE)/include -I$(LIBAXTLS_BASE)/crypto -I$(LIBAXTLS_BASE)/ssl ################################################################################ # sources ################################################################################ LIBAXTLS_SRCS-y += $(LIBAXTLS_BASE)/crypto/aes.c LIBAXTLS_SRCS-y += $(LIBAXTLS_BASE)/crypto/bigint.c … LIBAXTLS_SRCS-y += $(LIBAXTLS_BASE)/crypto/sha512.c
  66. 66. Unikraft 0.2 Titan Current Status
  67. 67. 65 © NEC Corporation 2018 Available Libraries ▌ Main Libraries l libfdt •  Flat device tree parser l libnolibc •  A tiny libC replacement l libnewlib (external) •  Porting ongoing l libukalloc •  Memory allocator abstraction l libukallocbbuddy •  Binary buddy allocator for libukalloc l libukargparse •  Argument parser library l libukboot •  Unikraft bootstrapping l libukdebug •  Debug and kernel printing •  Assertions, hexdump l libuksched •  Scheduler abstraction l libukschedcoop •  Cooperative scheduler for libsched ▌ Architecture Libraries l libarmmath • 64bit arithmetic on ARMv7 ▌ Platform Libraries l libxenplat • Xen (PV) • X86_64, ARMv7 l libkvmplat • X86_64 l liblinuxu • Linux userspace • X86_64, ARMv7
  68. 68. 66 © NEC Corporation 2018 Coming Soon More on the way! l libukschedpreempt • Pre-emptive scheduler l libukswrand • Software random number generator l libukvirtio • Virtio driver l liblwip (external) • Network stack l libclick (external) • The Click modular router (e.g., for NFV) l libmicropython (external) • Micropython (Python for embedded devices) l libcpython (external) • Standard Python l libaxtls (external) • TLS support for embedded devices
  69. 69. 67 © NEC Corporation 2018 A Baseline Example… ▌ Xen PV x86_64 binary ▌ Boots and prints messages to debug console (with min. 208kB RAM) libnolibc.o libukboot.o libukdebug.o libxenplat.o unikraft_xen-x86_64.o (50,2kB) unikraft_xen-x86_64 (32,7kB) Final linking
  70. 70. Short Video/Demo It is real!
  71. 71. 69 © NEC Corporation 2018 ▌ Recently: Unikraft got released as Xen incubator project l OpenSource development under Xen and LinuxFoundation umbrella ▌ Have look on the Xen Pages and Wiki l https://www.xenproject.org/developers/teams/unikraft.html l https://wiki.xenproject.org/ ▌ Drop us an mail l minios-devel@lists.xen.org ▌ Join our IRC channel l #unikraft on Freenode ▌ We have plenty of open topics, get in touch with us! l http://sysml.neclab.eu It’s Open Source – Join Us!
  72. 72. This work has received funding from the European Union’s Horizon 2020 research and innovation program under grant agreement no. 671566 (“Superfluidity”). This work reflects only the author’s views and the European Commission is not responsible for any use that may be made of the information it contains.
  73. 73. Watch the video with slide synchronization on InfoQ.com! https://www.infoq.com/presentations/ unikraft-unikernels

×