O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
UnikernelsUnikernels
The new kids on the block
Jakub Jermář
jermar@avast.com
@jjermar
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 2
Original software stackOriginal softw...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 3
Application
Kernel
Hardware
Adding no...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 4
Memory management
Scheduler
Device dr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 5
Memory management
Scheduler
Device dr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 6
Vertical slice of the stackVertical s...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 7
Memory management
Scheduler
Device dr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 8
Memory management
Scheduler
Device dr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 9
Memory management
Scheduler
Device dr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 10
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 11
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 12
Vertical slice of the stackVertical ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 13
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 14
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 15
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 16
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 17
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 18
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 19
Memory management
Scheduler
Device d...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 20
Back to the rootsBack to the roots
U...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 21
Back to the rootsBack to the roots
H...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 22
Unikernels...Unikernels...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 23
Unikernels...Unikernels...
single pu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 24
Unikernels...Unikernels...
include o...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 25
Unikernels...Unikernels...
are quite...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 26
Unikernels...Unikernels...
are quite...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 27
Unikernels...Unikernels...
are quite...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 28
Unikernels...Unikernels...
have very...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 29
Unikernels...Unikernels...
have very...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 30
Unikernels...Unikernels...
have very...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 31
Unikernels...Unikernels...
run in a ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 32
Unikernels...Unikernels...
no privil...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 33
Unikernels...Unikernels...
usually t...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 34
Unikernels...Unikernels...
usually t...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 35
Unikernels...Unikernels...
usually t...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 36
Unikernels...Unikernels...
some run ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 37
Unikernels...Unikernels...
and even ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 38
Unikernels...Unikernels...
implement...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 39
Unikernels...Unikernels...
implement...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 40
Unikernels...Unikernels...
but also ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 41
Unikernels...Unikernels...
but also ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 42
Unikernels...Unikernels...
but also ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 43
The ZOOThe ZOO
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 44
Rumprun + rump kernelsRumprun + rump...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 45
MirageOSMirageOS
http://mirage.io
Fr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 46
HaLVMHaLVM
http://halvm.org
From-scr...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 47
ClickOS (C/C++)
Clive (Go)
Drawbridg...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 48
DemoDemo
Keep your fingers crossed!
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 49
Not a moment, but a movementNot a mo...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 50
Discussion: which architecture?Discu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 51
Discussion: which architecture?Discu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 52
Discussion: which architecture?Discu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 53
Discussion: which architecture?Discu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 54
Discussion: which architecture?Discu...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 55
Unikernels and DockerUnikernels and ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 56
Unikernels and DockerUnikernels and ...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 57
Unikernels,
meet Docker!
Unikernel
S...
Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 58
Q&A
www.unikernel.org
Thank you!Than...
Próximos SlideShares
Carregando em…5
×

Unikernels: The new kids on the block

Slides from my Avast TechTalk on Unikernels, from the perspective of a microkernel guy.

  • Entre para ver os comentários

Unikernels: The new kids on the block

  1. 1. UnikernelsUnikernels The new kids on the block Jakub Jermář jermar@avast.com @jjermar
  2. 2. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 2 Original software stackOriginal software stack Application Hardware
  3. 3. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 3 Application Kernel Hardware Adding non-privileged modeAdding non-privileged mode
  4. 4. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 4 Memory management Scheduler Device drivers TCP/IP stack File systems Bootstrap code Modern desktopModern desktop Hardware Kernel System libraries Application libraries Application Runtime environment System libraries Application libraries Application System libraries Application libraries Application System libraries Application libraries Application System libraries Application libraries Application Runtime environment System libraries Application libraries Application Runtime environment
  5. 5. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 5 Memory management Scheduler Device drivers Bootstrap code Hardware Hypervisor VM Modern data centerModern data center
  6. 6. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 6 Vertical slice of the stackVertical slice of the stack Memory management Scheduler Device drivers Bootstrap code Hardware Memory management Scheduler Device drivers TCP / IP stack File systems Bootstrap code System libraries Application libraries Applications Runtime environment
  7. 7. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 7 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment
  8. 8. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 8 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS
  9. 9. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 9 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill?
  10. 10. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 10 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center?
  11. 11. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 11 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential?
  12. 12. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 12 Vertical slice of the stackVertical slice of the stack Memory management Scheduler Device drivers Bootstrap code Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential?
  13. 13. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 13 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential? How many SPOFs?
  14. 14. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 14 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential? How many SPOFs?
  15. 15. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 15 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential? How many SPOFs? When not to do this?
  16. 16. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 16 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator | Address spaces Threads | Processes ATA | SATA | E1000 | RTL8169 | USB IPv4 | IPv6 | UDP | TCP | ARP | ICMP Ext4 | FAT | TMPS | ISO9660 Bootstrap code System libraries lib1 | lib2 | lib3 | lib4 bash | ssh | Nginx | MySQL Runtime environment General purpose OS Is this an overkill? For a VM in a data center? What parts are essential? How many SPOFs? When not to do this? What's left?
  17. 17. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 17 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator Threads SATA | RTL8169 IPv6 | TCP Ext4 Bootstrap code System libraries lib1 | lib3 Nginx General purpose OS Is this an overkill? For a VM in a data center? What parts are essential? How many SPOFs? When not to do this? What's left?
  18. 18. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 18 Memory management Scheduler Device drivers Bootstrap code Vertical slice of the stackVertical slice of the stack Hardware Allocator Threads SATA | RTL8169 IPv6 | TCP Ext4 Bootstrap code System libraries lib1 | lib3 Nginx Unikernel
  19. 19. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 19 Memory management Scheduler Device drivers Bootstrap code Hardware Allocator Threads SATA | RTL8169 IPv6 | TCP Ext4 Bootstrap code System libraries lib1 | lib3 Nginx Unikernel Hardware Allocator E1000 IPv4 | UDP Bootstrap code System libraries lib1 | lib2 dhcp Vertical slice of the stackVertical slice of the stack
  20. 20. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 20 Back to the rootsBack to the roots Unikernel Hardware
  21. 21. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 21 Back to the rootsBack to the roots Hypervisor Unikernel Hardware
  22. 22. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 22 Unikernels...Unikernels...
  23. 23. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 23 Unikernels...Unikernels... single purpose OS images
  24. 24. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 24 Unikernels...Unikernels... include only what they need
  25. 25. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 25 Unikernels...Unikernels... are quite small
  26. 26. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 26 Unikernels...Unikernels... are quite small [rumprun­packages/nginx]$ file nginx.bin nginx.bin: ELF 64­bit LSB executable, x86­64, version 1 (SYSV), statically linked, not  stripped [rumprun­packages/nginx]$ ls ­sh nginx.bin; strip nginx.bin; ls ­sh nginx.bin 33M nginx.bin 5.4M nginx.bin
  27. 27. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 27 Unikernels...Unikernels... are quite small [rumprun­packages/nginx]$ file nginx.bin nginx.bin: ELF 64­bit LSB executable, x86­64, version 1 (SYSV), statically linked, not  stripped [rumprun­packages/nginx]$ ls ­sh nginx.bin; strip nginx.bin; ls ­sh nginx.bin 33M nginx.bin 5.4M nginx.bin
  28. 28. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 28 Unikernels...Unikernels... have very short boot times
  29. 29. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 29 Unikernels...Unikernels... have very short boot times [HaLVM/examples/Core/Null]$ time (sudo xl create Null.config; sudo xl dmesg ­c) Parsing config from Null.config (d80) Starting 1­CPU HaLVM (d80) init_sp: 0x00000000004ba000 (d80) self:    0x00000000004b9f6e (XEN) grant_table.c:1249:d80 Expanding dom (80) grant table from (4) to (32) frames. (d80) Exit called with 0 real 0m0.154s user 0m0.026s sys 0m0.087s
  30. 30. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 30 Unikernels...Unikernels... have very short boot times DNS query start! donereply request [HaLVM/examples/Core/Null]$ time (sudo xl create Null.config; sudo xl dmesg ­c) Parsing config from Null.config (d80) Starting 1­CPU HaLVM (d80) init_sp: 0x00000000004ba000 (d80) self:    0x00000000004b9f6e (XEN) grant_table.c:1249:d80 Expanding dom (80) grant table from (4) to (32) frames. (d80) Exit called with 0 real 0m0.154s user 0m0.026s sys 0m0.087s https://github.com/mirage/jitsu Client DNS server Micro service
  31. 31. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 31 Unikernels...Unikernels... run in a single address space
  32. 32. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 32 Unikernels...Unikernels... no privilege levels to cross
  33. 33. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 33 Unikernels...Unikernels... usually target hypervisors
  34. 34. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 34 Unikernels...Unikernels... usually target hypervisors Xen PV Unikernel domU Xen PV driver frontend dom0 Xen PV driver backend
  35. 35. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 35 Unikernels...Unikernels... usually target hypervisors VirtIO PV driver backend QEMU/KVM/VirtualBox Unikernel VirtIO PV driver frontend Xen PV Unikernel domU Xen PV driver frontend dom0 Xen PV driver backend
  36. 36. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 36 Unikernels...Unikernels... some run on bare metal too
  37. 37. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 37 Unikernels...Unikernels... and even on top of Unix
  38. 38. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 38 Unikernels...Unikernels... implemented in C
  39. 39. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 39 Unikernels...Unikernels... implemented in C void quicksort(int array[], int left_begin, int right_begin) { int pivot = array[(left_begin + right_begin) / 2]; int left_index, right_index, pom; left_index = left_begin; right_index = right_begin; do { while (array[left_index] < pivot && left_index < right_begin) left_index++; while (array[right_index] > pivot && right_index > left_begin) right_index--; if (left_index <= right_index) { pom = array[left_index]; array[left_index++] = array[right_index]; array[right_index--] = pom; } } while (left_index < right_index); if (right_index > left_begin) quicksort(array, left_begin, right_index); if (left_index < right_begin) quicksort(array, left_index, right_begin); }
  40. 40. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 40 Unikernels...Unikernels... but also in high-level languages
  41. 41. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 41 Unikernels...Unikernels... but also in high-level languages quickSort :: Ord a => [a] -> [a] quickSort [] = [] quickSort (x:xs) = quickSort [a | a <- xs, a < x] ++ [x] ++ quickSort [a | a <- xs, a >= x]
  42. 42. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 42 Unikernels...Unikernels... but also in high-level languages quickSort :: Ord a => [a] -> [a] quickSort [] = [] quickSort (x:xs) = quickSort [a | a <- xs, a < x] ++ [x] ++ quickSort [a | a <- xs, a >= x] let rec qsort = function | [] -> [] | pivot :: rest -> let is_less x = x < pivot in let left, right = List.partition is_less rest in qsort left @ [pivot] @ qsort right
  43. 43. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 43 The ZOOThe ZOO
  44. 44. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 44 Rumprun + rump kernelsRumprun + rump kernels http://rumpkernel.org existing POSIX applications anykernel (NetBSD) → file systems, POSIX layer, device drivers, TCP/IP, storage stack → a rump kernel Xen PV/QEMU/KVM rumprun Rump kernel Application Hardware rumprun Rump kernel Application
  45. 45. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 45 MirageOSMirageOS http://mirage.io From-scratch implementation in OCaml mirage-tcpip, mirage-net-xen, ocaml-cohttp, mirage-block-xen, ocaml-fat Xen PV Mini-OS/rumprun Libs & OCaml runtime Application QEMU/KVM Solo5/rumprun Libs & OCaml runtime Application Unix Libs & OCaml runtime Application
  46. 46. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 46 HaLVMHaLVM http://halvm.org From-scratch implementation in Haskell HaNS, Halfs, http-server Xen PV HaLVM Application
  47. 47. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 47 ClickOS (C/C++) Clive (Go) Drawbridge (C) IncludeOS (C++) LING (Erlang) OSv (C, JVM, Ruby, Node.js) runtime.js (JavaScript) And othersAnd others
  48. 48. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 48 DemoDemo Keep your fingers crossed!
  49. 49. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 49 Not a moment, but a movementNot a moment, but a movement
  50. 50. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 50 Discussion: which architecture?Discussion: which architecture?
  51. 51. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 51 Discussion: which architecture?Discussion: which architecture? Hypervisor Unikernel Libs |TCP/IP | file system | drivers Hardware Unikernel Libs | file system | drivers Unikernel Libs |TCP/IP | drivers
  52. 52. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 52 Discussion: which architecture?Discussion: which architecture? Container / Zone Hardware Kernel TCP / IP | file system | drivers Container / Zone Microservice Libs Microservice Libs Microservice Libs
  53. 53. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 53 Discussion: which architecture?Discussion: which architecture? Hardware Microkernel Microservice Libs Microservice Libs TCP/IP Libs File system Libs Drivers Libs
  54. 54. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 54 Discussion: which architecture?Discussion: which architecture? Your mileage may vary
  55. 55. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 55 Unikernels and DockerUnikernels and Docker
  56. 56. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 56 Unikernels and DockerUnikernels and Docker
  57. 57. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 57 Unikernels, meet Docker! Unikernel Systems is now part of Docker Unikernels and DockerUnikernels and Docker
  58. 58. Unikernels: The new kids on the block, Jakub Jermář, Avast TechTalk, March 4, 2016 58 Q&A www.unikernel.org Thank you!Thank you!

×