UKL: A Unikernel based on

Ali Raza, James Cadden, Tommy Unger, Parul Sohal, Ulrich Drepper, Richard Jones, Orran Krieger, Larry Woodman UnikernelsNormal Kernels

Application Application Application

Needed Memory Network Application Device Management Stack Drivers

Hardware More than 2X improved EbbRT Memcached throughput from Linux

Its website takes Advantages of Unikernels LING 25 MB memory ● Light weight ○ Small attack surface Produces network software that can ○ Faster boot times 5 million packets/s, boot time under 30 ms ● Improved performance ○ Avoid ring transitions ○ Application -specific optimizations Base VM starts at 1 MB size

Rumprun DNS compiles into 449 KB Problem: Development Model

Issues

● Clean slate ● Maintenance/testing ● Fork of an existing nightmare code base ● Lack of community

BU & Red Hat collaboratory New Development Model

Advantages

● Part of Linux and GlibC ● Re-use of the entire Linux and glibc code base! ● Incremental optimizations ● Unchanged Linux API guarantee to developers ● Maintained by community ● Support of all the existing devices drivers, file systems etc. ● VMs or bare metal deployment

Imagine a unikernel with GPU support! Is it even possible? Summer 2018 Implementation Details

● Minimal changes to Linux code ● Modest changes in glibc in a separate subtree UKLLinux Architecture Architecture

Application User Library

C Library

UKL Library

Kernel

Hardware UKL Architecture

Application User Library

C Library

UKL Library

Kernel

Hardware UKL Architecture

Application User Library

C Library C Library

UKL Library

Kernel Kernel

Hardware Next Steps

● Pthreads ○ Threading model and local storage ● Memcached ● Upstream acceptance Research Questions

● Performance and start time Use cases advantages ● Add optimizations from specialized ● Cloud workloads e.g., Memcached unikernels ● Functions as a service ● Explore security advantages ● Explore different use cases, e.g., HPC, embedded ● Optimize I/O intensive applications e.g., Ceph which uses SPDK and DPDK