Our great sponsors
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
For instance the filesystems have no permissions because there are no users because it is only running one process. Linux is ~30M LOC and half of that is drivers. When you deploy to a cloud you only really need a handful of drivers - something to talk to the disk, the network, a clock, etc. That's very different than deploying to bare metal servers where you have hundreds of different nics, usb, disk drives, etc. .... but it goes a lot further than that. The CFS scheduler and others are written specifically with the intention that the operating system is going to have to manage tens or hundreds of applications with tens of users. If you go to AWS and boot up a linux instance you'll find around a hundred programs running without you installing anything - even if it is on a vm with only one thread. Multiple processes which unikernels eschew come with a ton of baggage. Shared memory, IPC calls, scheduling, permissions, etc. We used to get questions asking why we didn't just make patches to linux (which this paper argues for btw) and the answer is simple - doing so is actually more work and harder to deal with than just writing a new unikernel specific kernel from scratch which is what we did. Might be worth pointing out that I've worked at a unikernel company for the past 5 years that is in charge of the open source https://nanos.org and https://ops.city toolchains.
For instance the filesystems have no permissions because there are no users because it is only running one process. Linux is ~30M LOC and half of that is drivers. When you deploy to a cloud you only really need a handful of drivers - something to talk to the disk, the network, a clock, etc. That's very different than deploying to bare metal servers where you have hundreds of different nics, usb, disk drives, etc. .... but it goes a lot further than that. The CFS scheduler and others are written specifically with the intention that the operating system is going to have to manage tens or hundreds of applications with tens of users. If you go to AWS and boot up a linux instance you'll find around a hundred programs running without you installing anything - even if it is on a vm with only one thread. Multiple processes which unikernels eschew come with a ton of baggage. Shared memory, IPC calls, scheduling, permissions, etc. We used to get questions asking why we didn't just make patches to linux (which this paper argues for btw) and the answer is simple - doing so is actually more work and harder to deal with than just writing a new unikernel specific kernel from scratch which is what we did. Might be worth pointing out that I've worked at a unikernel company for the past 5 years that is in charge of the open source https://nanos.org and https://ops.city toolchains.