What is so sexy about Unikernels ?

This is a 2 min read

Unikernels (sounds almost like unicorns) are the newest advancement or the latest buzzword in the infrastructure virtualisation space to the say the least. Unikernel.org and Wikipedia offer great definitions for unikernels, but I felt stacking it against other virtualization techniques will be a good addition to those definitions. So, here is a quick comparison and a brief timeline of the virtualisation space.

So what is it?

Unikernels are single address space machine images * compiled using library OS +. The intuition behind it is very simple: It is “configure your OS”. What if,  you could pick and choose only the bare minimum system software necessary to run your application? In essence, the deployable is not just a package of your application binary and dependencies,  it’s your application binaries fused with bare minimum OS binaries/libraries to interact with the underlying hardware for the functioning of your app. All that OS fluffs stripped and all you have a sexy slim and secure version for your app as a boot image instead of a binary. Compile your app into an Unikernel using any of many providers and use it as boot image on your bare metal or on a hypervisor. 

…and Why is it Sexy? 

Bending technicals norms for one’s needs is the new normal today. The advent of microservices, a design + deployment architecture pattern has reinvented how we write server-side logic for apps. Patterns like microservices can gain tremendously by using unikernel.  Your app footprints are smaller, hence takes less space. It packs less, hence faster boot time. As it only packs bare minimum OS code the attack surface is less hence security is considerably high which containers cannot offer. You could deploy them in embedded environments.  These will make even more sense when you are actually deploying in public clouds and paying for usage. Your cost goes down.

As a follow-up to this post, I will write a simple microservice using unikernels, deploy it in a cloud and share my experiences. Stay tuned. !



* Regular OS provides unique address space to maintains the distinction between the process and data belonging to each address space. a single address space operating system (or SASOS) is an operating system that provides for all processes only one globally shared virtual address space.

A library operating system is one in which the services that a typical operating system provides, such as networking, are provided in the form of libraries. These libraries are composed with the application and configuration code to construct unikernels – which are specialised, single address space, machine images that can be deployed to a cloud or embedded environments.