With service providers ever on the lookout for better New IP technologies, the evolution of hypervisor-based solutions -- along with vSwitch alternatives that may lead to the hypervisor's eventual extinction -- has attracted significant attention.
One hypervisor-based option -- and traditional virtualization alternative -- that is gaining traction is the unikernel, a teeny, tiny (we're talking kilo bytes, here) virtual machine that runs on its very own Linux kernel. As such, it is an extremely specialized and, yet, extremely flexible and agile VM; it thereby may well extend the useful life of the hypervisor. (See On the Evolution & Extinction of the vSwitch.)
The unikernel image contains no more than the application itself and just enough to make that application run; there is no extraneous code. Sitting right on the hypervisor (which itself sits right on the hardware), a unikernel VM keeps the software stack minimal.
Naturally, then, the best avenues for unikernel deployment are new projects which can be developed specially for a unikernel.
"To fully benefit from the unikernel approach the application typically has to be written with the unikernel in mind -- i.e., legacy code would have to be rewritten," cautions Amir Chaudhry, programme manager of the Systems Research Group at the University of Cambridge Computer Laboratory, in an email interview with The New IP for this two-part story. "That means that existing projects would find it more difficult to benefit from the efficiency gains."
Nonetheless, several open-source enthusiasts commend unikernels as nimble, efficient and highly scalable. Russell Pavlicek, senior product manager and Xen Project evangelist at Citrix, noted in a presentation at last year's Central Pennsylvania Open Source Conference that unikernels eliminate the need for a full, general purpose OS (along with unnecessary functions and utilities).
"[Unikernels] use just enough to do the job," explained Pavlicek -- no more, no less.
Not everyone is sold on the efficiency of unikernels, however.
"Containers allow for what amounts to a 'patch once' scenario, where new containers can be rapidly rolled out," says Mark Coggin, senior marketing director for the Platforms Business Unit at Red Hat, in an email interview with The New IP. "Contrast this with what likely is required for patching a unikernel -- pulling down each instance and then restarting each instance with a patched kernel. This cripples whatever applications are being powered by the unikernels and causes an undue burden on IT in terms of the actual process of patching."
Lars Kurth, Xen Project advisory board chairman, counters that the overall development and delivery cycle for unikernels and containers, respectively, are similar enough to each other.
"A user would compile an application in their local environment [where] there are richer development tools... and then recompile for deployment (e.g., on top of Xen)," writes Kurth in an email to The New IP. "Once compiled for the cloud, you have a single image that can easily be deployed in any Xen-based cloud. So all in all, the model isn't all that different [from] the 'build once, deploy everywhere' model used by Docker."
Most unikernel deployments run on Xen (perhaps helping to account for Coggin's distrust of them, Red Hatter that he is), although Cloudius Systems' OSv, which offers what Pavlicek calls a non-standard unikernel, can also run on VMware and even Red Hat's KVM.
Additionally, OSv, according to Chaudhry and Kurth, is an example of a unikernel deployment that can be used with existing codebases and applications, offering the added flexibility and agility benefits of unikernels to older projects that were not originally built specifically for a unikernel.
Still, Pavlicek and others acknowledge that the unikernel is not a one-size-fits-all hat (Red or otherwise) -- and that different virtualization solutions can live together harmoniously.
"Traditional VMs are more useful for general-purpose computation, where users are likely to access the machines directly and need to interact with the software running there," writes Chaudhry. "Containers offer a way to take legacy code for traditional VMs and streamline the management and deployment of it."
Pavlicek agrees. "The truth is that different problems are likely to require different optimal solutions for the foreseeable future," he averred. "It is likely that the solution spectrum of the next few years will include a blend of unikernels, containers and standard virtualization -- but the arrival of unikernels means that the bar to efficiency has been raised to new heights."
— Joe Stanganelli, Freelance Contributor, special to The New IP