ACE Seminar: Unikernels: Library operating systems for the masses

Speaker: Dr Anil Madhavapeddy

Date/Time: 01-Jan-1970, 00:00 UTC




Much cloud infrastructure consists of small microservices that interoperate via standard protocols as HTTPS.  Unikernels are a new technique that specialises the deployed service into a tiny, domain-specific kernel that eliminates any unnecessary pieces and runs in a single address space.  Some unikernels (such as MirageOS) even offer full memory safety down to the device drivers, and can run on tiny ARM devices as well as cloud hypervisors.

Tooling for unikernels is still nascent, but advancing fast.  One of their key advantages is that the innards of the service is no longer a mystery novel.  Instead, every single component is exposed as a library, and can be manipulated and monitored easily.

In this talk, I'll describe some of the open-source unikernel ecosystem that is gaining steam, with a particular focus on how deployed security can be dramatically improved as a result of this technique.  I'll start gently with a background into library operating systems, and give a demonstration of MirageOS building its self-hosting infrastructure to finish.


Anil Madhavapeddy is faculty at the Cambridge Computer Laboratory where he hacks on programming  languages and operating systems, and also the CTO of Unikernel Systems. He has moved back and forth from industry and academia over the years, with stints at XenSource, Citrix, Intel, NetApp and the NASA Mars program.  It's all tied together by open source code: he leads the MirageOS unikernel project with the Linux Foundation and contributes to OCaml, Xen, OpenBSD and many other codebases.

This page was last modified on 27 Mar 2014.