skip to main content
research-article

Unikernels: library operating systems for the cloud

Published:16 March 2013Publication History
Skip Abstract Section

Abstract

We present unikernels, a new approach to deploying cloud services via applications written in high-level source code. Unikernels are single-purpose appliances that are compile-time specialised into standalone kernels, and sealed against modification when deployed to a cloud platform. In return they offer significant reduction in image sizes, improved efficiency and security, and should reduce operational costs. Our Mirage prototype compiles OCaml code into unikernels that run on commodity clouds and offer an order of magnitude reduction in code size without significant performance penalty. The architecture combines static type-safety with a single address-space layout that can be made immutable via a hypervisor extension. Mirage contributes a suite of type-safe protocol libraries, and our results demonstrate that the hypervisor is a platform that overcomes the hardware compatibility issues that have made past library operating systems impractical to deploy in the real-world.

References

  1. D. R. Engler, M. F. Kaashoek, and J. O'Toole, Jr. Exokernel: an operating system architecture for application-level resource management. In Proc. 15th ACM Symposium on Operating Systems Principles (SOSP), pages 251--266, Copper Mountain, CO, USA, December 3-6 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Ian M. Leslie, Derek McAuley, Richard Black, Timothy Roscoe, Paul T. Barham, David Evers, Robin Fairbairns, and Eoin Hyden. The design and implementation of an operating system to support distributed multimedia applications. IEEE Journal of Selected Areas in Communications, 14(7):1280--1297, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Donald E. Porter, Silas Boyd-Wickizer, Jon Howell, Reuben Olinsky, and Galen C. Hunt. Rethinking the library OS from the top down. In Proc. 16th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), pages 291--304, Newport Beach, CA, USA, March 5-11 201. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Galen C. Hunt and James R. Larus. Singularity: rethinking the software stack. SIGOPS Operating Systems Review, 41(2):37--49, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Glenn Ammons, Jonathan Appavoo, Maria Butrico, Dilma Da Silva, David Grove, Kiyokuni Kawachiya, Orran Krieger, Bryan Rosenburg, Eric Van Hensbergen, and Robert W. Wisniewski. Libra: a library operating system for a JVM in a virtualized execution environment. In Proc. 3rd International Conf. on Virtual Execution Environments (VEE), pages 44--54, San Diego, CA, USA, June 13-15 2007. ACM. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the Art of Virtualization. In Proc. 19th ACM Symposium on Operating Systems Principles (SOSP), pages 164--177, Bolton Landing, NY, USA, October 19-22 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. US-CERT/NIST. CVE-2012-1182, February 2012.Google ScholarGoogle Scholar
  8. US-CERT/NIST. CVE-2012-2110, April 2012.Google ScholarGoogle Scholar
  9. Eelco Dolstra, Andres LOh, and Nicolas Pierron. Nixos: A purely functional Linux distribution. J. Funct. Program., 20(5-6):577--615, November 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Galen Hunt, Mark Aiken, Manuel Fähndrich, Chris Hawblitzel, Orion Hodson, James Larus, Steven Levi, Bjarne Steensgaard, David Tarditi, and Ted Wobber. Sealing OS processes to improve dependability and safety. SIGOPS Operating Systems Review, 41(3):341--354, March 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Theo De Raadt. Exploit mitigation techniques. http://www.openbsd.org/papers/auug04, 2004.Google ScholarGoogle Scholar
  12. David Scott, Richard Sharp, Thomas Gazagnaire, and Anil Madhavapeddy. Using functional programming within an industrial product group: perspectives and perceptions. In Proc. 15th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 87--92, Baltimore, Maryland, USA, September 27-29 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Thomas Gazagnaire and Vincent Hanquez. Oxenstored: an efficient hierarchical and transactional database using functional programming with reference cell comparisons. SIGPLAN Notices, 44(9):203--214, August 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Patrick Colp, Mihir Nanavati, Jun Zhu,William Aiello, George Coker, Tim Deegan, Peter Loscocco, and Andrew Warfield. Breaking up is hard to do: security and functionality in a commodity hypervisor. In Proc. 23rd ACM Symposium on Operating Systems Principles (SOSP), pages 189--202, Cascais, Portugal, October 23-26 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. A. Baumann, P. Barham, P. Dagand, T. Harris, R. Isaacs, S. Peter, T. Roscoe, A. Schupbach, and A. Singhania. The multikernel: a new OS architecture for scalable multicore systems. In Proc. 22nd ACM Symposium on Operating Systems Principles (SOSP), pages 29--44, Big Sky, MT, USA, October 11-14 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. On the effectiveness of address-space randomization. In Proc. 11th ACM Conference on Computer and Communications Security (CCS), pages 298--307, Washington DC, USA, October 25-29 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Keir Fraser, Steven Hand, Rolf Neugebauer, Ian Pratt, Andrew Warfield, and Mark Williamson. Safe hardware access with the Xen virtual machine monitor. In Proc. 1st Workshop on Operating System and Architectural Support for the on demand IT InfraStructure (OASIS), Boston, MA, USA, October 7--13 2004.Google ScholarGoogle Scholar
  18. Jerome Vouillon. Lwt: a cooperative thread library. In Proc. 2008 ACM SIGPLAN workshop on ML, pages 3--12, Victoria, BC, Canada, September 21 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Anil Madhavapeddy, Richard Mortier, Ripduman Sohan, Thomas Gazagnaire, Steven Hand, Tim Deegan, Derek McAuley, and Jon Crowcroft. Turning down the LAMP: Software specialisation for the cloud. In 2nd USENIX Workshop on Hot Topics in Cloud Computing, June 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Andrew Warfield, Keir Fraser, Steven Hand, and Tim Deegan. Facilitating the development of soft devices. In Proc. USENIX Annual Technical Conference, pages 379--382, April 10--15 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Edoardo Biagioni. A Structured TCP in Standard ML. In Proc. ACM SIGCOMM, pages 36--45, London, UK, Aug. 31--Sep. 02 1994. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Anil Madhavapeddy, Alex Ho, Tim Deegan, David Scott, and Ripduman Sohan. Melange: creating a "functional" Internet. SIGOPS Operating Systems Review, 41(3):101--114, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Oleg Kiselyov. Iteratee IO: safe, practical, declarative input processing. http://okmij.org/ftp/Streams.html, 2008.Google ScholarGoogle Scholar
  24. Chuck Silvers. UBC: an efficient unified I/O and memory caching subsystem for NetBSD. In Proc. USENIX Annual Technical Conference, pages 285--290, San Diego, CA, USA, June 18--23 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Steven M. Hand. Self-paging in the Nemesis operating system. In Proc. 3rd USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 73--86, February 22--25 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. President's Council of Advisors on Science and Technology. Report to the President and Congress: Designing a Digital Future: Federally Funded R&D in Networking and IT, December 2010.Google ScholarGoogle Scholar
  27. OpenFlow Consortium. OpenFlow. http://openflow.org/.Google ScholarGoogle Scholar
  28. Charalampos Rotsos, Nadi Sarrar, Steve Uhlig, Rob Sherwood, and Andrew W. Moore. OFLOPS: An open framework for OpenFlow switch evaluation. In Proc. Passive and Active Measurements Conference (PAM), Vienna, Austria, March 12--14 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Zheng Cai, Alan L. Cox, and T. S. Eugene Ng. Maestro: A system for scalable OpenFlow control. Technical Report TR-10-11, Rice University.Google ScholarGoogle Scholar
  30. N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker. NOX: towards an operating system for networks. SIGCOMM Computer Communications Review, 38:105--110, July 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Derek Gordon Murray, Grzegorz Milos, and Steven Hand. Improving Xen security through disaggregation. In Proc. 4th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE), pages 151--160, Seattle,WA, USA, March 5--7 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. B. Vaugon, Philippe Wang, and Emmanuel Chailloux. Les microcontr oleurs pic programmes en Objective Caml. In Vingt-deuxiemes Journees Francophones des Langages Applicatifs (JFLA 2011), volume Studia Informatica Universalis, pages 177--207. Hermann, 2011.Google ScholarGoogle Scholar
  33. T. Hallgren, M. P. Jones, R. Leslie, and A. Tolmach. A Principled Approach to Operating System construction in Haskell. SIGPLAN Notices, 40(9):116--128, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Galois Inc. HalVM. http://halvm.org/.Google ScholarGoogle Scholar
  35. Oracle. GuestVM. http://labs.oracle.com/projects/guestvm/shared/guestvm/guestvm/index.html.Google ScholarGoogle Scholar
  36. B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, and S. Eggers. Extensibility, safety and performance in the SPIN operating system. SIGOPS Operating Systems Review, 29(5):267--283, December 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. David Mosberger and Larry L. Peterson. Making paths explicit in the Scout operating system. In Proc. 2nd USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 153--167, Seattle, WA, United States, October 28-31 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. F. Kaashoek, D. Engler, G. Ganger, H. Brice no, R. Hunt, D. Mazieres, T. Pinckney, R. Grimm, J. Jannotti, and K. Mackenzie. Application performance and flexibility on exokernel systems. In Proc. 16th ACM Symposium on Operating Systems Principles (SOSP), pages 52--65, Saint Malo, France, October 5--8 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Bryan Ford, Godmar Back, Greg Benson, Jay Lepreau, Albert Lin, and Olin Shivers. The Flux OSKit: a substrate for kernel and language research. In Proc. 16th ACM Symposium on Operating Systems Principles (SOSP), pages 38--51, Saint Malo, France, October 5--8 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. The OpenSSL Project. OpenSSL. http://openssl.org/.Google ScholarGoogle Scholar
  41. Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, and Vitaly Shmatikov. The most dangerous code in the world: validating SSL certificates in non-browser software. In Proc. 19th ACM Conference on Computer and Communications Security (CCS), pages 38--49, Raleigh, NC, USA, October 16--18 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. George C. Necula, Scott McPeak, Shree Prakash Rahul, and Westley Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In Proc. 11th International Conference on Compiler Construction (CC), LNCS 2304, pages 213--228, Grenoble, France, April 8--12 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. George C. Necula, Scott McPeak, andWestleyWeimer. Ccured: typesafe retrofitting of legacy code. In Proc. 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 128--139, January 16--18 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. Facebook. HipHop for PHP. https://github.com/facebook/hiphop-php/wiki/, February 2010.Google ScholarGoogle Scholar
  45. Jeffrey Dean and Sanjay Ghemawat. MapReduce: simplified data processing on large clusters. In Proc. 6th USENIX Symposium on Operating Systems Design & Implementation (OSDI), pages 137--150, San Francisco, CA, USA, December 6--8 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Apache. Hadoop. http://hadoop.apache.org, April 2012.Google ScholarGoogle Scholar
  47. Michael Isard, Mihai Budiu, Yuan Yu, Andrew Birrell, and Dennis Fetterly. Dryad: distributed data-parallel programs from sequential building blocks. In Proc. 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems (EuroSys), pages 59--72, Lisbon, Portugal, March 21--23 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Niels Provos, Markus Friedl, and Peter Honeyman. Preventing privilege escalation. In Proc. 12th USENIX Security Symposium (SSYM), pages 231--242, Washington DC, USA, August 4--8 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Bill Childers. Build your own cloud with Eucalyptus. Linux J., 2010(195), July 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Jeff Lewis. Cryptol: specification, implementation and verification of high-grade cryptographic applications. In Proc. ACM Workshop on Formal Methods in Security Engineering (FMSE), page 41, Fairfax, Virginia, USA, November 2 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Reynald Affeldt, David Nowak, and Yutaka Oiwa. Formal network packet processing with minimal fuss: invertible syntax descriptions at work. In Proc. 6th Workshop on Programming Languages meets Program Verification (PLPV), pages 27--36, January 24 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Nicolas Oury. Observational equivalence and program extraction in the Coq proof assistant. In Proc. 6th International Conference on Typed Lambda Calculi and Applications (TLCA), LNCS 2701, pages 271--285, Valencia, Spain, June 10--12 2003. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Xavier Leroy. Formal certification of a compiler back-end, or: programming a compiler with a proof assistant. In Proc. 33rd ACM Symposium on Principles of Programming Languages (POPL), pages 42--54, Charleston, SC, USA, January 11--13 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. seL4: formal verification of an OS kernel. In Proc. 22nd ACM Symposium on Operating Systems Principles (SOSP), pages 207--220, Big Sky, MT, USA, October 11--14 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Unikernels: library operating systems for the cloud

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM SIGPLAN Notices
        ACM SIGPLAN Notices  Volume 48, Issue 4
        ASPLOS '13
        April 2013
        540 pages
        ISSN:0362-1340
        EISSN:1558-1160
        DOI:10.1145/2499368
        Issue’s Table of Contents
        • cover image ACM Conferences
          ASPLOS '13: Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
          March 2013
          574 pages
          ISBN:9781450318709
          DOI:10.1145/2451116

        Copyright © 2013 ACM

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 16 March 2013

        Check for updates

        Qualifiers

        • research-article

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!