Unikernels are specialized operating system images that execute a single application. Through extreme specialization they can provide high performance, small memory footprints, fast boot times, and a reduced attack vector.
This talk will provide an overview of Unikraft (https://unikraft.org), a Linux Foundation project that provides a toolikit for creating highly specialized unikernels by combining a set of micro-libraries to tailor down the operating system strictly to the needs of the executing application.
Specifically we will look at what Unikraft is and what it can be used for; how Unikraft achieves millisecond boot times, memory footprints in the order of KiB, and guaranteed higher performance in commonly deployed applications that Linux; Unikraft's security properties, both in terms of a reduced trusted compute base (TCB), and also in terms of supported security mitigations; ways to migrate existing applications to Unikraft with minimal effort both at the source level (POSIX), the binary level (Linux ABI), or through Unikraft's support for interpreted languages like Go, Javascript, Python, Rust, and WebAssembly; and - last but not least - the amazing and evergrowing open source community of Unikraft.
