Unikernels are specialized operating system images that execute a single application. Through extreme specialization they can provide high performance, small memory footprints, fast boot times, and a reduced attack vector.
This talk will provide an overview of Unikraft (https://unikraft.org), a Linux Foundation project that provides a toolikit for creating highly specialized unikernels by combining a set of micro-libraries to tailor down the operating system strictly to the needs of the executing application.
Specifically we will look at what Unikraft is and what it can be used for; how Unikraft achieves millisecond boot times, memory footprints in the order of KiB, and guaranteed higher performance in commonly deployed applications that Linux; Unikraft's security properties, both in terms of a reduced trusted compute base (TCB), and also in terms of supported security mitigations; ways to migrate existing applications to Unikraft with minimal effort both at the source level (POSIX), the binary level (Linux ABI), or through Unikraft's support for interpreted languages like Go, Javascript, Python, Rust, and WebAssembly; and - last but not least - the amazing and evergrowing open source community of Unikraft.
Quick Info
Content
Speaker
Michalis Pappas
Michalis is an engineer specializing in ARM-based systems, security, and virtualization technologies. He currently works on lightweight virtualization at unikraft.io and is an active contributor to the open-source Unikraft project. Previously, he worked on board bring-up, secure boot, trusted execution environments, and virtualization for embedded automotive systems.