What is Unikraft?

Unikraft is a Unikernel toolchain, which has abstracted a lot of the building of the unikernel and low-level systems to enable your application to run - improving the development experience for creating a tailored-fit operating system.

…What is a Unikernel?

A Unikernel is specialised software made to effectively replace traditional operating systems such as Linux, Windows or MacOS. By cutting out all the components that are not needed from these general purpose operating systems.

Advantages can be produced from the reduction in attack surface and optimisations from a much smaller codebase (image sizes being a couple of KB) in addition to efficient boot times, on par with typical containers and scaling well.

As such, with an increase in Microservice architectures and other services such as SaaS, library operating systems - Unikernels are quickly being considered a worthwhile niche.

Getting It Setup

Prerequisite Notes

To get started you will need to be using an apt-get system, I personally run a windows machine as my primary setup so I attempted to use a few solutions, Hyper-V does not support nested virtualisation for AMD CPUs yet so anything using Hyper-V and any Microsoft VM is out of the question. Secondly, I attempted to use Google Cloud systems however despite stating nested virtualisation is supported I could not find any way to enable it.

This led me to use VirtualBox, which fortunately allows for AMD-v to be enabled in the instances settings.

Configuring the VM

Next was getting the environment configured, ready to use kraft and begin running Unikraft instances.

Starting with KVM, of which the documentation can be accessed here - this is necessary due to kraft using this to create instances under the hood.

The rest of the configuration is straightforward and instructions can be accessed through the Unikraft website here.

Problems and Roadblocks

Aside from issues with AMD Virtualisation support, other issues have arisen since using Unikraft - one of these being:

Inappropriate ioctl for device

This error appeared after initalising, configuring, building my Unikernel and running it with kraft using

kraft run -p kvm -m x86_64

The problem for this is being addressed/already has been by the Unikraft team but it involves incompatible socat versions, requiring an upgrade or downgrade should you ever encounter it yourself.

The Porting Process

I have yet to really explore the process in porting the library I have chosen to Unikraft, however it is noteworthy that a good portion of the porting will be involved in the Unikraft Makefile and Config system, this defines the libraries and dependencies that your application will be relying on, whether they are core Unikraft libraries, or your own. Which by extension means if there is a dependency the application you are creating is not already supported you will need to consider porting those also which is where the bulk of the work seems to be.

Conclusion

From what I have experienced and from what I have read I personally find myself very enthusiastic about Unikraft, it brings implementing Unikernels into a much more friendly; abstracted workflow as opposed to the infamous reputation of a LibraryOS being difficult and costly to create. Further, using Unikraft is even better as more libraries and applications are ported to the toolchain, readily accessible.

Links!

If you would like to check out the Unikraft Project or learn more about Unikernels here are some links: