Skip to main content

Running Unikernels from Existing Linux Applications with OPS

Unikernels are an emerging deployment pattern that engineers are choosing over Linux and Docker because of their performance, security and size. Researchers from NEC are reporting boot times in 5ms while other users talk about how small their VMs can get – in the kilobyte range if you’re using c. Still others like OSv have measured up to a 20% performance advantage in popular databases. However they have remained out of a lot of developers reach because of their low level nature.

That is until we decided to open source a tool called ops.city (OPS). OPS is a new free open source tool that allows anyone, including non-developers to instantly build and run unikernels on linux or mac from their existing software. There is no complicated re-compilation. There is no LDFLAG twiddling or random patching of various libraries you’d never patch yourself. OPS goal is to democratize access to unikernels.

Ok – enough of that – let’s build some unikernels.

First thing you’ll want to do is download ops itself:

curl https://ops.city/get.sh -sSfL | sh

Let’s start with a short example:

Let’s create a working directory:

mkdir p

Now put this into test.php:

<?php

echo ‘test\n’;

?>

From a fresh install you’ll see that there are several pre-made packages available:

Running Unikernels from Existing Linux Applications with OPS 1

Let’s go ahead and download the php package. The package contains everything that you’ll need to build and run php unikernels but absolutely nothing more. The idea is not to strip things out that aren’t necessary – it’s more of only putting things in to make it work. You’ll notice if you get into the tarball you’ll find an ELF file along with some libraries. This was built for linux but your application won’t actually run on linux. Linux is now 28 years old and predates both commercialized virtualization and what has become known as “the cloud” – namely Amazon Web Services and Google Cloud – both of which heavily use virtualization underneath.

Running Unikernels from Existing Linux Applications with OPS 2

Now if you run the example you’ll see that we boot up our php application and run the code but if you are paying attention you’ll see that this not like Linux where it starts hundreds of programs before it runs yours. Again this is more than just replacing the init manager and applying seccomp. We’ve tailored your application to become it’s own little operating system – how cool is that?

Let’s try another one – put this into test.js :

console.log(“we are all crazy programmers!”);

This time we’ll try out node.js:

Running Unikernels from Existing Linux Applications with OPS 3

It’s important to note that we’ve only showed some basic examples here. OPS is actually capable of loading and running arbitrary ELF binaries.

If you are using docker or kubernetes now you’ll definitely want to pay attention and get involved early in the unikernel ecosystem. If you are a microservices aficionado or serverless fan you should also be paying attention as a lot of people are predicting this to be the underlying infrastructure for these paradigm changing technology growths.

So what are you going to build? Go check out https://github.com/nanovms/ops – fork/star the repo and let us know!

The post Running Unikernels from Existing Linux Applications with OPS appeared first on The Crazy Programmer.



from The Crazy Programmer https://www.thecrazyprogrammer.com/2019/02/running-unikernels-from-existing-linux-applications-with-ops.html
Labels:

Comments

Post a Comment

Popular posts from this blog

Rail Fence Cipher Program in C and C++[Encryption & Decryption]

Here you will get rail fence cipher program in C and C++ for encryption and decryption. It is a kind of transposition cipher which is also known as zigzag cipher. Below is an example. Here Key = 3. For encryption we write the message diagonally in zigzag form in a matrix having total rows = key and total columns = message length. Then read the matrix row wise horizontally to get encrypted message. Rail Fence Cipher Program in C #include<stdio.h> #include<string.h> void encryptMsg(char msg[], int key){ int msgLen = strlen(msg), i, j, k = -1, row = 0, col = 0; char railMatrix[key][msgLen]; for(i = 0; i < key; ++i) for(j = 0; j < msgLen; ++j) railMatrix[i][j] = '\n'; for(i = 0; i < msgLen; ++i){ railMatrix[row][col++] = msg[i]; if(row == 0 || row == key-1) k= k * (-1); row = row + k; } printf("\nEncrypted Message: "); for(i = 0; i < key; ++i) f...
3 comments
Read more

Data Encryption Standard (DES) Algorithm

Data Encryption Standard is a symmetric-key algorithm for the encrypting the data. It comes under block cipher algorithm which follows Feistel structure. Here is the block diagram of Data Encryption Standard. Fig1: DES Algorithm Block Diagram [Image Source: Cryptography and Network Security Principles and Practices 4 th Ed by William Stallings] Explanation for above diagram: Each character of plain text converted into binary format. Every time we take 64 bits from that and give as input to DES algorithm, then it processed through 16 rounds and then converted to cipher text. Initial Permutation: 64 bit plain text goes under initial permutation and then given to round 1. Since initial permutation step receiving 64 bits, it contains an 1×64 matrix which contains numbers from 1 to 64 but in shuffled order. After that, we arrange our original 64 bit text in the order mentioned in that matrix. [You can see the matrix in below code] After initial permutation, 64 bit text passed throug...
Post a Comment
Read more

Experimental: Reducing the size of .NET Core applications with Mono's Linker

The .NET team has built a linker to reduce the size of .NET Core applications. It is built on top of the excellent and battle-tested mono linker . The Xamarin tools also use this linker so it makes sense to try it out and perhaps use it everywhere! "In trivial cases, the linker can reduce the size of applications by 50%. The size wins may be more favorable or more moderate for larger applications. The linker removes code in your application and dependent libraries that are not reached by any code paths. It is effectively an application-specific dead code analysis ." - Using the .NET IL Linker I recently updated a 15 year old .NET 1.1 application to cross-platform .NET Core 2.0 so I thought I'd try this experimental linker on it and see the results. The linker is a tool one can use to only ship the minimal possible IL code and metadata that a set of programs might require to run as opposed to the full libraries. It is used by the various Xamarin products to extract...
Post a Comment
Read more