|
1 | | -# What is a Unikernel |
| 1 | +# What is a Unikernel? |
2 | 2 |
|
3 | | -A unikernel is a single process system that is specifically designed to |
4 | | -run only one application. It makes it a great fit for modern cloud |
5 | | -environments because of it's performance, security and size. |
| 3 | +A unikernel is a single-process system that is specifically designed to |
| 4 | +run only one application. It is a great fit for modern cloud |
| 5 | +environments because of its performance, security, and size. |
6 | 6 |
|
7 | 7 | ## Single Process |
8 | 8 |
|
9 | 9 | Linux systems have archaic design concepts rooted in the 1960s from when |
10 | 10 | machines cost half a million dollars and needed to run multiple programs |
11 | | -for multiple users. Today developers go out of their way to isolated |
12 | | -programs from each other if for no reason other than manageability |
| 11 | +for multiple users. Today, developers go out of their way to isolate |
| 12 | +programs from each other if for no other reason than manageability |
13 | 13 | concerns. |
14 | 14 |
|
15 | | -A unikernel embraces the single process concept while allowing the use |
16 | | -of multiple threads. For languages such as Go this fits well. For |
17 | | -interpreted languages such as ruby and python developers in these |
| 15 | +A unikernel embraces the single-process concept while allowing the use |
| 16 | +of multiple threads. For languages such as Go, this fits well. For |
| 17 | +interpreted languages such as Ruby and Python, developers in these |
18 | 18 | languages typically load balance a set of application servers to enable |
19 | | -a greater degree of concurrency. In the unikernel world we do the same |
20 | | -thing but those app servers become full fledged vms and can make use of |
21 | | -existing load balancers without having to do back flips. |
| 19 | +a greater degree of concurrency. In the unikernel world, we do the same |
| 20 | +thing but those app servers become full-fledged VMs and can make use of |
| 21 | +existing load balancers without having to do backflips. |
22 | 22 |
|
23 | 23 | ## No Shell/No Users |
24 | 24 |
|
25 | 25 | This is a security design constraint. There is no shell to remotely log |
26 | 26 | into and there is no concept of users. While OPS has a stubbed/fake user |
27 | 27 | it is only present to implement underlying libc calls and has no |
28 | | -relevance otherwise. This also means that modern unix permissions don't |
| 28 | +relevance otherwise. This also means that modern Unix permissions don't |
29 | 29 | have much meaning inside of a unikernel because there is only one |
30 | 30 | program running and no users. |
0 commit comments