NEC Laboratories Europe recently demonstrated the effectiveness of its Unikraft technology by doubling the data throughput on a NGINX web server while running on Amazon Web Services (AWS). This is compared to the same web server running on a Linux-based image. The result is equivalent to reducing server resource costs by half, as it enables the same data throughput (requests/sec.) with a smaller and cheaper instance.

Unikraft, a Linux Foundation open source project, achieves such rates through specialization; easily allowing users to build a custom operating system and software stack tailored to the needs of a specific application, and ready to deploy as an AWS image. Such unikernels have shown great promise and performance numbers (e.g., boot times of a few milliseconds, memory consumption of only a few MBs and high throughput), but their Achilles heel has been that they often require substantial expert work to create them, and that at least part of the work has to be redone for each additional application.

In stark contrast to other unikernel projects, Unikraft has developed a truly modular unikernel common code base. This makes building tailored-made (uni)kernels much faster than before. "Without Unikraft, you have to choose between unikernel projects that only work for a specific language or application, or projects that aim to support POSIX but do so while sacrificing performance thus defeating the purpose of using unikernels in the first place," says Dr. Felipe Huici, Senior Research Scientist at NEC Laboratories Europe and a core contributor to Unikraft technology. "Unikraft aims to run a large set of off-the-shelf applications and programming languages but still allows for easy customization and even removal of unneeded kernel parts. It also provides a set of rich, performance-oriented APIs that allows applications to achieve even higher performance." In addition, because Unikraft specializes the entire software stack, its deployed images have a minimal Trusted Computing Base, and are thus more robust against attack.