Abstract:This paper presents Unikernel Linux (UKL), a path toward integrating unikernel optimization techniques in Linux, a general purpose operating system. UKL adds a configuration option to Linux allowing for a single, optimized process to link with the kernel directly, and run at supervisor privilege. This UKL process does not require application source code modification, only a re-link with our, slightly modified, Linux kernel and glibc. Unmodified applications show modest performance gains out of the box, and developers can further optimize applications for more significant gains (e.g. 26% throughput improvement for Redis). UKL retains support for co-running multiple user level processes capable of communicating with the UKL process using standard IPC. UKL preserves Linux's battle-tested codebase, community, and ecosystem of tools, applications, and hardware support. UKL runs both on bare-metal and virtual servers and supports multi-core execution. The changes to the Linux kernel are modest (1250 LOC).

What problem does this paper attempt to address?

The main goal of this paper is to explore how to integrate unikernel technology (a lightweight, specialized operating system) into general-purpose operating systems (such as Linux) to achieve performance optimization while maintaining support for a wide range of applications and hardware, and minimizing the impact on the existing Linux codebase. ### Problems Addressed by the Paper 1. **Integration of Unikernel Technology**: Investigate how to incorporate unikernel technology into Linux without requiring significant modifications or forks, allowing it to function as a general-purpose operating system while also being able to transform into a highly optimized unikernel as needed. 2. **Performance Enhancement**: Achieve moderate performance improvements without modifying application source code through the integration of the aforementioned technology, and allow developers to further customize applications for more significant performance gains. 3. **Support for Multiple Processes**: Although only one main application can be directly linked to the kernel, the system still supports other applications running in the traditional manner, thereby supporting complex applications that are logically composed of multiple processes. 4. **Hardware Compatibility**: Aim to support all hardware devices that Linux supports, including accelerators like GPUs, TPUs, and FPGAs, to meet the needs of heterogeneous computing. 5. **Ecosystem Compatibility**: Retain the original Linux development community, toolset, and operational experience, ensuring that tools, debugging, and configuration functions work properly. ### Key Technical Points - **Baseline Model**: Enable unmodified applications to run in a unikernel environment through a simple recompilation and linking process, while maintaining most of the isolation between the Linux kernel and applications. - **Configuration Options and Application Customization**: Provide various configuration options to further optimize performance, such as avoiding expensive mode-switch checks and using different return instructions to improve interrupt handling efficiency. Additionally, allow developers to modify applications to directly call kernel functions for deeper optimization. - **Address Space Layout**: Retain the standard Linux virtual address space division, i.e., user space and kernel space, but place the application's code and data in the kernel space. - **Execution Model**: Although the application and kernel are linked together, they still have different execution models to support the operation of various applications without requiring source code modifications. In summary, this paper aims to demonstrate how to leverage unikernel technology to optimize Linux while maintaining its broad compatibility and robust ecosystem support. This approach not only enhances the performance of specific applications but also makes the entire system more flexible and efficient.

Unikernel Linux (UKL)

Iso-UniK: Lightweight Multi-Process Unikernel Through Memory Protection Keys.

KylinX: A Dynamic Library Operating System for Simplified and Efficient Cloud Virtualization.

KylinX: Simplified Virtualization Architecture for Specialized Virtual Appliances with Strong Isolation

Unishyper: A Rust-based Unikernel Enhancing Reliability and Efficiency of Embedded Systems

MultiK: A Framework for Orchestrating Multiple Specialized Kernels

Programming Unikernels in the Large via Functor Driven Development

Exploring the Viability of Unikernels for ARM-powered Edge Computing

KLinux: Hybrid Real-Time Open-Source Linux Operating System

Hybrid real-time Linux operating system

Android Unikernel: Gearing mobile code offloading towards edge computing

BULKHEAD: Secure, Scalable, and Efficient Kernel Compartmentalization with PKS

Kernelized-QEMU: A Study of System-Level Virtual Layer in Linux Kernel

Fast, Flexible, and Practical Kernel Extensions

Live Updating Operating Systems Using Virtualization

Edge System Design Using Containers and Unikernels for IoT Applications

Kernel Language KLND

Harmonizing Performance and Isolation in Microkernels with Efficient Intra-Kernel Isolation and Communication

A Survey of Unikernel Security: Insights and Trends from a Quantitative Analysis

The Endokernel: Fast, Secure, and Programmable Subprocess Virtualization

A Performance Evaluation of Rump Kernels as a Multi-server OS Building Block on seL4