The RustyHermit unikernel

Click for: original source

RustyHermit is a unikernel, which is completely written Rust. Unikernels are application images that directly contain the kernel as a library, so they do not require an installed operating system (OS). They are typical used in virtualized environments, which build the backbone of typical cloud / edge infrastructures. By @stlankes.

Unikernels can be highly optimized. For instance, we optimized the network stack of RustyHermit. RustyHermit uses smoltcp as network stack, which is completely written in Rust. As interface between guest and host operating system, we use Virtio, which is in a para-virtualized driver for KVM and widely used in virtualized Linux environments.

The article does a good job explaining:

  • Virtualization Designs
  • Unikernels
  • RustyHermit
  • Performance
  • Research

RustyHermit is also a research project to evaluate new operating system designs, which improves the scalability and the security of operating systems in cloud environments. For instance, RustyHermit provides classical techniques to improve the security behavior like stack guards and separating the application stack from the libOS stack. However, a library operating system typically uses a common function call to enter the kernel. A classical separation of user- and kernel space by entering a higher privilege level is missing. Good read!

[Read More]

Tags programming linux devops performance