Docker today announced the acquisition of Unikernel Systems, a Cambridge, UK-based startup that aims to bring unikernels to the masses (or at least the masses of developers).
Docker plans to integrate support for unikernels into its own tools and services as it’s starting to look at technologies beyond containers to help developers build even more efficient microservices architectures. The price of the acquisition was not disclosed.
The basic idea behind unikernels is to strip down the operating system to the absolute minimum so it can run a very specific application. Nothing more, nothing less. This means you would compile the necessary libraries to run an application right into the kernel of the operating system, for example.
The result of this is a very small and fast machine that has fewer security issues than traditional operating systems (because you strip out so much from the operating system, the attack surface becomes very small, too).
Because of this, unikernels are great for applications where security and efficiency are paramount (think secure government systems, real-time trading platforms and IoT applications).
So why is Docker interested in all of this? Docker founder and CTO Solomon Hykes acknowledged that this is likely the “most obscure” of Docker’s acquisitions, but he also told me that he sees it as the company’s most exciting one to date.
The 13-people strong Unikernel Systems team is largely comprises developers who previously worked on the Xen hypervisor. Unikernel Systems is a major contributor to the overall unikernel ecosystem and its open source components. Hykes tells me Docker will continue to be very active in this community.
With this acquisition, Docker is bringing a lot of deep technical knowledge into the fold. “Expect the Docker platform to be much more aggressive in solving problems lower in the stack,” Hykes said. “[This acquisition] gives us a lot more firepower to solve these problems.”
But that’s only partly what this acquisition is about. While you probably only think “containers” when you hear about Docker, the company now seems to think about Docker as an ecosystem that isn’t just about containers. In this view, Docker is mostly about moving the microservices movement forward, and if you look at it through this lens, then unikernels are a logical next step for Docker.
With containers, developers “got a taste of small,” Hykes told me. In his view, unikernels are “the next step in shrinking the payload from VMs to containers to unikernels.”
He does not, however, believe that one has to inevitably replace the other. Using unikernels means you have to make some tradeoffs — mostly around compatibility and tooling. Docker plans to integrate unikernel support into its own tools in the near future. “What nobody wants is three completely separate sets of tools,” he noted. “One for VMs, one for containers and one for unikernels.”
If you paid attention at DockerCon Europe last year (you did, right?), then all of this may be a little less of a surprise. At the event, Docker actually showed a brief demo of how its tools could be used to manage unikernel deployments. Anil Madhavapeddy, the CTO of Unikernel Systems and the project lead of MirageOS (an open source library operating system for building unikernels), ran that on-stage demo.