Frequently Asked Questions
What’s Unikraft?
Unikraft is the company behind the next-generation cloud compute platform Unikraft Cloud, leveraging unikernel technology to provide millisecond cold boots, scale to 0 and autoscale so you never have to pay for idle again.
Can you do cloud-prem, or on-prem deployments?
Yes, as part of our Unikraft Cloud Enterprise offering. A dedicated platform for enterprises that can be deployed cloud-prem or on-prem, either self-managed or managed by us.
What’s a unikernel?
A unikernel is an extremely specialized virtual machine. Imagine being able to have, for each target application, a distro and kernel that contain only the code the target app needs, and nothing more — all of it built at compile time, before you deploy. If an app doesn’t need a line of code to run, it doesn’t get deployed. And then to have this packaged as any other virtual machine, with strong, hardware-level isolation. In fact, Unikraft unikernels are packaged as OCI images
Aren’t virtual machines heavyweight?
They need not be! Unikraft unikernels are proof that you can have the strong, hardware-level isolation that is the workhorse of public cloud deployments, combined with the lightweight characteristics of containers or processes (e.g., millisecond cold boot times).
How much smaller are Unikraft images?
The answer depends on the application of course, but with Unikraft we can confidently say that most (up to ~90%) of an image’s size is due to the application itself. For example, an NGINX Unikraft image is under 2MBs in size.
Why can’t I just use a container?
When you deploy a container on the public cloud, it gets deployed it on top of a
virtual machine in order to have strong, hardware-level isolation. The container
thus adds yet another layer of overhead between your app and the hardware.
Instead, at Unikraft we use Dockerfile
s at build time to create the
filesystem, but then use a lean unikernel to get the best efficiency at deploy
time.
Do Unikraft unikernels come with security benefits?
Yes, especially stemming from the fact that they have a minimal Trusted Computing Base (TCB), and everything is off by default (services, ports, etc).
I have a service and a database. Can I run them with Unikraft Cloud?
Definitely. Every instance on Unikraft Cloud has a private IP and DNS name so you can easily plug instances together. Follow this guide for instructions.
I have an access token and an application, what do I do?
You’ll need a Dockerfile and Kraftfile. See any of the apps/langs guides (here)[/docs/guides/] to see examples.
What is kraft
?
kraft
is Unikraft Cloud’s open-source CLI tool written in
Go. You can control Unikraft Cloud with
it as well as build unikernels and try things out locally.
What do I lose by using Unikraft with respect to Linux? What about debugging?
Unikraft mimics the Linux API so that applications and languages can run, unmodified, on Unikraft. One common concern sometimes leveled at unikernels is that debugging them is hard: Unikraft comes with a full gdb server, tracing and other debugging facilities so that debugging in Unikraft is no different than doing so on a Linux environment (see here). In terms of observability, Unikraft comes with a Prometheus library through which a Unikraft unikernel can export stats to Grafana boards.
How is millisecond scale-to-zero achieved?
Magic 🪄 Just kidding, it’s the combination of using Unikraft unikernels to run
workloads, a custom node ingress controller which can be reactive in
milliseconds and scale to 1000s of instances, and various other optimizations to
the underlying host. Simply add -0
to your deploy command, and when traffic
dies your app will stop, consume no resources, and get charged $0. When the next
request from your user comes, the instance will wake, in milliseconds, and reply
— with your user being none the wiser.
Do you have cold boots on Unikraft Cloud?
By definition, meaning starting an instance up from zero, yes, we have cold boots. However, by cold boot people generally mean a slow cold boot: seconds or minutes. On Unikraft Cloud, cold boot times are measured in milliseconds.
How do you achieve millisecond autoscale?
By leveraging very fast cold boot times, and by coupling that with a very reactive and scalable controller and proxy infrastructure. Autoscale like you’ve never seen it before.
Millisecond snapshots?
Yep. Instances on Unikraft Cloud are lean (size is determined by your application) so snapshots are quick. Stateful scale to zero in milliseconds anyone?
What do I need to get started?
We’re in early access; simply sign up to obtain an access token. If you’re interested in an enterprise solution please write to us.
What about usability?
We’ve put great care and effort into providing seamless integration with major tools and frameworks like Docker, Kubernetes, Terraform, and Prometheus/Grafana.
Why Unikraft and what’s Wrong with current cloud offerings?
Current cloud stacks and offerings are over-bloated and over-priced. With Unikraft you can be sure that the resources you’re consuming and paying for are going to your app, and your app only. And when you’re app is idle, so is your bill. And for Unikraft Cloud Enterprise, imagine running 1000s of instances with just a couple of servers.
Does Unikraft provide cost savings?
Absolutely! Unikraft can provide cost savings in many ways:
- Scale-to-Zero: don’t ever pay for idle again;
- Autoscale: don’t ever pay for warm instances to cope with peaks;
- Fewer instances: higher, more efficient I/O means fewer instances for equivalent workloads; and,
- Server density: 1000s of instances on a single server mean fewer servers, and higher savings.
What’s the relationship between the Unikraft open source project and Unikraft Cloud?
Unikraft OSS allows you to build and run unikernels locally via kraft run
(and even hack the Unikraft OS itself if you like tinkering!). When you’re
ready to deploy, switch to kraft cloud deploy
.
Are you a replacement for Docker?
Definitely not! We think Docker is great for dev environments and for building
images. In fact, we rely on Dockerfile
to specify the filesystem of images
on Unikraft Cloud. Having said that, when it’s time to deploy, we take the
resulting filesystem and put it on a lean unikernel, ready to run with
hardware-level isolation and extreme efficiency.
Are you a competing technology to WASM?
No. You can read more about how Unikraft and WASM complement each other in our dedicated blog post on the matter. In short, WASM provides language-level isolation, whereas Unikraft provides hardware-level. Ultimately when you deploy WASM to the public cloud, in almost all cases there’ll be a VM underneath for isolation (and maybe even a container runtime). We believe that the most efficient way to deploy WASM workloads on the public cloud is on Unikraft Cloud, where the VM (read: the unikernel) itself has only the minimal code needed to run the WASM runtime.
With Unikraft Cloud can I deploy within hyperscaler infra and connect to their services?
Yes. We support metros / regions within existing hyperscaler infra, and also connectivity to their services. For example, you could run an API server on Unikraft Cloud and connect to S3 as a storage backend. Contact us for more information.
Can I try Unikraft open source first?
Yes. Head on over to unikraft.org, install the
kraft
tool with the one-liner there, and use kraft run
to build, package and
run your application locally. When you’re ready to deploy to the cloud, set
your Unikraft Cloud token and deploy via kraft cloud deploy
.
Does Unikraft Cloud work on Mac/Windows/Linux?
Yes, the kraft tool can run on Mac, Windows or Linux.
How do I monitor instances on Unikraft Cloud?
We provide full log support for all users. For paying customers we provide access to Prometheus metrics.
Are there other unikernel cloud platforms?
No. There are other unikernel projects, though most of them are research ones, unmaintained or single app/language (read: non-POSIX) ones.