Are Unikernels the Answer for Next-Gen AI Cloud Workloads?
Nobody likes waiting around for an app to start, nor database to boot. Certainly not Vercel. Nor Prisma.
Vercel’s venture arm has invested in Unikraft, a cloud-hosting company built on the Linux Foundation unikernel technology of the same name. The company raised a $6 million seed round earlier this month, including a bundle from Vercel, a cloud platform for frontend developers. In the deal, Unikraft can also consult Vercel’s expertise at running cloud-based content delivery networks.
And Prisma, a cloud service that offers a Postgres database system serverless cloud service, has even put the unikernel to work.
In fact, the tiny footprint of a unikernel-based Prisma Postgres instance allowed the company to set up a free tier for curious users.
How Prisma Uses Unikernels for Database Performance
To run a database, or any time-sensitive application, over a network requires super-low latency and fast boot times.
To get there, Prisma built a tech stack, using Cloudflare Workers edge services running each database inside a dedicated unikernel. The company used Unikraft SDK, based on the Linux Foundation-backed open source project, to assemble the VMs (through Docker Compose) and platformed them on Unikraft Cloud.
Unikernels are lightweight and single-purpose virtual machines. Each VM has only the application and the minimum amount of kernel needed to run the app.
This approach allows Prisma to run thousands of PostgreSQL instances on a single server and scale them down to zero instances when they are not needed.
“So that allowed Prisma to offer databases at a fraction of the cost per instance,” said Felipe Huici, co-founder and CEO of the Unikraft company, and one of the original researchers on the Unikraft project.
Unikernels vs. Containers: Understanding the Differences
Unikernels gained some prominence about 10 years ago, but were nearly forgotten in the rush of Docker’s emerging popularity.
The two technologies are similar. Both can host applications and supporting libraries. But while containers share the host’s own OS, each unikernel is a “microVM” with its own stripped-down OS.
In design, unikernels are a single-address space binary object: They do not have separation between kernel and user address spaces of a traditional OS. This allows for much faster execution of applications, even compared with traditional container technologies.
The idea of the unikernel arrived at its present state by way of a 2013 paper, “Unikernels: library operating systems for the cloud,” which spawned MirageOS, the first of a number of modern unikernel projects, including Unikraft itself. In 2016, Docker bought Unikernel Systems, which maintained an offshoot of MirageOS. Docker went on to use the technology in its latency-sensitive native applications such as HyperKit.
But containers were such an amazing technology back then, with their ability to make workloads portable, that unikernels seemed unnecessary. Unikernels also required a lot of additional work: Criticisms abounded of inadequate tooling and debugging capabilities. Another non-starter for system architects was the inadequate support of the POSIX standard, the lingua franca of all Linux systems.
Unikernels for Next-Gen Cloud and AI Workloads
But could a new generation of heavily-distributed cloud applications for the emerging AI market make unikernels worthwhile? This is what Unikraft is betting on. If you are packaging your apps across large numbers of containers, you may want to give unikernels another look, Huici said.
AI workloads, for instance, would be a good fit. They tend to run on large numbers of containers and frequently toggle between being online and offline.
“So if you’re working in infrastructure, you’re having to have many thousands of servers in the data center to cater to millions of millions of very tiny things that are coming up and down all the time. And that’s a big challenge for standard infra,” Huici said.
Huici pointed to how the unikernel image is smaller, faster and more secure than container images, offering boot times in the milliseconds and a throughput 50 to 100% higher than plain vanilla Linux.
Benefits of Unikernels: Speed, Security and Cost Efficiency
These features neatly solve a number of issues for Prisma. Since Unikernels boot faster, a new instance is ready in milliseconds rather than the tens of seconds required to boot a containerized version of Postgres. Also, the security footprint is smaller, the unikernels can be customized for performance and they take up less space on the server memory.
In Prisma’s case, a unikernel also eliminates the cold start problem that can plague microservices and Java applications. It may be cost prohibitive to keep virtual machines or containers running when there is no workload, but booting them down will cause a delay when a new request does come in.
In contrast, the costs for keeping a unikernel running on a server is minimal, thanks to its tiny footprint.
The unikernel architecture also allows Prisma to locate the connection pool on the same machines that run the Prisma Postgres unikernel instances, thereby saving in costly network hops.
Managing Unikernels with Kubernetes Integration
The Unikraft platform further eases the management burden thanks to a recent integration with Kubernetes, allowing admins to manage unikernels alongside other resources. Each instance operates as a separate node, and you can apply all the Kubernetes scaling logic to these nodes, making them as easy to manage as any other container.
