Author: Ian Eyberg
Updated on: 2019-01-26
Posted on: 2019-01-24
Categories: PHP Tutorials, PHP Security
Read this article to learn what are Unikernels and how they can benefit site servers on which you can run PHP Web applications.
By Ian Eyberg
Unikernels are considered the next generation of cloud infrastructure for their size, security and performance benefits.
You can think of them as what would happen if you molded the operating system and the application together into one small discrete unit.
Some people see them as containers++ or containers 2.0 but I personally think they are apples and oranges considering containers need linux and unikernels don't run linux.
The idea reflects how a lot of developers actually deploy their software nowadays especially at larger software companies like Uber or AirBnB.
What Are Unikernels?
First off, what is a unikernel? A unikernel is a single process system. That is it's only meant to run one application per server.
At first blush that sounds wasteful but when you think about it most companies nowadays do not have one server - they have thousands and they are deployed with one specific application on them to begin with.
These are the database servers, these are the Web servers, etc. In the past you would ssh into a box and see a half dozen users or have specific hostnames like Mars the database or Jupiter the Web server. Trying not to date myself here.
However, one of the big problems with unikernels is that it involves a bunch of lower level operating system like code to run them and that excludes pretty much anyone that was not a kernel hacker. Until now.
What is OPS?
OPS is a tool that allows anyone to build and run unikernels in any language they want or for any application they want.
If it runs on Linux it can probably run as a unikernel. Itching to try it out? Let's get started.
You can go to download page and retreive a binary or if you happen to be a Go programmer you can just grab the source and build it yourself.
To download for both linux and mac you can use:
curl https://ops.city/get.sh -sSfL | sh
Let's try out a simple example. Put this inside a test.php:
> cat test.php
<?phpthen you can run it this way:
echo "hello from inside a unikernel!\n";
> ops load php_7.2.13 -a test.php
Extracting /Users/eyberg/.ops/packages/php_7.2.13.tar.gzYou have just built and ran your own first php unikernel!
booting image ...
hello from inside a unikernel!
exit_groupexit status 1
What this does is download the PHP interpreter along with any libraries that it is linked against. Most linux binaries are linked against at least libc and a handful of other things.
It is important to note though that when you run OPS even though you are running an ELF binary which is the native linux format you actually are not running linux underneath.
There is a lot of stuff that comes with even the barest of bare linux installs that is simply not needed to run a simple PHP application. Not just that but the way linux is designed it was designed for multiple users running multiple applications on the same server.
Linux is almost 30 years old mind you. This was before virtualization and before cloud which is basically on-demand virtualization. Unikernels really shine here because they recognize that fact. They recognize that at the end of the day you only really care about running that one application on that one server.
By default OPS will run your unikernel in usermode with no KVM acceleration. What this means is that it is much slower than what it would be if KVM were turned on and it was in a bridged network.
It is like this just so you can get going on your laptop without messing around with user permissions. You can always enable that with the networking options OPS provides. Also KVM is linux specific although Intel HAX exists for Macs and provides similar hardware acceleration.
What we showed here is a very simple example utilizing an OPS package although you can actually run any valid linux program as a unikernel without the package interface.
It is wise to investigate unikernels now as they hold promise not just for cloud infrastructure. What I personally find fascinating is all the new forms of compute they open up which was simply not possible with existing linux based systems.I expect them to have heavy influence in the serverless and edge compute realms in the near future.
So go check out the github repo and toy around.
What will you build?
You need to be a registered user or login to post a comment
Login Immediately with your account on: