Deploying Unikernels in Production with Kubernetes

KubeKraft is a novel runtime that allows for running VMs with Kubernetes natively, without any container overhead. It aims to achieve higher cluster utilization while maintaining performance and security.

• Virtualization strategies such as containers have gained immense popularity thanks to orchestration frameworks such as Kubernetes.
• Typical deployments with Kubernetes involve four degrees of virtualization and indirection, which can be difficult to debug and add performance penalties.
• KubeKraft introduces unikernels into the ecosystem and allows for running VMs with Kubernetes natively, without any container overhead.
• KubeKraft's architecture is presented, along with its integration with Kubernetes and performance results.
• Using a Unikraft NGINX unikernel, KubeKraft results in 2x the throughput of an official Docker NGINX image.

KubeKraft's aim is to reduce the cost of services running in the cloud by achieving higher cluster utilization while maintaining performance and security. It does this by introducing unikernels into the ecosystem and allowing for running VMs with Kubernetes natively, without any container overhead. KubeKraft's architecture is presented, along with its integration with Kubernetes and performance results. Using a Unikraft NGINX unikernel, KubeKraft results in 2x the throughput of an official Docker NGINX image.

In data center and cloud deployments, the virtual machine is the basic unit of isolation and Kubernetes has emerged as the de-facto standard for orchestration. This points to the container-in-a-vm model: the VM for isolation, and the container to seamlessly integrate with the orchestrator. But is this optimal for deployments where containers are not a requirements? Is it possible to use VMs for isolation, use Kubernetes and all of its wide array of features for orchestration, but without having to rely on containers? In this talk we will present KubeKraft, a novel runtime along with modifications to containerd that allow for running VMs with Kubernetes *natively*, without any container overhead. We will present KubeKraft's architecture, its integration with Kubernetes and will show performance results; for instance, when using a Unikraft NGINX unikernel (less than 2MBs in size) KubeKraft results in 2x the throughput of an official Docker NGINX image (42M image size).