We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Unikraft: Unikernels Made Easy

00:00
subtitles
off
playback rate
1
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
576p
33
 Cite
 Share
 Download Purchase
Logo of FOSDEM VZWFOSDEM VZW
 Kuenzer, Simon

Formal Metadata

Title
Unikraft: Unikernels Made Easy
Title of Series
Number of Parts
561
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Highly specialized Unikernels are still terrible to develop and maintain. Applications have to be ported manually to non-standard OSes before gaining from impressive benefits, like superb performance, great isolation, and a small trusted compute base. Unikernels can be instantiated in tens of milliseconds or less. They are tiny with low memory footprints of a few MBs or even KBs. They can achieve high network throughput of 10-40 Gb/s with a single CPU core and they enable running thousands of concurrent instances. We are going to present the Xen Project/Linux Foundation's open source Unikraft project. Its high level goal is to provide an automated tool to build unikernels without requiring the time-consuming, expert work as today. In addition, Unikraft targets support for multiple "platforms": Xen, KVM, containers and bare-metal. Images are automatically produced for multiple of these platforms without requiring any additional time from users. We have spent quite a bit of our time over the last years developing unikernels – highly specialized virtual machine images targeting specific applications. We have been particularly interested in them since because of their fantastic performance benefits: tiny memory footprints (hundreds of KBs or a few MBs), boot times comparable to those of processes, and small migration times, to name a few metrics. Despite the fact that this work and work from several others is proof of their potential, unikernels have yet to see massive adoption. One of the main showstoppers is development time: for instance, developing Minipython [4], a MicroPython unikernel, took the better part of 3 months to put together and test. ClickOS [5], a unikernel for NFV, was the result of a couple of years of work. What’s particularly bad about this development model besides the considerable time spent is that each unikernel was basically a “throwaway”: every time we wanted to create a new unikernel targeting a different application, we would start more or less from scratch. This comes from the fact that each application has different OS dependencies and benefit from different optimizations and specializations of these layers. One year ago, we started Unikraft as an open source incubator project under the umbrella of the Xen Project and the Linux Foundation. Our goal is to build a common pool of decomposed OS functionalities, called libraries, where various Unikernel projects can share implementations and optimizations with others. We started with initial and elementary pieces like schedulers, memory allocators, an VFS layer, network stacks and the pool is growing. The project provides Unikernel builders a menu where these libraries can be picked and configured. Unikraft's build system quickly and automatically creates images tailored to the needs of their specific applications. The users can choose multiple target platforms (e.g., Xen, KVM, containers, bare metal) without having to do additional work for each of them. In this talk we introduce the concept of specialized Unikernels, give an overview of the Unikraft open source project, and show a live demo to the audience.
FOSDEM 2019467 / 561
1
Thumbnail
24:45
How to write pylint plugins
2
Thumbnail
25:20
How to build your own Ethereum client
3
Thumbnail
27:01
How to build a FreeBSD CI/CD environment based on pot container
4
Thumbnail
53:49
How should lawyers behave? Legal "Ethics" and Free Software
5
Thumbnail
21:39
How Online Backup works in MyRocks and RocksDB
6
Thumbnail
31:25
How Kubernetes used gRPC to encrypt secrets with an external Key Management Service and Go for Javascript developers
7
Thumbnail
30:21
How and why (not) to use the 127.0.0.53 nameserver, systemd-resolved and resolvctl
8
Thumbnail
15:27
How a Connect-X device driver works
9
Thumbnail
24:36
horizon EDA - what's new
10
Thumbnail
30:09
Homebrew 2.0
11
Thumbnail
30:38
Hikar - Free and Open Source Android Augmented Reality for walkers - v0.2
12
Thumbnail
24:10
High end augmented reality using Javascript
13
Thumbnail
20:09
Hey, A Blockchain-Based Social Network
14
Thumbnail
37:31
Hardware/Software Co-Design for Efficient Microkernel Execution
15
Thumbnail
24:27
Hands on debugging with Delve
16
Thumbnail
53:09
Handling Security Flaws in an Open Source Project
17
Thumbnail
24:44
Hacking NodeJS applications for fun and profit
18
Thumbnail
30:10
Hackers gotta eat
19
Thumbnail
23:05
GWL: GNU Workflow Language
20
Thumbnail
25:31
Guile 3: Faster programs via just-in-time compilation
21
Thumbnail
25:10
gtk-rs: newest and future developments
22
Thumbnail
24:52
GStreamer embedded state of the union 2019
23
Thumbnail
21:04
GStreamer 1.16 and beyond
24
Thumbnail
18:14
gRPC, Protobufs and Go... OH MY!
25
Thumbnail
26:06
Greenfield: An in-browser Wayland compositor
26
Thumbnail
29:24
GraphHopper Routing Engine - New Features
27
Thumbnail
17:49
Graph usage in EFL
28
Thumbnail
29:47
GraalVM: Polyglot Development Platform with Great Toolability
29
Thumbnail
45:51
Hacking PostgreSQL
30
Thumbnail
15:10
gr-soapy: A handy SDR hardware interface module for GNU Radio
31
Thumbnail
15:40
Good Will Snapping
32
Thumbnail
42:40
GObject subclassing in Rust for extending GTK+ & GStreamer
33
Thumbnail
32:38
Go Lightning Talks - Come speak!
34
Thumbnail
23:23
Go containers? Go serverless?
35
Thumbnail
25:10
GNU Radio with a Rusty FPGA
36
Thumbnail
43:23
GNU Radio in 2019: Facts and Plans
37
Thumbnail
30:10
GNU Mes - Reduced Binary Seed bootstrap for GNU Guix
38
Thumbnail
35:19
Gluster Container Storage
39
Thumbnail
25:53
Global Consent Manager
40
Thumbnail
30:10
Git database with bitmap index
41
Thumbnail
21:34
Getting to Closer to a Software Help Language
42
Thumbnail
39:57
Gephi JS: Exploring the dystopian future of a Javascript Gephi
43
Thumbnail
26:57
GNU Radio meets Scapy
44
Thumbnail
29:30
GBForth: Using Forth to understand the Game Boy
45
Thumbnail
26:07
Futatabi: Multi-camera instant replay with slow motion
46
Thumbnail
29:46
FST-01SZ (Flying Stone Tiny 01 revision ShenZhen)
47
Thumbnail
25:10
From Zero to Portability
48
Thumbnail
36:07
From Oracle to Apache - News from Apache NetBeans
49
Thumbnail
25:10
From jQuery to React
50
Thumbnail
22:51
Fritzing - the past, the present and the future
51
Thumbnail
47:08
FreeIPA and cross-distribution packaging experience
52
Thumbnail
38:22
FreeBSD in Audio Studio
53
Thumbnail
35:10
FreeBSD Graphics
54
Thumbnail
24:10
Fractalide and Cantor
55
Thumbnail
16:02
FOSDEM infrastructure review
56
Thumbnail
44:55
Forest: An Open Source Quantum Software Development Kit
57
Thumbnail
44:54
FLOSS, the Internet and the Future
58
Thumbnail
20:35
Flamethrower
59
Thumbnail
29:39
Flickerfree boot
60
Thumbnail
22:28
Firefox is your Marionette
61
Thumbnail
30:21
Firecracker, should it work only with a single runtime?
62
Thumbnail
35:06
Fine-grained Distributed Application Monitoring Using LTTng
63
Thumbnail
21:34
Fighting spam for fun and profit
64
Thumbnail
09:30
Feature store: the missing data layer in ML pipelines?
65
Thumbnail
26:53
Fearless Multimedia Programming
66
Thumbnail
25:10
Extending syslog-ng in Python: Best of both worlds
67
Thumbnail
25:34
Extending Numba
68
Thumbnail
12:35
Exporting Ceph Object Storage data to the outside world
69
Thumbnail
17:23
Exponential speedup in progress
70
Thumbnail
22:00
Experience with wisp
71
Thumbnail
21:38
Evolution of file system and disk management in HelenOS
72
Thumbnail
21:37
Etherlime: open source blockchain development tool
73
Thumbnail
15:24
Enrich your NIC's capabilities with DPDK Soft NIC
74
Thumbnail
25:47
Enough: How journalism can benefit from free software
75
Thumbnail
29:48
Extend Emacs in C or Other Languages
76
Thumbnail
26:59
Embracing Language Servers for Blockchain Development
77
Thumbnail
20:32
Embedded FreeBSD on a five-core RISC-V processor using LLVM How hard can it be?
78
Thumbnail
49:21
ELI5: ZFS Caching
79
Thumbnail
20:34
ElasticSearch Correctness and perfOrmance Validator
80
Thumbnail
48:09
eBPF powered
81
Thumbnail
25:52
Dynamic answer generation with Lua
82
Thumbnail
13:48
Drawing PCBs with Inkscape
83
Thumbnail
20:10
Dotting the ethics i and crossing the t
84
Thumbnail
11:58
Documenting Validator Requirements
85
Thumbnail
13:59
Document Redaction with LibreOffice
86
Thumbnail
48:21
Do Linux Distributions Still Matter With Containers?
87
Thumbnail
30:09
DNS Privacy panel
88
Thumbnail
28:34
DNS and the Internet's architecture: the DoH dilemma Impacts of DNS-over-HTTPS on how the Internet works
89
Thumbnail
36:05
Distributed ledgers finally brought me a usable digital identity!
90
Thumbnail
21:03
Distributed Computing with Ada and CORBA using PolyORB
91
Thumbnail
20:33
Displaying other Application data into a Wiki
92
Thumbnail
26:21
Discover GraphQL with Python, Graphene and Odoo
93
Thumbnail
08:49
Devroom intro
94
Thumbnail
24:30
Developing data structures for JavaScript
95
Thumbnail
22:11
Designing for Security
96
Thumbnail
24:43
Designing Command-Line Tools People Love
97
Thumbnail
25:39
Design Automation in Wonderland
98
Thumbnail
22:40
Demystifying Coroutines and Asynchronous Programming in Python
99
Thumbnail
24:22
Deep Dive: Kubernetes Metrics with Prometheus
100
Thumbnail
29:24
Deduplication on large amounts of code
101
Thumbnail
29:57
Decoding Meteor-M2: QPSK, Viterbi, Reed Solomon and JPEG
102
Thumbnail
30:09
D-Wave's Software Development Kit
103
Thumbnail
22:13
D-Wave Hybrid Framework
104
Thumbnail
22:43
Declare your Linux Network state!
105
Thumbnail
28:28
Decentralizing the Web Despite Itself
106
Thumbnail
36:35
Debug info in optimized code - how far can we go?
107
Thumbnail
15:22
Debian Java: Insights and challenges
108
Thumbnail
50:10
Ceph Data Services in a Multi- and Hybrid Cloud World
109
Thumbnail
50:10
Data Modeling, Normalization and Denormalization
110
Thumbnail
30:09
D-Wave's Software Development Kit
111
Thumbnail
22:13
D-Wave Hybrid
112
Thumbnail
19:24
CubicWeb: a browser for the web of data
113
Thumbnail
40:13
Crostini: A Linux Desktop on ChromeOS
114
Thumbnail
24:11
Cross browser extensions
115
Thumbnail
15:37
Creating a Computing Revolution: from Personal Computers to Personal Servers
116
Thumbnail
36:23
Critical Path Analysis
117
Thumbnail
23:14
Couple scientific simulation codes with preCICE
118
Thumbnail
24:07
Countless, Beautiful Contribution
119
Thumbnail
20:10
Controlling the Execution of Parallel Algorithms in Ada
120
Thumbnail
18:44
Continuous Localization
121
Thumbnail
21:15
Continuous Integration to compile and test Navit
122
Thumbnail
29:36
Containing the RDMA plasma
123
Thumbnail
30:09
Consorting with Industry
124
Thumbnail
15:10
Console oriented services: wttr.in, cheat.sh, rate.sx
125
Thumbnail
25:10
Consistent PKCS#11 in Operating Systems
126
Thumbnail
09:39
Connecting .NET Core to D-Bus
127
Thumbnail
25:10
Configurations: Do you prove yours ?
128
Thumbnail
26:17
Condition Monitoring & Transfer Learning
129
Thumbnail
23:50
Compute the QOS of your infrastructure with DEPC
130
Thumbnail
20:10
Component-based Design System and Development
131
Thumbnail
24:34
Complex cameras are (were?) complex
132
Thumbnail
40:40
Compiling the Linux kernel with LLVM tools
133
Thumbnail
33:15
Companies and Communities
134
Thumbnail
28:54
Community Data Are Not Community Metrics
135
Thumbnail
27:02
Coming: a Tool for Mining Change Pattern Instances from Git Commits
136
Thumbnail
23:49
Collabora Office as an app on iOS
137
Thumbnail
15:21
Cogito
138
Thumbnail
50:10
Codifying infrastructure with Terraform for the future
139
Thumbnail
25:06
Code anomalies in Kotlin programs
140
Thumbnail
30:10
Coaching for Open Source Communities 2.0
141
Thumbnail
13:46
Cloud Native Security 101
142
Thumbnail
09:45
FOSDEM 2019 - Closing
143
Thumbnail
18:12
Clang plugins in LibreOffice - global analyses across a large codebase
144
Thumbnail
26:45
CK: an open-source framework to automate, reproduce, crowdsource and reuse experiments at HPC conferences
145
Thumbnail
27:06
CI/CD for embedded development with an ESP8266, Arduino-cli, Gitlab-ci, Raspberry Pi, and Kubernetes
146
Thumbnail
29:10
Challenges With Building End-to-End Encrypted Applications - Learnings From Etesync
147
Thumbnail
24:59
Challenges in Monitoring Distributed Storage Environment and how Tendrl addresses them
148
Thumbnail
39:28
Ceph storage with Rook
149
Thumbnail
23:53
Cappulada: Smooth Ada Bindings for C++
150
Thumbnail
46:58
Can Anyone Live in Full Software Freedom Today?
151
Thumbnail
24:55
Call C++ from Rust with the cpp crate
152
Thumbnail
29:45
Building production-grade networking software with FD.io CSIT
153
Thumbnail
25:18
Pantheon Doc team expedition
154
Thumbnail
27:50
Building open source scientific equipment
155
Thumbnail
26:06
Building modern desktop apps in Go
156
Thumbnail
20:10
Building Immersive Experiences with the Web
157
Thumbnail
27:37
Building an LLVM-based tool
158
Thumbnail
23:26
Building a Multi-Node SIP Platform Using OpenSIPS
159
Thumbnail
18:51
Go MIDI
160
Thumbnail
27:53
Building a Community Metrics Strategy
161
Thumbnail
23:27
Bring JavaScript to the Internet of Things - From Embedded Device to Smart Gateway
162
Thumbnail
22:15
Breaking the 100 bits per second barrier with Matrix
163
Thumbnail
52:39
Breaking PostgreSQL at Scale
164
Thumbnail
22:59
Breaking Down Language Barriers
165
Thumbnail
20:29
Breaking the Messaging Silos with COI: Chat Over IMAP
166
Thumbnail
16:06
bmclib: A Baseboard Management Controller library
167
Thumbnail
43:18
Blockchain: The Ethical Considerations
168
Thumbnail
26:18
BinAST
169
Thumbnail
21:14
Beyond the webrtc.org monoculture
170
Thumbnail
43:45
Beyond The First Steps
171
Thumbnail
44:13
Better loop mounts with NBD
172
Thumbnail
25:10
Base64 is not encryption
173
Thumbnail
15:11
API Client Library Automation
174
Thumbnail
39:47
Automated firewall testing
175
Thumbnail
25:45
Automate Kubernetes Workloads with Ansible
176
Thumbnail
15:41
Autocrypt - Automating E-Mail Encryption
177
Thumbnail
32:01
Augmented Network Visibility with High-Resolution Metrics
178
Thumbnail
30:10
Async PHP Requests & Reactive Responses with PHP-FPM
179
Thumbnail
29:28
Astor: A Program Repair Library for Java
180
Thumbnail
20:10
Asterisk WebRTC frontier: make client SIP Phone with sipML5 - Janus Gateway
181
Thumbnail
20:38
The State of Asterisk
182
Thumbnail
39:31
Around the world with Postgres extensions
183
Thumbnail
24:58
Apache Lucene and Apache Solr 8
184
Thumbnail
23:16
Analysis of the behavior of mobile applications and its consequences for our privacy
185
Thumbnail
11:27
VIRTIO status update
186
Thumbnail
20:40
An Update on NetBSD (no, not that kind of update)
187
Thumbnail
23:47
Automated Analysis of TLS 1.3
188
Thumbnail
25:13
Tezos Introduction
189
Thumbnail
30:48
An operator centric way to update application containers with AtomFS
190
Thumbnail
28:27
Introduction to Production Profiling and Diagnostics
191
Thumbnail
1:40:16
An Introduction to Ada for Beginning and Experienced Programmers
192
Thumbnail
25:03
An End-to-End LTE Testbed in Three Clicks
193
Thumbnail
20:14
AI image search with Go & Tensorflow
194
Thumbnail
50:01
Advocating For FOSS Inside Companies Redux
195
Thumbnail
15:22
Add enterprise 2FA to your ownCloud in 15 minutes
196
Thumbnail
57:16
ActivityPub panel
197
Thumbnail
20:59
A year of LXD development
198
Thumbnail
28:43
A year of Container Kernel Work
199
Thumbnail
22:08
A roadmap for the Hurd?
200
Thumbnail
20:10
A quick update on singularity 3.0
201
Thumbnail
20:21
Get your data back under control
202
Thumbnail
28:28
A new approach to container isolation with Nabla
203
Thumbnail
46:06
A microkernel written in Rust: Porting the UNIX-like Redox OS to Armv8
204
Thumbnail
26:41
A low latency GPU engine based reset mechanism for a more robust UI experience
205
Thumbnail
26:55
A Guiler's Year of Racket
206
Thumbnail
20:46
A follow-up on LTTng container awareness
207
Thumbnail
42:18
A Deepdive into Tantivy
208
Thumbnail
21:00
containerd update
209
Thumbnail
14:36
A brief story about friendship
210
Thumbnail
17:47
.NET on the Web with Mono WebAssembly
211
Thumbnail
27:02
"Enlightening" KVM
212
Thumbnail
28:38
"Collaboration in Open Source Is the Better Way"
213
Thumbnail
30:09
3Geonames.org
214
Thumbnail
24:16
25 Years of FreeBSD
215
Thumbnail
54:20
2019: 50 Years of *x: A Computer Odyssey and Why it is important
216
Thumbnail
14:13
10 years of open source test case management
217
Thumbnail
15:59
0 A.D., a libre real-time strategy game
218
Thumbnail
23:42
Multilingual Kubernetes
219
Thumbnail
44:49
Multicloud CI/CD with OpenStack and Kubernetes
220
Thumbnail
21:47
Monitoring Kubernetes and Virtualization
221
Thumbnail
15:22
Monica
222
Thumbnail
17:48
Mobile design with device-to-device networks
223
Thumbnail
40:09
Mining Source Code^3
224
Thumbnail
22:25
Minimalism versus Types
225
Thumbnail
46:43
Migrating from Adobe Connect - the Victory of FOSS Over Proprietary Software
226
Thumbnail
18:44
Minimalism matters
227
Thumbnail
40:13
Migrating a Big Data Cluster from Linux to FreeBSD
228
Thumbnail
15:09
MicroPython – Python for Microcontrollers
229
Thumbnail
35:10
Microkernel virtualization under one roof
230
Thumbnail
38:09
Microkernel lightning talks
231
Thumbnail
26:28
Microcontroller Firmware from Scratch
232
Thumbnail
22:39
Mgmt Config: The Road to 0.1
233
Thumbnail
23:43
Merging System and Network Monitoring with BPF
234
Thumbnail
49:51
MENDER.io
235
Thumbnail
14:47
Memory Management
236
Thumbnail
21:20
Memex: Battling Information Overload
237
Thumbnail
27:55
Medical image reconstruction using the .NET Framework
238
Thumbnail
39:16
Mattermost’s Approach to Layered Extensibility in Open Source
239
Thumbnail
52:34
Matrix in the French State and introducing...Matrix 1.0
240
Thumbnail
26:39
Mastering Application/Service Configuration
241
Thumbnail
22:08
MariaDB and MySQL — what statistics optimizer needs
242
Thumbnail
21:26
Managing Virtual Machines and Containers in a Deeply Integrated UI
243
Thumbnail
39:20
Managing and Monitoring Ceph with the Ceph Manager Dashboard
244
Thumbnail
15:09
MALT: MALloc Tracker
245
Thumbnail
10:09
MALT & NUMAPROF, Memory Profiling for HPC Applications
246
Thumbnail
23:19
Making your Python code write your Python code
247
Thumbnail
47:59
Creating the next hit game with FOSS tools
248
Thumbnail
23:06
OpenJ9
249
Thumbnail
53:37
Making Sense of so many License Compliance Tools
250
Thumbnail
50:51
Make your own language with Racket
251
Thumbnail
16:07
Make XMPP Sprint Again
252
Thumbnail
30:10
oVirt: Make Room! Make Room!
253
Thumbnail
14:59
Maemo Leste: Mobile Hacker OS
254
Thumbnail
25:10
M3 and a new age of metrics and monitoring in an increasingly complex world
255
Thumbnail
25:07
Lucene Upgrade in Jira 8.0
256
Thumbnail
44:06
Open Source
257
Thumbnail
25:09
Weaving Computation
258
Thumbnail
30:21
Grafana Loki: Like Prometheus, but for logs
259
Thumbnail
41:05
llvm.mix Multi-stage compiler-assisted specializer generator built on LLVM
260
Thumbnail
20:00
LLVM for the Apollo Guidance Computer
261
Thumbnail
40:57
Linux distributions, lifecycles, and containers
262
Thumbnail
28:57
Linux and USB Audio Class 3
263
Thumbnail
34:14
Linking OpenStreetMap and Wikidata
264
Thumbnail
29:31
FOSDEM 2019 - Lightning Talks
265
Thumbnail
34:37
libsigmf: Human Tools for Extra-Terrestrial and AI Radio
266
Thumbnail
22:39
LibreOffice Online - hosting your documents
267
Thumbnail
26:14
LibreOffice: the origins of a community fork
268
Thumbnail
23:52
LibreHosters
269
Thumbnail
23:50
Leveraging ceph-mgr modules for fun
270
Thumbnail
05:10
Let's use centralized log collection to make incident response teams happy
271
Thumbnail
39:03
Lessons in TableGen
272
Thumbnail
13:24
Lesson learned from Retro-uC and search for ideal HDL for open source silicon
273
Thumbnail
25:10
Less painful E2E tests with Cypress.io
274
Thumbnail
16:36
LemonLDAP::NG 2.0
275
Thumbnail
15:10
Leela Chess Zero
276
Thumbnail
50:10
Learning to Rank
277
Thumbnail
26:21
Learning about Deep Learning: Applications for OpenJDK/Java Verification
278
Thumbnail
13:20
LAVA federated testing
279
Thumbnail
48:13
Latest evolution of Linux IO stack, explained for database people
280
Thumbnail
18:43
LATERAL derived table in MySQL
281
Thumbnail
32:05
Latency SLOs done right
282
Thumbnail
30:30
Kubelet Istio: Kubernetes Network Security Demystified
283
Thumbnail
28:38
KLEAK
284
Thumbnail
29:03
KiCad Project Status 2019
285
Thumbnail
43:25
Keeping Track of Stateful Infrastructure
286
Thumbnail
25:10
JavaScript for open computing education
287
Thumbnail
24:14
JavaScript: If you love it, set it free
288
Thumbnail
26:23
Java and Containers
289
Thumbnail
22:06
Checkpoint Restore
290
Thumbnail
20:29
Introduction to reSIProcate
291
Thumbnail
25:55
Introduction to OpenAPI Specification
292
Thumbnail
10:41
Introduction to dpdk-burst-replay tool
293
Thumbnail
28:24
CERN Open Hardware Licence 2.0
294
Thumbnail
45:29
Introducing rust-prometheus
295
Thumbnail
16:58
Machine Learning: From Lab to Production with Kubeflow
296
Thumbnail
18:00
Introducing kubectl-trace
297
Thumbnail
15:31
Introducing DBus-ASIO
298
Thumbnail
23:42
Interactive Computing with F# Jupyter
299
Thumbnail
27:59
Intel GFX CI: Validation done the Linux way
300
Thumbnail
10:10
Gstreamer loves WPEWebKit
301
Thumbnail
25:32
Inclusion Includes You
302
Thumbnail
28:21
Improving SmartArt import in LibreOffice Impress
303
Thumbnail
30:10
Improving LibreOffice quality together
304
Thumbnail
20:55
Improve your SQL
305
Thumbnail
30:10
Improve your On-Ramps for New Participants
306
Thumbnail
15:10
IMAP, JMAP and the future of open email standards
307
Thumbnail
25:10
IGT GPU Tools - the past, the present, the future
308
Thumbnail
16:26
ID4me: using the DNS as a directory for identities
309
Thumbnail
35:20
Hyperledger Fabric
310
Thumbnail
30:10
HWallet: The simplest Bitcoin hardware wallet
311
Thumbnail
27:44
Hundred* thousand rides a day
312
Thumbnail
51:09
Huge pages and databases
313
Thumbnail
1:00:10
HTTP/3
314
Thumbnail
21:06
WebXR - Beyond Games & 360 Videos
315
Thumbnail
15:10
How we use Gluster
316
Thumbnail
30:47
How We Modified an Agent-based Automation System to Become an Agentless One
317
Thumbnail
09:20
NFS-Ganesha Weather Report
318
Thumbnail
21:35
Nextcloud
319
Thumbnail
29:27
New interoperability, i18n and LibreLogo improvements of LibreOffice
320
Thumbnail
07:55
Neuropil - Secure Interaction for Things
321
Thumbnail
33:51
Neural commit message suggester
322
Thumbnail
49:18
Netflix and FreeBSD
323
Thumbnail
09:49
Nakadi: Streaming Events for 100s of Teams
324
Thumbnail
24:33
MySQL Replication - Advanced Features
325
Thumbnail
22:58
MySQL and the CAP theorem: relevance & misconceptions
326
Thumbnail
20:10
MySQL 8.0 Document Store: How to Mix NoSQL & SQL in MySQL 8.0
327
Thumbnail
20:10
MySQL 8.0 Component Infrastructure
328
Thumbnail
10:42
My 10 year journey with FOSSASIA: A woman's pathway to open source
329
Thumbnail
38:25
Multiplex graph analysis with GraphBLAS
330
Thumbnail
13:47
Open source virtual prototyping for faster hardware and software co-design
331
Thumbnail
16:44
Open source software security testing
332
Thumbnail
25:00
Open Source Geolocation
333
Thumbnail
25:03
Open Source Firmware at Facebook
334
Thumbnail
22:23
An OSD Case Study
335
Thumbnail
44:59
Microsoft's Open Source Journey
336
Thumbnail
29:40
Open Source at DuckDuckGo
337
Thumbnail
15:09
Open Software deserves Open Hardware
338
Thumbnail
13:55
Open Food Network
339
Thumbnail
27:01
One image to rule them all
340
Thumbnail
30:40
On Observability
341
Thumbnail
26:10
Now what? Following through on your community guidelines
342
Thumbnail
27:33
No evidence of communication and implementing a protocol: Off-the-Record protocol version 4
343
Thumbnail
14:32
OpenGreffe
344
Thumbnail
26:55
openEMS - An Introduction and Overview
345
Thumbnail
36:13
OpenEBS
346
Thumbnail
25:10
Scale Your Auditing Events
347
Thumbnail
05:59
SAYMON - object-oriented monitoring and management for both ICT&IoT
348
Thumbnail
42:37
Sans IO: safe and testable network protocols
349
Thumbnail
26:52
Salut à Toi: A Python Based Social Network And More
350
Thumbnail
26:44
RustPython: a Python implementation in Rust
351
Thumbnail
22:55
RustPräzi: a tool to build an entire call graph of crates.io
352
Thumbnail
24:45
Rust and GNOME
353
Thumbnail
18:44
rust-vmm
354
Thumbnail
25:31
Russian crypto algorithms in the OpenSource world
355
Thumbnail
15:35
Running Android on the Raspberry Pi
356
Thumbnail
29:02
Rspamd in FreeBSD Mail
357
Thumbnail
39:32
Roll your own compiler with LLVM
358
Thumbnail
27:18
Rewriting Pointer Dereferences in bcc with Clang
359
Thumbnail
22:35
Root Zone KSK Rollover update
360
Thumbnail
22:16
Retroshare JSON
361
Thumbnail
22:03
Resurrecting Personas for LibreOffice
362
Thumbnail
23:40
Singularity: Simple. Fast. Secure.
363
Thumbnail
27:45
Reinventing MVC pattern for F# web programming
364
Thumbnail
27:08
ReFrame: A Regression Testing and Continuous Integration Framework for HPC systems
365
Thumbnail
24:29
Reducing Memory Usage of Mesa's Shader Compiler (Again)
366
Thumbnail
21:13
Redis Labs & the tragedy of the Commons Clause
367
Thumbnail
27:13
Redfish: the new standard for a Software Defined Infrastructure
368
Thumbnail
23:37
RecordFlux: Facilitating the Verification of Communication Protocols
369
Thumbnail
05:09
Mgmt Config
370
Thumbnail
28:05
Mgmt Config:
371
Thumbnail
51:31
Rated Ranking Evaluator: an open-source approach for Search Quality Evaluation
372
Thumbnail
26:53
Raspberry Pi history, tips and use case
373
Thumbnail
44:37
RAPIDS
374
Thumbnail
41:17
Raft in Scylla
375
Thumbnail
24:15
Quo vadis, LibreOffice extensions?
376
Thumbnail
20:40
PWA caching strategies
377
Thumbnail
24:59
Protecting Secrets with Hardware
378
Thumbnail
20:36
Pulp 3: Ready for a Test Drive
379
Thumbnail
26:23
Protect your bits: Introduction to gr-fec
380
Thumbnail
20:10
Proof of Pointer Programs with Ownership in SPARK
381
Thumbnail
39:35
Promotion of open source and role of standardization in Quantum Computing
382
Thumbnail
24:43
Project Trellis and nextpnr: FOSS Tools for ECP5 FPGAs
383
Thumbnail
23:46
Project Things
384
Thumbnail
45:10
Profiling PHP applications
385
Thumbnail
30:03
Profiling Low-End Platforms using HawkTracer Profiler
386
Thumbnail
21:00
Privacy-preserving monitoring of an anonymity network
387
Thumbnail
31:04
Preserving numerical algorithms
388
Thumbnail
35:09
Predicting PR Comments
389
Thumbnail
43:43
PostgreSQL vs. fsync
390
Thumbnail
48:34
PostgreSQL Goes to Eleven!
391
Thumbnail
22:22
Porting U-Boot to a Modular Device
392
Thumbnail
55:29
Porting Debian to the RISC-V architecture
393
Thumbnail
50:54
Portable Services are Ready to Use
394
Thumbnail
24:51
Pocket Science Lab
395
Thumbnail
25:23
Pocket Science Lab
396
Thumbnail
28:21
PipeWire
397
Thumbnail
20:10
Persistence with Ada Database Objects
398
Thumbnail
21:14
Perl 6 as a new tool for language compilers
399
Thumbnail
26:01
Performing Low-cost Electromagnetic Side-channel Attacks using RTL-SDR and Neural Networks
400
Thumbnail
20:57
Performance tuning Twitter services with Graal and Machine Learning
401
Thumbnail
44:26
PennyLane - Automatic differentiation and machine learning of quantum computations
402
Thumbnail
19:57
Patterns and anti-patterns in Open Source participation
403
Thumbnail
55:17
Difficulties in having more designers involved in Open Source
404
Thumbnail
48:35
Packaging for Mageia Linux with Docker containers
405
Thumbnail
21:31
Package software for any distribution with upt
406
Thumbnail
48:21
Panel: Open Source .NET
407
Thumbnail
17:16
P4: Private Periodic Payments Protocol
408
Thumbnail
54:28
Deep dive in the ossia ecosystem
409
Thumbnail
42:53
Organizer's Panel -- Now and Forever
410
Thumbnail
23:00
Organisational Processes in Decentralized Software
411
Thumbnail
14:41
Hardening the Operating Systems against transient faults
412
Thumbnail
50:10
Kubic for Container People
413
Thumbnail
16:24
OpenScore
414
Thumbnail
43:08
OpenJDK Governing Board Q&A
415
Thumbnail
23:28
OpenHPC Update
416
Thumbnail
42:57
Quantum Computing at Google and in the Cloud
417
Thumbnail
21:29
OpenStreetMaps for emergency prep: The view from San Francisco
418
Thumbnail
32:13
XWiki: a collaborative apps development platform
419
Thumbnail
38:44
ZFS Powered Magic Upgrades
420
Thumbnail
25:14
Zink: OpenGL on Vulkan
421
Thumbnail
13:40
Will you boot Haiku, on a non intel platform, no BIOS winter?
422
Thumbnail
17:29
Writing Network Drivers in High-Level Languages
423
Thumbnail
14:30
XR: The present, the future and how to get there.
424
Thumbnail
50:27
XDP (eXpress Data Path) as a building block for other FOSS projects
425
Thumbnail
26:26
Working with Webhooks
426
Thumbnail
17:52
Why JSON when you can DSL?
427
Thumbnail
30:10
Why, and How, we compiled Xaml into IL
428
Thumbnail
30:39
Who wants you to think nobody uses the AGPL and why
429
Thumbnail
20:42
Who needs to know? Private-by-design collaboration
430
Thumbnail
25:22
Who needs pandoc when you have Sphinx?
431
Thumbnail
25:48
Where is my error gone?
432
Thumbnail
30:10
When perf-html Met A11y
433
Thumbnail
25:52
Exponential speedup in progress
434
Thumbnail
25:47
When and How to use CGo
435
Thumbnail
41:27
What's new in the world of seL4
436
Thumbnail
50:48
What's new in PostgreSQL 11
437
Thumbnail
23:46
What's new in DeepSea An overview of new features
438
Thumbnail
38:58
What makes LLD so fast?
439
Thumbnail
45:25
What is IBMQ
440
Thumbnail
11:45
Setting up an HPC lab from scratch
441
Thumbnail
04:51
Writing Asynchronous SNMP Agents
442
Thumbnail
19:17
What are your users kubectl-ing into your Kubernetes cluster?
443
Thumbnail
04:17
Welcome to the Legal and Policy Issues devroom
444
Thumbnail
25:10
Web Components are the future. And the future is now!
445
Thumbnail
22:47
Write Drunk - Test Automated
446
Thumbnail
22:46
What did I just agree to?
447
Thumbnail
41:23
Walking through walls
448
Thumbnail
25:45
Wayland in IVI systems
449
Thumbnail
28:57
VR Map: Putting OpenStreetMap Data Into a WebVR World
450
Thumbnail
24:17
VoIP Troubleshooting and Monitoring with SIP3
451
Thumbnail
10:30
Voice Controlled Radio Enabling broadcast reception for Smart Speakers
452
Thumbnail
23:08
VNF development made easy with netmap
453
Thumbnail
40:09
What's new in Ceph Nautilus
454
Thumbnail
30:10
Virtual IOMMU Implementation using HW Nested Paging
455
Thumbnail
25:10
VLC 4.0
456
Thumbnail
14:21
VBoard, making web dashboards in 3D and VR
457
Thumbnail
23:32
Validating Big Data Jobs
458
Thumbnail
23:06
Uyuni: A world-class open source frontend solution for managing your software-defined infrastructure with Salt
459
Thumbnail
21:11
UX at Tor: an Open Approach
460
Thumbnail
24:33
Using Progressive Web Apps to control IoT
461
Thumbnail
40:10
Using networks to study 18th century French trade
462
Thumbnail
29:05
Using eBPF for Linux Performance Analyses
463
Thumbnail
30:10
Use kcli with all your virtualization solutions!
464
Thumbnail
27:48
Use configmanagement for your ... configmanagement.
465
Thumbnail
25:10
USB borne attacks and usable defense mechanisms
466
Thumbnail
19:42
Video Analysis using CUDA and OpenCV
467
Thumbnail
35:42
Unikraft: Unikernels Made Easy
468
Thumbnail
22:50
VR Map: WebXR with Real-World OSM Data
469
Thumbnail
20:24
Unifying network filtering rules for the Linux kernel with eBPF
470
Thumbnail
37:47
Understanding Source Code with Deep Learning
471
Thumbnail
25:16
V4L2: A Status Update
472
Thumbnail
23:28
Un-split brain (aka Move Back in Time) MySQL
473
Thumbnail
28:32
UEFI Boot for Mere Mortals
474
Thumbnail
16:30
TypeScript-It's time to migrate!
475
Thumbnail
26:01
Tuning Go GC Parameters
476
Thumbnail
25:59
Tree matchings with Behavior Trees
477
Thumbnail
22:29
Tracking users with core Internet protocols
478
Thumbnail
33:36
Towards a sustainable solution to open source sustainability
479
Thumbnail
22:05
Tools for Shrinking Your Containers
480
Thumbnail
24:15
To the future with Grav CMS
481
Thumbnail
25:55
Time is Important - Developer Centric IoT Platforms
482
Thumbnail
19:28
Tiki: Easy setup of wiki-based knowledge management system
483
Thumbnail
21:56
TiDB: Distributed, horizontally scalable, MySQL compatible
484
Thumbnail
15:35
Theo: The Authorized Keys Manager
485
Thumbnail
28:56
What's going on with Storage?
486
Thumbnail
20:10
Unified Communications with Pàdé
487
Thumbnail
29:11
Tooling for IntelliJ Platform Plugins
488
Thumbnail
32:56
The surprising interaction of open source and patent exhaustion
489
Thumbnail
17:36
The State of Webassembly in 2019
490
Thumbnail
07:47
The state of machine learning operations in 2019: reproducibility, explainability, bias evaluation and beyond
491
Thumbnail
25:03
The State of Go
492
Thumbnail
19:43
The SReview review system
493
Thumbnail
26:43
The Software Developer’s Guide to Open Source Hardware
494
Thumbnail
16:32
Skulls - coreboot your X230 the easy way
495
Thumbnail
24:33
The right to data portability (and why it's a very bad idea)
496
Thumbnail
48:18
The TPM2 software community
497
Thumbnail
26:28
The Yoast Design Meeting and how it started us on the path to open source design
498
Thumbnail
30:10
The Open Source Community: its past and future
499
Thumbnail
30:09
The New Internet
500
Thumbnail
25:10
The new EU CyberSecurity Act
501
Thumbnail
25:59
The Missing Benchmark Metric: Memory Consumption
502
Thumbnail
11:25
The Kitspace BOM Builder
503
Thumbnail
28:49
The impact of Meltre and Specdown on microkernel systems (*)
504
Thumbnail
45:17
The future of Supervisor Binary Interface(SBI)
505
Thumbnail
27:39
The final release of Kodi v18
506
Thumbnail
26:29
The Dwingeloo radio telescope goes SDR
507
Thumbnail
40:09
The DAO of Bisq
508
Thumbnail
48:31
The Current and Future Tor Project
509
Thumbnail
22:30
the current and future state of Ethereum
510
Thumbnail
34:26
The Container Storage Interface, Explained
511
Thumbnail
20:47
Making your MySQL Replication Setup run faster!
512
Thumbnail
42:58
The Cloud is Just Another Sun
513
Thumbnail
16:48
The brief case for User-space Network Stacks (DPDK and friends)
514
Thumbnail
21:24
The art of multiplexing MySQL connections with ProxySQL
515
Thumbnail
25:12
Text Markup to PDF with Python
516
Thumbnail
19:12
The real cost of not doing user research
517
Thumbnail
21:16
The convergence of HPC and BigData
518
Thumbnail
29:13
Testing Over 1000 gTLDs for EDNS0
519
Thumbnail
22:13
Testing GraphQL in your JavaScript application
520
Thumbnail
29:51
Tested for Business: An Open and Transparent Quality Kit
521
Thumbnail
24:51
Test complex database systems in a laptop with dbdeployer
522
Thumbnail
24:15
Testing your infrastructure and services with the help of OPNFV testperf team
523
Thumbnail
22:20
Ten years of Puppet installations: what now?
524
Thumbnail
25:10
Templating Languages for Interactive Fiction
525
Thumbnail
22:28
Tcl - An Embeddable Long-lever with a Comfortable Grip, that fits in your Pocket.
526
Thumbnail
25:50
Tapping Into the Binary Log Change Stream
527
Thumbnail
15:42
Sysadmins, too, deserve interface stability
528
Thumbnail
30:09
Sustaining FOSS Projects By Democratizing The Sponsorship Process
529
Thumbnail
15:36
TRex
530
Thumbnail
30:51
Taming The Dinosaur: How Eclipse was Performance Tuned
531
Thumbnail
19:26
Sustain in Open Source with Gitcoin
532
Thumbnail
49:12
SUSI.AI: An Open Source Platform for Conversational Web
533
Thumbnail
30:14
Countering Impostor Syndrome Culture
534
Thumbnail
26:11
Super-speedy scoring in Lucene 8
535
Thumbnail
28:04
Substrate
536
Thumbnail
15:23
Structured Concurrency
537
Thumbnail
25:10
Streaming Pipelines for Neural Machine Translation
538
Thumbnail
40:24
Storing "Lots Of Small Files" in a Swift cluster
539
Thumbnail
21:26
Stories from BIND9 refactoring
540
Thumbnail
37:13
Square Kilometre Array
541
Thumbnail
27:55
Spoofing GPS is it really the time we think it is, and are we really where we think we are?
542
Thumbnail
17:51
Speeding up the Booting Time of a Toro Appliance
543
Thumbnail
23:23
Speeding up Programs with OpenACC in GCC
544
Thumbnail
30:05
Spatial Reference Systems Transformations with Boost.Geometry
545
Thumbnail
28:51
Watching Them Watching Us WebExtensions Exposing Privacy Leaks
546
Thumbnail
52:25
Tesla Hacking to FreedomEV!
547
Thumbnail
49:01
Solo5: A sandboxed, re-targetable execution environment for unikernels
548
Thumbnail
42:55
Solid: taking back the Web through decentralization
549
Thumbnail
24:51
SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer
550
Thumbnail
36:15
Smelling Source Code Using
551
Thumbnail
40:09
SMB3 UNIX Extensions
552
Thumbnail
04:00
slapdcheck
553
Thumbnail
25:10
Solving Polynomial Systems in Python
554
Thumbnail
29:42
Set-versioned package dependencies
555
Thumbnail
24:41
Securing the JVM
556
Thumbnail
26:54
Server side solution for generating ODF reports
557
Thumbnail
25:01
Securing Secure Boot on Xen
558
Thumbnail
43:24
Secure Web Applications with AWA
559
Thumbnail
27:10
SDR Makerspace sdrmaker.space
560
Thumbnail
25:19
Making furniture with JavaScript
561
Thumbnail
24:41
Onion adventures
00:00
Projective planeOpen sourceSoftware maintenanceComputer animation
00:31
Expert systemExecutive information systemMereologyHuman migrationBootingCohen's kappaKernel (computing)SpacetimeCurvatureAddress spaceRead-only memoryPopulation densityBefehlsprozessorSurfaceComponent-based software engineeringProcess (computing)Multiplication signNumberPhysical systemScaling (geometry)Binary codeMultiplication signComputer fileVirtual machineCartesian coordinate systemServer (computing)Graph (mathematics)Single-precision floating-point formatBooting2 (number)Stack (abstract data type)Population densityMeasurementArithmetic meanKernel (computing)Service (economics)NumberSpacetimeTask (computing)Integrated development environmentSurfaceCloud computingInstance (computer science)Human migrationComponent-based software engineeringVirtualizationDampingSemiconductor memoryStandard deviationOrder (biology)SoftwareParameter (computer programming)10 (number)Computer hardwareÜbertragungsfunktionOperating systemEqualiser (mathematics)Virtual realityRight angleGraph coloringBoundary value problemProcess (computing)Core dumpUniform resource locatorBefehlsprozessorWhiteboardDifferent (Kate Ryan album)Cuboid
06:37
IntelSharewareCache (computing)Server (computing)Fluid staticsNumberMenu (computing)DemonPublic domainLambda calculusStack (abstract data type)Human migrationBootingCodeSurfaceFormal verificationSimilarity (geometry)Information securityBuildingProcess (computing)Personal digital assistantHypercubeArchitectureBefehlsprozessorSoftware frameworkLibrary (computing)Component-based software engineeringFunction (mathematics)BitNeuroinformatikBefehlsprozessorInternet der DingeMiniDiscDecision theoryProcess (computing)CASE <Informatik>Integrated development environmentAreaMereologySoftwareÜbertragungsfunktionLibrary (computing)Software developerVirtual realityTask (computing)Component-based software engineeringComputer hardwareMemory managementMultiplication signWeb 2.0Software frameworkMultiplicationVirtual machinePublic domainPoint (geometry)Cartesian coordinate systemBuildingCategory of beingDatabaseMikroarchitekturGoodness of fitShared memoryArithmetic meanCodeProjective planeRange (statistics)Different (Kate Ryan album)Similarity (geometry)Server (computing)Computing platformParameter (computer programming)ImplementationFile systemTerm (mathematics)Functional (mathematics)Service (economics)Set (mathematics)Uniqueness quantificationSpeicheradresseKernel (computing)2 (number)Information securityVirtualizationMobile WebFormal verificationDynamic random-access memoryUniform resource locatorInstance (computer science)SurfaceField (computer science)Scheduling (computing)Lambda calculusHuman migrationComputer animation
12:44
Computer networkStandard deviationStack (abstract data type)Library (computing)Read-only memoryResource allocationBuildingPhysical systemData typeMenu (computing)Computer configurationComputing platformConfiguration spaceBinary fileComputer-generated imageryMessage passingBootingVideo game consoleLibrary (computing)Independence (probability theory)NumberReal numberFormal languageBitLimit (category theory)Slide ruleCASE <Informatik>Configuration spaceComputer configurationStack (abstract data type)Computer fileSharewareSoftwareComputer architectureBuildingIntegrated development environmentMenu (computing)Computing platformPhysical systemMultiplicationScripting languageBefehlsprozessorComputing platformType theoryCartesian coordinate systemScheduling (computing)Projective planeKernel (computing)VirtualizationFile systemDifferent (Kate Ryan album)Uniqueness quantificationHypothesisImplementationMedical imagingComputer animation
16:36
MomentumCore dumpFunction (mathematics)Scheduling (computing)Binary fileComputer networkStack (abstract data type)System programmingFormal languageIntegrated development environmentSoftware frameworkComputing platformVirtual realityMiniDiscIntelRevision controlProjective planeService (economics)Formal languageRun time (program lifecycle phase)Focus (optics)Virtual machineMedical imagingPoint cloudVirtualizationScheduling (computing)Block (periodic table)MiniDiscSoftware frameworkComputer architectureFunctional (mathematics)Memory managementBitIntegrated development environmentFile systemStapeldateiInterleavingSoftwareNavigationBuildingUniform resource locatorLibrary (computing)NumberImplementationUniqueness quantificationArmPhysical systemUniformer RaumStack (abstract data type)Computing platformComponent-based software engineeringCore dumpCartesian coordinate systemCuboidOpen setTask (computing)Ocean currentComplete metric spaceOpen sourceComputer fileComputer animation
20:13
Open sourceLattice (order)Scheduling (computing)Drop (liquid)EmailOpen sourceProjective planePublic domainArmBitEmailUniverse (mathematics)Electronic mailing listSharewareScheduling (computing)Student's t-testTerm (mathematics)Computer hardwareMultiplication signKernel (computing)Uniqueness quantificationMixed realityComputer animation
22:05
SharewareSimultaneous localization and mappingMenu (computing)Gastropod shellEmulationCore dumpLibrary (computing)Host Identity ProtocolPoint (geometry)Roundness (object)Network socketLibrary (computing)Connected spaceMenu (computing)Configuration spaceComputer configurationType theoryComputing platformKeyboard shortcutSystem callSoftwareSource codeServer (computing)BuildingStack (abstract data type)Module (mathematics)Operating systemPhysical systemMedical imagingStandard deviationComputer architectureKernel (computing)Loop (music)Web pageCartesian coordinate systemScheduling (computing)Selectivity (electronic)Uniformer RaumComputer fileVirtual machineExecution unitSet (mathematics)BitEllipseComputer programmingString (computer science)Address spaceComputer animation
25:37
Normed vector spaceGastropod shellObject-oriented programmingGodServer (computing)Computer programmingProxy serverPoint (geometry)SoftwareMusical ensembleMultiplication signLine (geometry)Address spaceTouchscreenVideo game consoleConfiguration spaceDependent and independent variablesCartesian coordinate systemMedical imagingKernel (computing)Bridging (networking)Film editingWeb pageString (computer science)BitWindowSource codeComputer animation
28:28
SharewareNamespaceOpen sourceWikiMultiplication signBitLibrary (computing)PlanningComponent-based software engineeringIntegrated development environmentInheritance (object-oriented programming)Cartesian coordinate systemFunctional (mathematics)Exception handlingSystem callSpeicherbereinigungSpacetimeLevel (video gaming)Remote procedure callKernel (computing)Keyboard shortcutCodePerspective (visual)Formal languageAsynchronous Transfer ModeOrder (biology)SoftwareComputer programmingPhysical systemStack (abstract data type)Endliche ModelltheorieVirtualizationPrototypeFilm editingGastropod shellProjective planeStudent's t-testRepresentational state transferPoint (geometry)QuicksortExecution unitRow (database)MIDIScripting languagePoint cloudJava appletDifferent (Kate Ryan album)Virtual realityService (economics)Moment (mathematics)KnotVideoconferencingUniqueness quantificationRight angleInstance (computer science)Computer animation
35:35
Computer animation
Transcript: English(auto-generated)
00:05
So, Unicraft is actually an open source project that we started at NEC while we were experimenting and playing around with unicorns in the past. So I'm also from that research lab where I'm coming from, so it's in Heidelberg
00:21
based in Germany and I'm a senior researcher there and also the lead maintainer of that open source project. So you probably are aware that VMs are around for a while and they were really good in features
00:42
like consolidation, migration, and isolation. And then this hive of containers happened and they became much more popular, people use them now and they're actually pretty great. But what you hear them from these people is they're much easier to use because I have
01:01
this Docker file and I go, my containers are much smaller than your VMs, my VM usually is 10 gigabytes but my container is just a hundred of megabytes and they're also much faster to bring up. The VM takes minutes to boot but the container is up in a few seconds.
01:20
And then we say usually, wait, wait, wait, maybe all correct but actually did you hear about unikernels because you should be aware that VMs still have some advantages that not necessarily get from container environments and most importantly is strong isolation.
01:43
So let's give you a really short overview of what a unikernel is. Let's take this example, on the left side you see a cloud service deployed with virtual machines and each service entity is one application running in an own isolation box, so in an
02:03
own virtual machine. You have then a standard operating system underneath, meaning most of the time it's a Linux kernel, you run on a hypervisor, it might be KVM, Zen or VMware or whatever you deploy. And yeah, it's quite a heavy weight, the stack is quite big.
02:22
So what do we do in unikernels? So first of all we want to keep the same service as before, so we take that application, keep it still in the isolation boundary, but what we do is replacing that general purpose kernel and put a purpose built kernel towards that application underneath.
02:42
So you see that service A has a different kernel underneath than application B. That whole thing is a monolithic binary that contains just a few kernel layers and the application and also only features that the application needs.
03:02
You don't need isolation anymore if you have that assumption that you have anyway just one application in one virtual machine, so you don't separate between user space and kernel space anymore, which gives you also the advantage that you have further freedom in further specializing the kernel towards your application, right?
03:23
You can tweak and tune it so that it performs that task quite well. So the gains that we found with our previous research doing that, mainly coming from a
03:42
network function virtualization space, is fast instantiation, destruction, and migration times in order of tens of milliseconds, a really low memory footprint of few megabytes of RAM. You could achieve extremely high density of these services, so we were able on a single
04:01
hardware server x86 to run 10,000 guests and then we run out of RAM. We could achieve high performance by just using a single guest CPU, so we're easily able to cope with 10 or 40 gigabits network throughput at that time, so it's kind of that number is already two, three years old, but even there I demonstrated already
04:24
how fast this stuff can go. And last but not least, you have also reduced attack surface because you have the argument that you have much less components in a unique kernel, and next to it the strong isolation is provided by your hypervisor environment.
04:42
So what I want to do is give you just a few graphs to demonstrate what we found there from our research work. So let's talk about the instantiation times. So you see on the horizontal axis the number of simultaneous running instances in the system.
05:04
What we take here is, because it's a baseline measurement, an application that actually does nothing, just comes up and tells, okay, now I'm here, and then it just stays in the system. And on the vertical axis you see the instantiation time of the nth guest that was created.
05:24
And also, please, this is a logarithmic scale. So we start with that application as a standard Linux process, and we get numbers like 0.7 to 10 milliseconds of creation time if we create like 1,000 on the machine.
05:41
If you put that into Docker, that is still good, but is increasing already to 150 to 550 milliseconds. But if you take now a standard VM, so let's say you just do bootstrap Debian, and then wait until the application is up, especially if there are lots of VMs in the system,
06:03
that time goes up to 82 seconds. And then let's take a unikernel doing the same thing, right, and then also running as a VM, and we are around 63 to 1.4 seconds. And I want to add here as well that this measurement didn't modify anything on the
06:24
tool stack, which we also did in our research, so if you're interested, I can point you to some papers where we replaced the tool stack with something written from scratch which is much more lightweight than standard ZEN, and then we could boot even in 30 milliseconds or less that unikernel.
06:43
But so far, so good. In performance, to show you a purpose-built HTTP web server, so it's completely purpose-built, nothing ported. In terms of throughput, you have here a Debian virtual machine running nginx, so this is
07:02
the DN. You have a Debian virtual machine running light HTTPd. The T means here it's Tynix, which is actually a small compiled Linux kernel, then just running the process directly from the init RAM disk. We're all getting one CPU assigned, and the same amount of RAM assigned, I think
07:26
it was 512 megabytes or something, and the file system is from RAM disk, if there's any. So in terms of throughput, you see here not that much of an advantage as soon as we go
07:41
more up to parallel connections because the bottleneck here is the actual hardware NIC because you have so many offloading features in the meantime, like segmentation offloading and so forth. The interesting part is dealing with requests per second, and the yellow part is actually our unikernel, and we are six times faster with the same resources in that virtual
08:03
machine environment just being extremely purpose-built to that use case. So application domains. So unikernels you can actually have in a wide big area and fields, and it's also
08:21
that we found that the properties that unikernels give you, each use case makes use of a different set, let's say. So what do we have? We have actually fast migration and destroy time. There we would go in something like reactive NFV, so imagine web servers that just pop up when your request is coming into your server, or serverless or Amazon Lambda, and
08:45
you know these kinds of things. We have extremely high resource efficiency, also good for serverless if you consider you have high consolidation, lots of serverless tasks on a machine. IoT and mobile edge computing, where you go into an area where you have more resource-constrained
09:06
devices that host your services on the edge of the network. High performance, really important for network function virtualization, also mobile edge computing. And then mission critical, because we have a lower attack surface, potentially we would
09:24
have a cheaper verification, which is then getting interesting for even industrial IoT cases or even automotive. And you may ask here now, so this is all great, so we have similar speed and size as containers, or even less.
09:42
We have then even strong isolation security, but why is not everybody actually using it? So that's a bit weird. And the problem is actually the development of these unikernels. So each of these highly optimized unikernels is until now a manual task.
10:01
It takes really months or even longer, so if you, let's say, have the target to create a web server with a unikernel, you start developing here, then a driver there, and then you choose a hypervisor where you want to support it, and then you make use of some specialization features so that it runs quite well on that platform.
10:24
And then somebody else comes along, cool, but now I want to run it on KVM, and you're like, okay, I can start from the beginning because you have different drivers, you have a different virtualization environment and so forth, so it's a throwaway in the end. So then even imagine you come now with a different application like a database server or
10:42
something, you start the whole process again and again, and that's in fact not something you actually want in a more production environment. So this is where we come along with Unikraft, where we actually want to provide a bit like
11:00
a unikernel build framework. So the motivation that we set us is we want to support a really wide range of use cases, meaning also supporting wide range of specialization techniques or whatever you want to do in your unikernel environment, meaning also to us probably don't know what the end users actually are, the unikernel developers actually using for optimizing
11:26
his use case. So we should be open for that and not dictate any design decisions. We want to simplify the building and optimizing process, simplify porting of existing applications, so most applications luckily use something like, for instance, the POSIX API, so that's
11:46
a good share point. And then also for lots of these unikernel projects to get rid of this throwaway argument or problem, we want to have a more common and shared code base for all these unikernel
12:04
projects that they can just reuse. And with one compile, we want to also support different hypervisor and CPU architectures. And this is actually Unikraft, where we use, it's a quite well-known concept where
12:21
we say everything is a library, but in our case also OS functionalities are libraries and we provide multiple implementations for schedulers, for instance, or memory allocators. And Unikraft actually consists of two main components. One is the library pool and the other thing is the build tool itself.
12:45
So let's give you an overview. The library pool, we distinguish actually into three types of libraries. One is the main libraries, which are kind of independent of actually any target execution environments.
13:00
This could be network stacks, this could be file systems, scheduler implementations, libc's, drivers, and so forth and so forth. Then we have the libraries that are specialized for a hypervisor execution environment like Xen or KVM or VMware or whatever you want.
13:24
And then architecture libraries that is like the last piece of missing pieces for implementing CPU requirements for your Unikernel. So when you take or you create or build your application, select and configure the
13:43
libraries you want to use in that case. Type make and the build system is then creating you multiple Unikernel images, each fitted to or specialized to the target platform that you want to run it on. Also, what I need to add here is that the system is also built so that you can come
14:04
and replace libraries in that pool or even add your own libraries to it as well. Let's say, one might say, Lightway IP is a nice network stack because it's small, but it doesn't give me all the TCP features that I need for my application. So I'd rather get for something big, I would like to run a ported BSD network stack.
14:26
So then he would select a different network stack or maybe he has an own written network stack so he would just take his library instead. An example system, imagine you have a Python script that you want to Unikernelize.
14:44
You would just select a language environment, in this case, this would be, you know, MicroPython coming from the embedded world, network stack, VFS and whatever you need and you get your Unikernel just running, executing your Python script.
15:04
The build tool is quite close to what you're used to when you use Linux. So it's kconfig based and has also lots of Makefile magic behind. But the workflow is actually make menu config.
15:20
Then you see like, you know, different options where you can then start selecting the libraries that you need, configure them, choose your target platforms. And afterwards, it's just a simple make and you have your images. To give you some numbers as a baseline example,
15:42
so I will show you after the slides actually a bit more real world demo with a small network stack that replies to HTTP with HTTP requests or HTTP replies. To give you a baseline, when we started the project, we could compile a small Unikernel
16:04
that does nothing else than just come up, say here I am and shuts down afterwards with 32.7 kilobytes. And also you had only to assign 208 kilobytes of RAM to get that thing running, although
16:21
we had to modify the tool stack because hypervise builders thought less than four megabytes, you will never have, right? So even there, you had to remove these hard-coded limits. What is going to happen soon, so we're around now since one year, so I announced actually
16:42
in last FOSDEM, the start of the project. So we have now an upcoming release in the upcoming week, which gets a new version TAC 0.3. What you will have in there already is support for Zen KVM Linux and even a bit experimental
17:05
by metal port for various architectures. As core functionality, we provide you a corporate scheduler library, although a preemptive scheduler library is in work currently. Then a binary body managed heap allocator, although you could also replace that one
17:24
if you don't want that. We have pretty new in that release networking, which is where we introduced an API, which is pretty close, what you may know from Intel libdk. It's still interrupt-driven, but it provides you specialization features like you can
17:45
batch number of packets and so forth. Library IP as a first TCP IP stack to the system. We have a VFS implementation where we then can move on later to add file systems underneath that we can mount in there. And then the two libc's that we have for now is no libc, which is a written one in the
18:07
Unicraft ecosystem to support more minimalistic builds, but most applications use some more fancy POSIX functions, so for that purpose we have also new lib available.
18:21
On the roadmap, we have, we want to concentrate our effort on getting more complete ARM64 support. Actually, it's the ARM folks by themselves providing us the ARM64 architecture and platform
18:40
support for KVM. We have started internally playing around with more libraries like muscle, libuv, zlib, open SSL and so forth, which are more like for cloud environments, more standard components that you need in your software stack. Since we have a focus on serverless, we're also looking in language runtimes like JavaScript,
19:07
Python, Ruby, C++ and so forth. We want to come up with an OCI container target support so that you can even build a container image that you could just launch in your container environment instead of just
19:23
having a virtual machine image. File systems, we've come up with, first of all, with an in RAM file system, but then also with block drivers to support actually reading something from virtual disks or 9PFS, actually.
19:41
Then network drivers, since we have VirtIO for now only, we have in the pipe zen with on that front and for the Linux target, a tab driver. And then also, we want to support frameworks like Node.js, PyTorch for maybe machine learning tasks in the network, Intel DPDK, we actually would like to port the whole framework to
20:05
Unicraft so that you would build a unikernel and a VBoxes directly. And it's open source and actually we still need support because we have actually quite a lot of stuff to do.
20:22
So as I said, actually we started December 2017 under, well actually as an incubator project from the zen project. So it's also covered by the Linux foundation, we get actually quite nice support from them. The community grew since then, so we started with two contributors, we are now at 23.
20:47
Mainly we have, to mention the big contributions from Romania, we got networking scheduling support, which from professor and students from university in Bucharest. From Israel, we had someone that was looking into bare metal support and was providing
21:05
a VGA driver so that you could actually, without any hypervisor underneath, run Unicraft directly on hardware. And from China, there is a lab from ARM that actively works and contributes for the 64-bit support for ARM, which is quite nice.
21:25
We actually are mailing list-based, our project, so we have, actually we hijacked the Minimax devel mailing list from zen, maybe you heard about that. The idea is also maybe in longer term we are able to replace that Minimax unikernel
21:44
base there so that also the zen folks have something to build their stop domains or something for that. Then we have an IRC channel on Freenode called Unicraft. And, yeah, probably I'll flush you now, let's go for a bit demo time and then you
22:05
get some more references and points and we can also then do a question round. So what I'm going to show you is actually, probably you all had a textbook that explained
22:24
you how to program a socket on a Unix system, so that you need to have a socket call, you need to set addresses, bind it and this is now being a socket server that is going to listen on a port and you have a simple while loop that then will just, as soon there
22:47
is a connection and the first byte arriving, it will just send a static string, which is by chance something that is HTTP 1.1 compatible here and sends out a web page.
23:02
So this should demonstrate you a bit, one of our targets that we want to have a unikernel that is kind of the same way as you would run or develop the application for a standard operating system. So let's go here.
23:25
You have here main.c, this is the program, you have a makefile that I can show you that looks like quite similar to external Linux kernel modules, so you get another make call
23:41
invoked that then kicks in the unikraft build system and then you have a makefile.uk which actually describes for unikraft which modules do you have or actually which source files do you have and so forth, which adds actually just main.c to the build and registers a library which we call here now app HTTP reply.
24:06
So if you type make, let's do clean so that I can prove you it builds, it is now
24:26
and at last, okay, some ellipses, scheduling and then you have the final KVM image. In the menu config, oops, ah, yes, yes, yes, yeah, that's a funny K config thing.
24:58
So you see here you have a menu for architecture selection, so I built enough for x86 but you
25:03
can choose also, you know, other architectures, platform is like one cent, KVM and so forth, although we have only networking support on KVM for now. On the libraries, you see here is lightweight IP, we could go in here and select features in there, we could even build network stack without TCP support, it's actually funny
25:23
to call it then still TCP IP stack and so forth, right? You see it's quite a library in there, we have some build options and that's it, right? And if I run that now as a KVM guest, so do you see that line or maybe I move up the
25:45
window a little bit, I load the kernel image, reply KVM and I need to attach it because it has networking to a network bridge, ah-hah, wonderful, I have mistyped here,
26:09
so now it's up already, you see it was going through the virtual bias, was loading the image, this is still chemo and then from this point on it was the unikernel, it found its network device,
26:21
brought it up and then the DHCP server in background replied with this address. So what we can do here now, we can ping the host to see the response, that you believe me I will kill now the guest, it's not responding anymore, nothing happens,
26:48
I reboot it and here it's back again, right, and then if you want you can see also the web page served, oops, oh my god, I think next time I will clone the screen so I see the console here too,
27:15
ah, proxy configuration, yes, so it came, got served and it's that string that got sent, right,
27:43
so the kernel image itself or let's say the unikernel is just 222 kilobytes in size, so quite small actually, and now to show you that it's the same program you can just go and
28:00
you know take GCC and build it as a Linux application, now we have a.out right, which is of course smaller because we don't have a virtual driver in here and so forth, but it does the same thing, right, right, so open for questions if we have a bit of time, yeah.
28:39
I understand the like isolation guarantees and stuff, I'm wondering if just sort of
28:44
operationally there are additional challenges to monitoring and operationalizing the kernel. So yeah that's actually a good question because the thing is it depends what you built into your unikernel, right, you could say do it as minimalistic as
29:00
possible which is actually our main target, but then you don't have like a shell or something in there anymore so you can't SSH into it, so you're kind of forced to use the tool that the hypervisor environment provides you, but at the same time we could still say and it's also
29:20
what we have a bit in our mind on the agenda, it's not written actually, is to provide a library that gives you kind of remote access maybe with the REST API or whatever so that you can even look what's going inside, what's happening inside the unikernel, yes.
29:48
You substitute the POSIX API of this instead of system calls, it's function calls. Right, yeah, actually probably I should repeat what he said for the recording, right, so
30:00
the question was or actually more a confirmation that we run everything in super user mode so it's kernel space in our perspective and calling something from the POSIX API is just for us a function call and there's no system call. So, one more question, yeah.
30:23
So, the question is how hard is the driver, how hard is it to port the driver from the Linux kernel? Here I need to say it's pretty hard because we have a different license. We use BSD and actually, you know, to allow you also, you know, build up some unikernels
30:44
that use non-GPL software or a library that is non-GPL. So, yeah, Linux is for as a no-go, but actually we would look into BSD, these OSes to port something. That kind of depends what you want to port. So, for now we have just a networking subsystem with, you know,
31:07
defined APIs for the drivers and we on purpose, you know, looked at DPDK because there everything runs a user space, they have kind of a similar thing of a library system there and we thought, okay, maybe can you reuse those network drivers. How this will look like for other drivers,
31:25
let's see, depends which APIs we will come up. But on the other hand, since you're a target on virtualized environments, it's not that you need, you know, a whole bunch of tons of drivers. What you need to support is the virtual driver model of your hypervisor environment. Yeah.
31:43
Yes. I'm curious about your experience with LWIP because I can see that this would be the TCP IP stack that you picked for first prototype of the implementation, but my experience is that if you want performance and especially in presence of
32:04
multi-processing, LWIP being focused on embedded systems, it won't cut it likely. Yeah. What are your experiences if you have a road map or plan for the future? So, what are the, the question is, what are the experience with LWIP? There I need to agree,
32:22
it's quite limited in that sense if you run, you know, multiple threads or whatever, this can be quickly a bottleneck. Also, features what are missing still are, you know, supporting segmentation of loading, for instance, to make use of, you know, 64 kilobyte packets that you can send to your, to your actually NIC driver that runs on the
32:44
hypervisor host and then the NIC is chopping the TCP segment into smaller packets. So, what, for that we actually have on the road map that we want to port a network stack from BSD.
33:01
Let's see if, probably we can also do the shortcut to go through OSV, OSV is also a unikernel project and they ported it already. So, we have maybe a bit more new environments so that the extraction from an existing kernel environment is a bit easier for us. So, the question is about language support for components of the system or also
33:35
applications and this is what we are actually after that release really trying to focus on,
33:42
especially, you know, languages that are really popular like JavaScript and so forth and cloud environments. Let's say, probably it's still someone looking a bit deeper in order to make even system libraries be able to be compiled with the whole system. I'm not sure yet where there are
34:02
pitfalls or not, but I could still imagine, at least for C++ it's quite easy to bind that to C code so that some of the system libraries could be in C++ and then you need, you know, this extra small code that you need for exception handling and so forth that with C++ comes. But
34:20
I could also imagine something like Go which is also compiled language and is easy to link with C code. A garbage collector we would need then which I usually don't like but that language requires it. Yeah, so I guess this is more that can be answered when we have some more language environments ported and then it's trying out and see what's missing. So we just started with
34:50
Python. So we actually took the MicroPython project that is down there and got a nice unikernel running Python programs running. We also looked into V8 which is the Node.js
35:06
JavaScript engine. There we're still missing some POSIX functionality to get it actually working but I think we probably this year we might be able to reach that point. And also, you know, Ruby, we have a student that is interested in porting Ruby to it, so
35:25
we need developers. Okay, thanks.