HermiTux is a unikernel: a minimal operating system
with low memory/disk footprint and sub-second boot time, executing an
application within a single address space on top of an hypervisor. Moreover,
HermiTux is binary-compatible with Linux: it can run native Linux
executables.
Although being a proof-of-concept, HermiTux supports multiple compiled (C, C++,
Fortran) and interpreted (Python, LUA) languages. It provides binary analysis
and rewriting techniques to optimize system call latency and modularize a
kernel in the presence of unmodified binaries. It supports statically and
dynamically linked programs, different compilers and optimization levels.
HermiTux also provides basic support for multithreading, debugging and
profiling.
Comparison of disk footprint, boot time, and memory usage for a Linux
VM, a HermiTux/OSv/Rumprun unikernel, and a Docker container. For more
details see our VEE’19 paper.
HermiTux is based on the HermitCore operating
system.
Trying it out
HermiTux is open source and all the code and instructions are on GitHub:
Design Principles
For a detailed description please read Hermitux’s VEE 2019
paper and Daniel Chiba’s MS
Thesis
at Virginia Tech.
HermiTux uses a lightweight KVM-based hypervisor that loads the Linux binary
alongside a minimal OS layer within a single address space virtual machine. At
runtime, system calls made by the application are caught by HermiTux’s kernel.
Optionally, HermiTux provides a mechanism to rewrite system call invocation
into common function calls to the kernel, significantly reducing the system
call latency.
HermiTux can also analyze a Linux binary to determine which system calls it
invokes, and compile a custom kernel containing only the implementations of
these particular system calls.
Contact
Pierre Olivier, Virginia Tech: polivier at vt dot edu
HermiTux is an open-source project of the Systems Software Research Group at Virginia Tech.
HermiTux is supported in part by ONR under grants N00014-16-1-2104, N00014-16-1-2711, and N00014-16-1-2818. Any opinions, findings, and conclusions or recommendations expressed in this site are those of the author(s) and do not necessarily reflect the views of ONR.
This research and development is also supported by the German Federal Ministry of Education and Research under Grant 01IH16010C (Project ENVELOPE).
HermitCore’s Emoji is provided free by EmojiOne.