Unikernels are usually built using compilers that leverage library operating systems, which are collections of libraries that represent an operating system's core capabilities. This allows a unikernel developer to selectively include only those library components required to make an application work. Traditional operating system functions, such as network or file system handling, are selectively compiled in to the final executable on an as-needed basis.
Unikernels use a fraction of the resources required by full multipurpose operating systems, such as Linux or Microsoft Windows Server. Their diminutive size enables sub-second startup times and high deployment densities unmatched in traditional server virtualization. Additionally, the minimal footprint of the library OS functions and the absence of traditional operating system utilities greatly reduces the attack surface available for exploitation by malicious hackers.
Some unikernel build systems leverage type-safe languages like Haskell or Erlang, while others can bind to more common languages like C, C++, or Java. Not all applications are suitable for unikernels. Applications that require multiple processes in a single VM are not good candidates, but a huge number of traditional application images could become much smaller and faster when recompiled as unikernels.
Numerous unikernel build systems are available from multiple sources, with the open source community leading the way. Some of the more popular unikernel systems include MirageOS from the Xen Project incubator, Drawbridge from Microsoft, Haskell Lightweight Virtual Machine (HaLVM), LING (formerly Erlang on Xen), OSv, Project Guest VM Microkernel, IncludeOS, rump kernels which leverage NetBSD's library of OS functions, ClickOS created by NEC Laboratories Europe, and Clive from researchers at the Universidad Rey Juan Carlos of Madrid (Spain).
