The public cloud is massive and continues to grow. AWS recorded almost $20B in the past second quarter. Virtualization pioneers such as Citrix and VMWare allowed behemoths like AWS to exist. The public cloud is after all just an API with virtualization on top. Virtualization as a technology allows companies to create multiple virtual computers out of an existing physical one. All the ‘machines’ that software engineers use on the public cloud aren’t actually real. They are virtual ones living on top of real ones.
What is interesting is that all these virtual machines that are being used are still using an operating system designed almost 50 years ago - one designed for real physical computers. Its current incarnation was created 30 years ago - that is Linux. The problem is that the architecture for this system was made for machines like the PDP-7, a machine that took up an entire wall and cost half a million dollars in today's money.
Then there is the problem of cybersecurity. Despite the cyber market being valued at anywhere from $140B to $180B, depending on whose reports you look at, cybersecurity has never been as worse as it is now. The attacks are happening ever more frequently with ever more severe repercussions. Most cybersecurity companies are in the business of looking for hacked computers or looking for computers that are going to be hacked but very few look at the root problem. The root problem of course is that our operating systems are inherently made for hackers to attack them. A new technology, unikernels, are designed to deal with this head on as they limit the number of running applications to one and only one on a given machine. This wouldn’t make any sense on a real computer but since everything is running on virtual machines it works out.
“Breaking into a computer is just like a burglar breaking into your house. They might have come through the front door or kicked in a window but that’s not why they are there. They are there to steal your guns, your jewels, your flat screen tvs. It is the same thing when a hacker wants to break into a server. They might use an exploit or vulnerability to get access but after they are there they wish to run their programs be it something as simple as dumping the database or installing an illicit cryptominer. Unikernels prevent this by design as they run one and only one program - the one the developer intended to run”, explains NanoVMs CEO Ian Eyberg.
NanoVMs knows a thing or two about unikernels. They have many patents issued and more on the way. They’ve received grants from the US Department of Energy, the National Science Foundation and the US Air Force and have customers from around the world, Israel included.
NanoVMs has recently launched an equity crowdfunding campaign to take their message of a new generation of cloud and spread it around.
The real story around unikernels, however, is how disruptive of a technology they are. Most business software today runs on Linux and much of it is open source. In fact many of these companies including ElasticSearch with a market cap of 8.4B, Confluent with a market cap of 9.11B, and DataBricks with a whopping $38B valuation’s core software is open source. Open source allows anyone to look at, download and freely use the core software for free. Some of this software such as Elastic have many vendors competing for the same business. Bringing critical safety and higher performance for lower cost provides very strong differentiation for these vendors and forces the competitors to use superior technology or get market share stolen from. This is what makes unikernels so powerful. It is the confluence of large companies relying on open source software coupled with the fact that the underlying technology can be vastly improved - it is the equivalent of throwing gasoline on a fire.
VMWare and AWS built the first wave of virtualization in the early 2000s and its waves are still going strong. Now the second wave of virtualization is on us and it’s going to be an economic cyclone. Some people in the industry thought the concept of containers would kill off virtual machines but as the market soon realized, most container installations live on top of virtual machines to begin with, negating any supposed benefits they bring and now with various economies experiencing recessionary tradewinds the high cost of employing engineers to tend to devops toil is taking its toll. Unikernels essentially go the opposite way of containers, whereas containers add complexity and more layers achieving worse performance with more security issues, unikernels remove complexity running software faster with a vastly reduced attack surface.
The second wave of virtualization is here.
This article was written in cooperation with NanoVMs.