From Unikernels to Nabla Containers: a new approach to container isolation

Dan Williams, Research Staff Member at IMB Research  

Excitement has been growing in the cloud computing industry around containers as a lightweight, more-easily-managed alternative to VMs.  However, using containers, tenant isolation is weaker than what was enjoyed by VMs.  At the same time, unikernels have emerged as a revitalization of library OS techniques applied to the cloud computing
domain, providing a relatively lightweight approach to strong, VM-like isolation between tenants.  In this talk, I will give an overview of some of the work done at IBM Research on unikernels and how we are applying that work towards a new secure container approach called Nabla containers.
Dan Williams is a Research Staff Member at IBM Research where he studies systems, most recently focusing on cloud computing environments, unikernels, and the interface between applications and the cloud.