Network Functions Virtualization (NFV) is a network architecture concept that uses the technologies of virtualization to virtualize entire classes of network node functions into building blocks that may connect, or chain together, to create communication services. A Virtualized Network Function (VNF) may include one or more virtual machines running different software and processes, on top of standard high-volume servers, switches and storage devices, or even cloud computing infrastructure, instead of having custom hardware appliances for each network function. For example, a virtual session border controller could be deployed to protect a network without the typical cost and complexity of obtaining and installing physical network protection units. Other examples of NFV include virtualized load balancers, firewalls, intrusion detection devices and Wide Area Network (WAN) accelerators. Ideally, virtualized functions should be located where they are the most effective and least expensive. That means a service provider should be free to locate NFV in all possible locations, from the data center to the network node to the customer premises. This approach, known as distributed NFV, has been emphasized from the beginning as NFV was being developed and standardized. For some cases, there are clear advantages for a service provider to locate this virtualized functionality at the customer premises. These advantages range from economics to performance to the feasibility of the functions being virtualized.
In conventional approaches, VNFs are realized with Virtual Machines (VMs). VMs include operating-system virtualization, which boot a standard operating system kernel (such as Linux, Windows, etc.) and run unmodified applications. These VMs are managed by orchestration systems like OpenStack, VMWare, etc. Other approaches to VNF realization can include software containers. Software containers contain an entire runtime environment, namely an application, plus all its dependencies, libraries and other binaries, and configuration files needed to run it, bundled into one package. By containerizing the application platform and its dependencies, differences in operating systems distributions and underlying infrastructure are abstracted away. VMs, by contrast, include the same application along with an entire operating system. Thus, a physical server running three virtual machines would have a hypervisor and three separate operating systems running on top of it. On the contrary, software containers would use the same operating system on the physical server. Disadvantageously, in DNFV, VM and software containers are heavy since each contains a whole operating system. Existing cloud orchestration systems such as OpenStack have a high latency when manipulating small VMs. For example, OpenStack will not be able to manage the case of 2000-3000 VMs per host.
In contrast to VMs and software containers, unikernels are specialized, single address space machine images constructed by using library operating systems. For example, a developer selects, from a modular stack, the minimal set of libraries which correspond to the operating system constructs required for their application to run. These libraries are then compiled with the application and configuration code to build sealed, fixed-purpose images (unikernels) which run directly on a hypervisor or hardware without an intervening operating system such as Linux or Windows. That is, unikernels are applications written in a high-level language and compiled into the standalone kernel. These applications are managed simply by wrapping them as block devices and registering them to the cloud provider (for example Amazon Machine Image AMI for Amazon EC2).
Existing unikernel systems concentrate their efforts on the optimization and generation of the standalone kernel. The downside is that adjusting functionality by altering a compiled unikernel is generally not attempted due to the lack of a low latency distributed solution. There are no known distributed management systems whereby a workload/application can request to be regenerated and re-deployed as single purpose application. There is no known DevOps style participation by the unikernels at the edge of the distributed infrastructure. However, unikernels are much lighter compared to VMs and software containers and would be advantageous to use for VNF realization in distributed NFV implementations.