Cloudy with a chance of IncludeOS: “We want to provide an operating system for systems that only do one thing”
IncludeOS is is a minimal, unikernel operating system. It runs C++ services in the cloud and has a tiny memory footprint. We talked to Per Buer, CEO of IncludeOS about the problems it wishes to solve, what it brings to the cloud computing table and more.
Cloud technology is constantly growing, and developers are always creating new ways to utilize the cloud. You already met IncludeOS, a minimal, resource-efficient unikernel for cloud services, in a previous article but now it’s time to learn more about it straight from its creator.
We talked to Per Buer, CEO of IncludeOS about the problems it wishes to solve, what it brings to the cloud computing table and more.
JAXenter: What is the story behind IncludeOS? Why was it created?
Per Buer: The project started out as an outlandish experiment at the Oslo Metropolitan University on the scalability of hypervisors. The goal was to run 100.000 virtual machines on a physical host and then measure the behavior. As such, we needed a small operating system and Alfred Bratterud sat down and wrote the smallest bootable operating system possible.
At a later point, mostly because it seemed exciting, support for basic networking was added, and we were able to respond to ping packets. With a bit more effort we were able to respond to UDP datagrams, and after a long weekend we had the basics of TCP up and running. Before we knew it, we had something akin to a bootable operating system.
JAXenter: What problem does it wish to solve?
Per Buer: The problem we’re trying to solve is to provide an operating system for systems that only do one thing. While we’re all huge fans of Unix, we’ve realized that the Unix model isn’t perfect for every use-case. Sometimes you need a simpler system. The Unix architecture is at its core designed for systems that shared between multiple users. However, a lot of the systems our there today don’t have multiple users. Cloud servers are typically dedicated to a single task, and they only have one user and perhaps only a single process. When this is true, the complexities of Unix become an unnecessary overhead that we believe we can eliminate.
The best use case for IncludeOS is perhaps as a replacement for IoT devices that are currently being deployed on Linux.
Another core Unix feature that is also shared by Windows and other popular operating systems, is for the system to be able to modify itself. Self-modification makes perfect sense for my phone, server or laptop. I need to be able to modify the behavior of my laptop – I need to install additional applications and support add-on hardware. However, for computers that are more like appliances, this makes little sense.
If you consider the WiFi router you have at home. Most likely it runs Linux. If there is a flaw in the system, an attacker can through this flaw modify the system. The attacker can install network sniffers, spambots or crypto mining software – without needing vendor approval. This “feature” is the core weakness of Linux whenever it is deployed on a device. IncludeOS lacks the ability to modify itself, and as a result of this, it makes it almost impossible for the attacker to subvert the system.
JAXenter: What does IncludeOS bring to the cloud computing table?
Per Buer: IncludeOS for cloud deployments allows the developer to create minimalist systems for single tasks. Gateways, firewalls, load balancers, proxies and perhaps even API endpoints could be made smaller, faster and more secure.
Developing a system with IncludeOS comes with a cost, development might be slower and more cumbersome. I believe for at least specific applications this cost is worth it.
JAXenter: What is the best use case for IncludeOS?
Per Buer: The best use case for IncludeOS is perhaps as a replacement for IoT devices that are currently being deployed on Linux. The increasing need for more compute power on these devices have moved developers from microcontroller-based systems onto CPU-based systems. As Linux is quite dominant on CPU-based devices, Linux has become the default choice here, but it comes at the cost of security and predictability as I explained above.
We’ve received funding from Horizon 2020 to make IncludeOS available on ARM-based devices, and I hope to have something running on an ARM-device or two during 2019.
There are other use-cases as well. Due to its predictable and real-time characteristics, I hope that at some time in the future we can make a variant of IncludeOS useful for mission-critical applications. However, we have quite a long way to go before you have IncludeOS running on your local airliner.
JAXenter: What features should we expect in the (near) future?
Per Buer: Currently, IncludeOS is only for C++ and C applications. However, as the language runtimes for many popular languages are written in C++ or C, it is possible for us to port these language runtimes to IncludeOS. The result would be small and efficient machines running systems written in, say, Node or Python. We are naturally huge proponents of the idea of Immutable Infrastructure, and we hope we can make it a reality for both IoT and Cloud uses. If the developer can quickly create a virtual machine image with something like “npm includeos-build” I believe would be valuable in today’s world.
Currently, we are working hard to make IncludeOS as compatible with Linux as possible. So, while most applications would need a to be ported to run on IncludeOS we’re working hard to do this porting job as simple as possible.
We are naturally huge proponents of the idea of Immutable Infrastructure, and we hope we can make it a reality for both IoT and Cloud uses.
JAXenter: What should developers know before they give IncludeOS a try?
Per Buer: Today developers should know C++ before using IncludeOS. If you know basic C++, you can have IncludeOS up and running on MacOS, Debian or Ubuntu quite quickly. When I give talks about IncludeOS, I usually show, on stage, how one can quickly create an image just running a classic Hello World.
It only takes a couple of minutes. We’ve tried to make this as simple as possible, and on includeos.org you can see how this is done. You clone our GitHub repository and run the install script, and you can boot your first virtual machine within 15-20 minutes. The mantra “make the simple things simple and the hard things possible” guides a lot of our development.
I find it fun and entertaining to work with IncludeOS. The system is fundamentally different from what I’m used to and this makes it exciting.
JAXenter: What’s next for IncludeOS?
Per Buer: The next big thing for us is the EU-funded port to ARM. As the Raspberry Pi is such a cheap and available system, we’ll likely make it a priority to be able to boot and run on this as our reference platform on ARM. While few people rely on the rPi for larger deployments having a cheap and available platform for prototyping is likely valuable.