Unikernels

  A unikernel is an application image with the bare minimum drivers required to do it's job.
  Crucially it's barely running an OS. These images are tiny, on the order of MBs and boot
  in ~200ms.

  A list of unikernel charactistics:
    Single user
    Single address space
    Single process

  Latest industry updates:
    It's early days yet. Cloud providers don't support unikernels.

  Security:
    Unikernels are considered more secure as they use the bare minimum to get a job done.
    This gives them the smallest possible attack surface due to minimal code.
    Least privilege, or a better name "least possible";
      If the unikernel doesn't have drivers to write to the disk, then guess what, the
      attacker can't write to disk even if the unikernel is compromised.

  Further reading:
    LVM
    Clean slate
      (HalVM, LING, MirageOS)
    Legacy
      (ClickOS, Clive, Graphene, HermitCore, IncludeOS, Magnios, OSv, Rumprun, RuntimeJS,
      Ultibo, Vorteil)
    Compiling a DNS unikernel: youtube
    Wikipedia entry for Unikernel