|
|
|
|
|
|
by packetlost
1582 days ago
|
|
|
Yes. Think of it like depending on a small kernel directly in your build step. So your application gets compiled with everything (including OS interface) that it needs and nothing more. The result is a bootable image that is only capable of running your app. I think the value isn't in the containerization vs unikernel comparison. If you're using containerization you've accepted certain security risks. Where unikernels have a lot of potential IMO is in high security environments where the security risks of containerization are not acceptable. |
|
|