Unikraft, and similar unikernels, offer isolation by running a single application inside a separated virtual machine. As such, extracting information from the machine can prove difficult. Moreover, because Unikraft offers support for running a single process at a time, alternate solutions had to be found for exporting data. Prometheus is a common tool used to collect and visualize data that offers decoupling from the observed system, as such, we saw it as a prime candidate for exporting information.
Our solution was to port a Prometheus exporter inside Unikraft as a separate library and run it on a separate thread. Information from the unikernel is extracted by Prometheus through an intermediary library, named ukstore, that behaves like a simplified ProcFS. ukstore offers an easy method for accessing information and metrics from the system. Using Prometheus with Unikraft, we are thus able to extract performance metrics from highly-specialized virtual machines, store them in a time series database and display them using plots.
The main interface between configuration and statistics data from Unikraft and applications is ukstore. It is based on ProcFS and offers easy “folder/data” access. This solves the problem of searching through headers to find functions that offer information. The main advantage of ukstore is that all of its setup is done at build-time so there is no impact on the boot-time. Furthermore, it has flexibility, by offering the possibility to create both static entries (created at build-time) and dynamic entries (created at run-time).
Metrics inside Unikraft are provided by the libraries that generate them. As such, every library can contain functions that offer usage data. At the moment, work was done to offer metrics related to memory, networking, and thread-locking, with metrics related to file systems and the CPU underway. The end goal is to cover as much of the known metrics from Linux, offered through ProcFS, and expose them through ukstore.
Porting a Prometheus exporter came with the challenge of finding one with the least amount of dependencies, whilst still retaining the usual format. We chose an exporter and adapted it through patches to successfully interact with Unikraft and exposed available performance metrics through it. With all the above puzzle pieces put together, Unikraft instances can be monitored reliably with a minimal impact on the performance of the instances themselves.
Speakers: Cezar Craciunoiu