urunc
The unikernel container runtime
urunc bridges the gap between traditional unikernels and containerized environments, bringing ultra-lightweight, immutable execution to cloud-native workflows.
Architecture Overview
OCI Image
Unikernel packaged as container
bunny CLI
Build & package tooling
Container Registry
Standard OCI distribution
Spec
urunc Runtime
CRI-compatible unikernel launcher
containerd Shim
Container runtime integration
Kubernetes CRI
K8s pod scheduling
API
Firecracker
Lightweight microVM
QEMU
Full-featured VMM
Solo5 (hvt/spt)
Minimal sandbox monitor
Rather than spawning simple processes, urunc uses Virtual Machine Monitors or sandbox monitors to launch unikernels, maintaining strong isolation with minimal overhead. Its un-opinionated design enables straightforward integration of new unikernel frameworks without porting overhead, while developers and administrators use familiar container workflows to package, deliver, deploy, and manage unikernels.
Key Capabilities
OCI Compatibility
Unikernels are packaged inside standard OCI-compatible images, enabling use of existing container registries and tooling.
CRI Integration
Full compatibility with Kubernetes Container Runtime Interface for seamless pod scheduling and orchestration.
VM-Level Isolation
Strong security boundaries via lightweight VM monitors, minimizing the attack surface with single-application kernels.
Minimal Overhead
Ultra-lightweight runtimes with deterministic performance, suitable for real-time and resource-constrained edge environments.
Multi-Framework Support
Un-opinionated design supports Rumprun, Unikraft, MirageOS, Mewz, and Linux guests without porting overhead.
Fast Instantiation
Millisecond-level boot times enable serverless and event-driven workloads with near-instant cold starts.
Supported Platforms
| Unikernel | Monitor | Architecture | Storage |
|---|---|---|---|
| Rumprun | Solo5-hvt, Solo5-spt | x86, aarch64 | Block / Devmapper |
| Unikraft | QEMU, Firecracker | x86 | Initrd, 9pfs |
| MirageOS | QEMU, Solo5-hvt, Solo5-spt | x86, aarch64 | Block / Devmapper |
| Mewz | QEMU | x86 | In-memory |
| Linux | QEMU, Firecracker | x86, aarch64 | Initrd, Block, 9pfs, Virtiofs |
Use Cases
Microservices
Lightweight single-application OS reduces overhead in microservice architectures, offering stronger isolation than traditional containers.
Serverless / FaaS
Millisecond boot times and minimal footprint make unikernels ideal for event-driven, short-lived function execution.
Edge Computing
Resource-constrained environments benefit from unikernel efficiency, enabling cloud-native execution on devices with limited memory and compute.
Sensitive Environments
VM-based isolation with a minimized attack surface provides strong security guarantees for workloads handling sensitive data.
Explore urunc
Get started with tutorials, Kubernetes integration guides, and performance benchmarks.
Visit urunc Website