> You're assuming here that there aren't and never will be exploits that break out of the hypervisor. This is not the world we live in.
Really? Here's what I wrote in this very thread, just above your message: If for your use case hypervisors are not secure enough, 1 hypervisor per physical machine is too much overhead, and the tooling for bare metal targets is not adequate, then unikernels are not a good solution for your use case. [1]
At this point I believe we are talking past each other, you are not addressing (and apparently not reading) any of my points, so let's agree to disagree.
Really? Here's what I wrote in this very thread, just above your message: If for your use case hypervisors are not secure enough, 1 hypervisor per physical machine is too much overhead, and the tooling for bare metal targets is not adequate, then unikernels are not a good solution for your use case. [1]
At this point I believe we are talking past each other, you are not addressing (and apparently not reading) any of my points, so let's agree to disagree.
[1] https://news.ycombinator.com/item?id=10956899