Toro: Deploy Applications as Unikernels

Original Article ↗ Hacker News Discussion ↗

Language choice and project maturity

  • Many are surprised and pleased that Toro is written in Pascal (FreePascal), calling it unusual but nostalgic.
  • Commenters note the project has been around since ~2011 under various domains, so it’s not entirely new.
  • Several people ask for benchmarks and clearer documentation, especially a “Why Toro?” section and concrete use cases.

Unikernels vs containers/VMs: purpose and tradeoffs

  • Common question: why use Toro instead of containers?
  • Suggested answers: stronger isolation via full VMs, smaller tailored OS surface versus a general-purpose Linux, and easier deployment on cloud hypervisors.
  • Skeptics argue containers can be smaller at rest, reuse the host kernel, and that it’s “unlikely” a unikernel is inherently smaller than a minimal containerized app.

Security and isolation debate

  • Unikernels reduce guest attack surface (no multiuser, no shell, no generic filesystem, etc.), which some see as a real win.
  • Others stress they offer no inherent protection from a hostile hypervisor; true host separation requires hardware features (e.g., SEV/TDX-class mechanisms).
  • Major concern: no process isolation—any app bug can corrupt the entire kernel, including drivers, making the whole VM untrustworthy.
  • Qubes’ Mirage firewall is cited as a successful, high-value use: much lower memory footprint and sharply reduced network-VM attack surface.

Performance and boot times

  • Advocates highlight sub-second cold boots (e.g., with Unikraft) and say this enables very fast scale-out.
  • Critics counter that once you factor in hypervisor overhead and edge latency, shaving boot from 1.5 s to 150 ms may be irrelevant, and that runtime performance matters more.
  • Some see potential wins in tightly integrating things like databases with custom memory management; others argue similar optimizations can be done in userspace on a normal OS.

Debugging, tooling, and observability

  • Bryan Cantrill’s “unikernels are unfit for production” critique is widely discussed: difficulty of debugging, lack of tooling, and loss of protection domains.
  • Toro’s GDB stub is mentioned as progress.
  • Some argue hypervisors could, in principle, provide excellent “outside-in” observability (e.g., DTrace-like tracing from the host), potentially making unikernels easier to debug.
  • Others worry about coupling diagnostics and the app into a single binary, and not wanting observability bounded by application code.

Broader systems context and concerns

  • Comparisons are made to MirageOS (OCaml-only), Unikraft, Nanos, and microkernels like seL4. Some feel “no one has done unikernels right yet” in a mainstream language/ecosystem.
  • A long subthread compares hardware virtualization, rings/exception levels, microkernels vs monolithic kernels, and whether hypervisors are just becoming the new OS.
  • Multiple commenters express unease with the growing stack (Docker, orchestrators, hypervisors, unikernels), arguing we keep pushing complexity up layers and recreating the same dependency/configuration problems.
  • Others defend containers as a practical packaging and dependency solution despite security and performance criticisms.

Practical questions about Toro

  • People ask how Toro’s QEMU-based networking performs, how it compares to LXC/LXD or microVMs like Firecracker, and whether it’s similar in spirit to other unikernel projects like Nanos.
  • Overall, interest is high, but many want clearer articulation of Toro’s concrete advantages and target domains (edge, highly isolated services, special-purpose workloads) before considering it for production.