SwarmKit, as a kit, will run clusters not only of containers, but also unikernels, we said.

What are unikernels and why are they so fantastic?

If you use Docker For Mac, you're already using unikernels. They are the core of these systems. On Mac, xhyve, a port of the FreeBSD virtualization system (bhyve), runs a Docker host in unikernel mode.

We all love containers, because they are small and fast, but the security implications of having a mechanism abstracting the kernel and make its components (containers) to share system resources, libraries, binaries, are really a concern. Just look for CVEs bulletins regarding containers security on any search engine. That's a serious issue.

Unikernels promise a reassessment of software architecture ...