When comparing Rumprun vs HaLVM, the Slant community recommends Rumprun for most people. In the question“What are the best unikernels?” Rumprun is ranked 1st while HaLVM is ranked 7th. The most important reason people chose Rumprun is:
Rumprun is multiplatform and can run on different types of platforms, including hypervisors (such as Xen and KVM) as well as running on bare hardware.
Ranked in these QuestionsQuestion Ranking
Pros
Pro Can run on bare hardware as well as hypervisors
Rumprun is multiplatform and can run on different types of platforms, including hypervisors (such as Xen and KVM) as well as running on bare hardware.
Pro Can be integrated to existing systems
Rump provides kernel-quality drivers for a variety of use-cases from filesystem to PCI device drivers. Because of this, they can be integrated into existing systems or can be run as standalone unikernels on hypervisors.
Pro Highly secure
What HaLVM does in simple terms is to provide only the minimal needed for an app to run. It provides only the required network and hardware drivers needed to execute.
Using this approach it minimizes the attack surface for potential hackers since they don't have any shell to log into or any other insecure cruft that other deployment methods, such as full operating systems have.
Cons
Con Has some complexity added because it's not based on a language with process isolation
Since C and C++ (with which Rumprun is built) have no language level isolation, Rumprun doesn't have process isolation either. Because of this, sensitive components have to be split into different nodes, isolated by either different virtual machines or different computers.
Con Compiling from source can be problematic
Usually with cutting-edge software the compilation process never really goes as expected. Same is with HaLVM as well.
You may need to install additional libraries that are probably missing or even tweak configurations here and there. So it would be best to avoid this process if you don't feel comfortable enough with compiling from source. So you have to stick with the package manager of choice (if it's available for the particular Linux distro you are using).