When comparing HaLVM vs IncludeOS, the Slant community recommends IncludeOS for most people. In the question“What are the best unikernels?” IncludeOS is ranked 6th while HaLVM is ranked 7th. The most important reason people chose IncludeOS is:
IncludeOS is a very lightweight piece of software, even for Linux standards. It includes a bootloader, OS components and a complete C++ library and it's just 693K when optimized for use. It's even less than 1MB.
Ranked in these QuestionsQuestion Ranking
Pros
Pro Highly secure
What HaLVM does in simple terms is to provide only the minimal needed for an app to run. It provides only the required network and hardware drivers needed to execute.
Using this approach it minimizes the attack surface for potential hackers since they don't have any shell to log into or any other insecure cruft that other deployment methods, such as full operating systems have.
Pro Very slim
IncludeOS is a very lightweight piece of software, even for Linux standards. It includes a bootloader, OS components and a complete C++ library and it's just 693K when optimized for use. It's even less than 1MB.
Cons
Con Compiling from source can be problematic
Usually with cutting-edge software the compilation process never really goes as expected. Same is with HaLVM as well.
You may need to install additional libraries that are probably missing or even tweak configurations here and there. So it would be best to avoid this process if you don't feel comfortable enough with compiling from source. So you have to stick with the package manager of choice (if it's available for the particular Linux distro you are using).
Con Has some complexity added because it's not based on a language with process isolation
Since C and C++ (with which IncludeOS is built) have no language level isolation, IncludeOS doesn't have process isolation either. Because of this, sensitive components have to be split into different nodes, isolated by either different virtual machines or different computers.