• Products
  • Pricing
  • Blog
  • About
    • Schedule Demo

    BareMetal

    Provision. Compute. Destroy.

    BareMetal is an exokernel-based operating system built for ephemeral compute. It is designed for workloads that should exist only for the duration of execution: no persistence, no ambient state, no long-running hosts. Virtual machines are created on demand, execute a single purpose-built workload, and are destroyed immediately after completion.

    This model delivers serverless-style execution without surrendering control to a proprietary runtime or managed platform.

    Core Architecture

    BareMetal removes the general-purpose operating system entirely. There is no userspace boundary, no background activity, and no assumption of multi-user or multi-process workloads. The kernel exists solely to expose hardware resources to one application.

    The result:

    • Millisecond-scale boot times

    • Extremely small memory footprint

    • Deterministic execution

    • Minimal attack surface

    Each VM runs exactly one workload. When the VM is terminated, all code and state cease to exist.

    Deployment Models

    BareMetal supports two deployment strategies, both managed through the BareMetal Orchestrator.

    1. Application-Specific Images (Unikernel Model)

    In this model, BareMetal and the application are built together into a single disk image.

    • The kernel is compiled with only the drivers required by the application

    • The application is linked directly into the image

    • No runtime dispatch or loading occurs at boot

    Each VM boots straight into the application entry point. This provides the smallest possible image size, the lowest boot latency, and the tightest security boundary.

    This approach is suited for:

    • Fixed-purpose workloads

    • Latency-critical execution

    • Highly constrained or audited environments

    • Pipelines where the workload rarely changes

    The image itself is the workload.

    2. Generic Image with Dynamic Dispatch

    In this model, a generic BareMetal image is deployed once and reused.

    • The kernel provides a minimal execution environment

    • Applications are dispatched at runtime by the BareMetal Orchestrator

    • Metadata and payloads are injected at VM creation or boot

    This enables flexible, serverless-style execution while retaining BareMetal’s performance and security characteristics.

    This approach is suited for:

    • Variable or user-defined workloads

    • Event-driven compute

    • Job queues and task dispatch systems

    • Multi-tenant execution models

    The VM still runs a single application and is still destroyed after execution. The difference is when and how the application is supplied.

    BareMetal Orchestrator

    The BareMetal Orchestrator is deployed within the customer’s environment and operates entirely within the customer’s cloud accounts.

    It is responsible for:

    • Calling cloud provider APIs to provision VMs

    • Selecting the appropriate BareMetal image

    • Injecting workload metadata or application payloads

    • Tracking execution lifecycle

    • Destroying VMs immediately after completion

    The orchestrator treats virtual machines as disposable execution units. There is no assumption of reuse, patching, or long-term maintenance.

    Security by Elimination

    BareMetal’s security model is structural.

    • No login mechanisms

    • No shells

    • No package managers

    • No idle services

    • No shared state between executions

    Each workload starts from a clean VM image. Each execution ends with total teardown. There is nothing to persist, nothing to patch, and nothing to escalate.

    Performance Characteristics

    BareMetal is designed to keep the application on the fast path.

    • Direct hardware access via the exokernel model

    • No scheduler contention from unrelated processes

    • No syscall overhead designed for multi-user systems

    • No virtualization-aware abstractions in userspace

    The application executes as close to the hardware as virtualization allows.

    Cloud-Provider Agnostic Execution

    BareMetal does not require a managed platform.

    • Runs on standard virtual machines

    • Uses existing cloud APIs

    • Works across providers

    • Operates entirely within customer-controlled infrastructure

    Any environment capable of launching VMs can serve as the execution substrate.

    Intended Use Cases

    • On-demand compute pipelines

    • High-performance batch processing

    • Security-sensitive workloads

    • Infrastructure-level serverless replacements

    • Short-lived data processing and transformation

    BareMetal is not a general-purpose operating system. It is an execution substrate for workloads that should not outlive their purpose.

    Provision. Compute. Destroy.

    Cookie Settings
    This website uses cookies

    Cookie Settings

    We use cookies to improve user experience. Choose what cookie categories you allow us to use. You can read more about our Cookie Policy by clicking on Cookie Policy below.

    These cookies enable strictly necessary cookies for security, language support and verification of identity. These cookies can’t be disabled.

    These cookies collect data to remember choices users make to improve and give a better user experience. Disabling can cause some parts of the site to not work properly.

    These cookies help us to understand how visitors interact with our website, help us measure and analyze traffic to improve our service.

    These cookies help us to better deliver marketing content and customized ads.

    View Cookie Policy