It’s much easier to tweak a normal kernel (or just use whatever is already there, eg real-time scheduling to get rid of preemption) than move to a unikernel.
I kinda disagree. We looked at doing this and just couldn't fathom how it could be done. You might be surprised at the amount of code and entanglement there is to support multiple users, multiple processes - that touches everything from IPC/shared memory to address space to permissions. Very large deep cuts would have to be made and then you'd need to ensure your patchset stays congruent with upstream.
The other thing that people will look at is doing something like alpine && a heavy-handed seccomp/apparmor but then you're not really doing any cuts at all.
