Please log in to watch this conference skillscast.
We are now used too being roused out of bed by news of the latest serious Internet security alert or major data leak. The software services we now use are tremendously complex, and mash together a complex spectrum of policy and mechanisms. I'll talk about a different approach to building networked services in this talk that cleanly separates both of these, and results in an extremely efficient deployment model that outputs standalone kernels straight from OCaml source code.
Hypervisors such as Xen or VMWare provide a flexible platform to host applications as a set of appliances, e.g., web servers or databases. Each appliance usually contains an OS kernel and userspace processes, within which applications access resources via APIs such as POSIX. It's on top of this layer that you typically write code in your functional programming language of choice.
Our Mirage operating system implements a radically different way of building these applications. Mirage supports the progressive specialisation of OCaml source code, and gradually replaces traditional OS components with type-safe libraries. This ultimately results in "unikernels": sealed, fixed-purpose images that run directly on the hypervisor without an intervening guest OS such as Linux.
Developers no longer need to become sysadmins, expert in the configuration of all manner of system components, to use cloud resources. At the same time, they can develop their code using their usual tools, only making the final push to the cloud once they are satisfied their code works. As they explicitly link in components that would normally be provided by the host OS, the resulting unikernels are also highly compact: facilities that are not used are simply not included in the resulting unikernel.
For example, the self-hosting Mirage web server image is less than a megabyte in size...
YOU MAY ALSO LIKE:
- Keynote: Security, Whatever happened to Unikernels? (SkillsCast recorded in September 2017)
- ScalaCon 2021: November Edition (Online Conference on 2nd - 5th November 2021)
- Haskell eXchange 2021: Novice Track (Online Conference on 15th November 2021)
- Cloud Security Beyond Technology – Organizational Challenges on the Way to Cloud Native (SkillsCast recorded in October 2021)
- Mainframe & Serverless Integration – How to Liberate the Data and Stay Competitive (SkillsCast recorded in October 2021)
My other operating system is a Mirage
Anil is a Horizon Research Fellow at the University of Cambridge. He has worked in a variety of senior architecture, engineering, product management, sales and "whatever it takes" roles in industry