SlideShare una empresa de Scribd logo

OSCON14: Mirage 2.0

The Linux Foundation
The Linux Foundation

This document introduces Mirage OS 2.0 and discusses how it can be used to build personal clouds. It summarizes that Mirage OS 2.0 allows applications to be written once in OCaml and then compiled for different platforms by changing system libraries. Unikernels produced with Mirage OS 2.0 are small enough to track in version control systems like Git, enabling new ways of deploying and managing the cloud that are more secure and efficient. The entire cloud deployment process from code to running VMs can be version controlled from a single codebase.

Tecnología
1 de 29
Descargar para leer sin conexión
:GITYOUR OWNCLOUDHERE NYMOTE Anil Madhavapeddy University of Cambridge @avsm Richard Mortier University of Nottingham @mort___ http://openmirage.org/ http://nymote.org/ http://decks.openmirage.org/oscon14/ Press <esc> to view the slide index, and the <arrow> keys to navigate.
INTRODUCING MIRAGE OS 2.0 These slides were written using Mirage on OSX: They are hosted in a 938kB Xen unikernel written in statically type-safe OCaml, including device drivers and network stack. Their application logic is just a couple of source files, written independently of any OS dependencies. Running on an ARM CubieBoard2, and hosted on the cloud. Binaries small enough to track the entire deployment in Git!
INTRODUCING MIRAGE OS 2.0
LEANINGTOWEROFCLOUD Numerous pain points: Complex configuration management. Duplicated functionality leads to inefficiency. VM image size leads to long boot times. Lots of code means a large attack surface. https://flic.kr/p/8N1hWh
COMPLEXITY KILLS YOU The enemy is complexity: Applications are deeply intertwined with system APIs, and so lack portability. Modern operating systems offer dynamic support for many users to run multiple applications simultaneously. Almost unbounded scope for uncontrolled interaction! Choices of distribution and version. Ad hoc application configuration under /etc/ Platform configuration details, e.g., firewalls.
DOCKER:CONTAINERISATION https://flic.kr/p/qSbck
DOCKER:CONTAINERISATION Docker bundles up all this state making it easy to transport, install and manage.
CAN WE DO BETTER? Disentangle applications from the operating system. Break up operating system functionality into modular libraries. Link only the system functionality your app needs. Target alternative platforms from a single codebase.
THE UNIKERNEL APPROACH Unikernels are specialised virtual machine images compiled from the full stack of application code, system libraries and config This means they realise several benefits: Contained, simplifying deployment and management. Compact, reducing attack surface and boot times. Efficient, able to fit 10,000s onto a single host.
IT'S ALL JUST SOURCE CODE Capture system dependencies in code and compile them away.
RETARGET BY RECOMPILING develop application logic using native Unix. Swap system libraries to target different platforms:
RETARGET BY RECOMPILING test unikernel using Mirage system libraries. Swap system libraries to target different platforms:
RETARGET BY RECOMPILING deploy by specialising unikernel to Xen. Swap system libraries to target different platforms:
END RESULT? Unikernels are compact enough to boot and respond to network traffic in real-time. Appliance Standard Build Dead Code Elimination DNS 0.449 MB 0.184 MB Web Server 0.674 MB 0.172 MB Openflow learning switch 0.393 MB 0.164 MB Openflow controller 0.392 MB 0.168 MB
END RESULT? Unikernels are compact enough to boot and respond to network traffic in real-time.
GIT YOUROWN CLOUD Unikernels are small enough to be tracked in GitHub. For example, for the :Mirage website 1. Source code updates are merged to ; 2. Repository is continuously rebuilt by ; if successful: 3. Unikernel pushed to ; and 4. Our cloud toolstack spawns VMs based on pushes there. mirage/mirage-www Travis CI mirage/mirage-www-deployment Our entire cloud-facing deployment is version-controlled from the source code up!
MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! $mirageconfigureapp/config.ml--unix
MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! 2. Compile it and debug under Unix using the mirage tool. $cdapp $makedepend#installlibrarydependencies $makebuild #buildtheunikernel
MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! 2. Compile it and debug under Unix using the mirage tool. 3. Once debugged, simply retarget it to Xen, and rebuild! All the magic happens via the OCaml module system. $mirageconfigureapp/config.ml--xen $cdapp&&makedepend&&makebuild
MODULARIZINGTHE OS
MODULARIZINGTHE OS
MODULARIZINGTHE OS
GIT YOUROWN CLOUD Unikernels are small enough to be tracked in GitHub. For example, for the :Mirage website 1. Source code updates are merged to ; 2. Repository is continuously rebuilt by ; if successful: 3. Unikernel pushed to ; and our 4. Cloud toolstack spawns VMs based on pushes there. mirage/mirage-www Travis CI mirage/mirage-www-deployment Our entire cloud-facing deployment is version-controlled from the source code up!
IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). gittag to link code and binary across repositories. gitlog to view deployment changelog. gitpull to deploy new version. gitcheckout to go back in time to any point. gitbisect to pin down deployment failures.
IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). Low latency deployment of security updates. No need for Linux distro to pick up and build the new version. Updated binary automatically built and pushed. Pick up latest binary directly from repository. Statically type-checked language prevents classes of attack.
IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). Low latency deployment of security updates. Unified development for cloud and embedded environments. Write application code once. Recompile to swap in different versions of system libraries. Use compiler optimisations for exotic environments.
WRAPPINGUP Mirage OS 2.0 is an important step forward, supporting more, and more diverse, backends with much greater modularity. For information about the many components we could not cover here, see :openmirage.org , Git-like distributed branchable storage. , a from-scratch native OCaml TLS stack. , for low-latency inter-VM communication. , modular C foreign function bindings. Irmin OCaml-TLS Vchan Ctypes
WHY? NYMOTE.ORG We need to claim control over our online lives rather than abrogate it to The Cloud: Doing so means we all need to be able to run our own infrastructure. Without having to become (Linux) sysadmins! How can we achieve this? Mirage is the foundation for building personal clouds, securely interconnecting and synchronising data between our devices.
HTTP://OPENMIRAGE.ORG/ Featuring blog posts by: , , , , , , , , and . Amir Chaudhry Thomas Gazagnaire David Kaloper Thomas Leonard Jon Ludlam Hannes Mehnert Mindy Preston Dave Scott Jeremy Yallop Thanks for listening! Questions? (and please rate the talk!)

Recomendados

CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
The Linux Foundation
 
The HaLVM: A Simple Platform for Simple Platforms
The HaLVM: A Simple Platform for Simple PlatformsThe HaLVM: A Simple Platform for Simple Platforms
The HaLVM: A Simple Platform for Simple Platforms
The Linux Foundation
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
The Linux Foundation
 
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
The Linux Foundation
 
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
The Linux Foundation
 
Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Mirage - Extreme specialization of cloud appliances (OSCON 2013)Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Amir Chaudhry
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and Beyond
The Linux Foundation
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
The Linux Foundation
 

Recomendados

CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
CIF16/Scale14x: The latest from the Xen Project (Lars Kurth, Chairman of Xen ...
The Linux Foundation
 
The HaLVM: A Simple Platform for Simple Platforms
The HaLVM: A Simple Platform for Simple PlatformsThe HaLVM: A Simple Platform for Simple Platforms
The HaLVM: A Simple Platform for Simple Platforms
The Linux Foundation
 
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...LCEU13: Securing your cloud with Xen's advanced security features - George Du...
LCEU13: Securing your cloud with Xen's advanced security features - George Du...
The Linux Foundation
 
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
XPDDS19: Argo and Hypervisor-Mediated Data eXchange (HMX) - Christopher Clark...
The Linux Foundation
 
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
CIF16: Knock, Knock: Unikernels Calling! (Richard Mortier, Cambridge University)
The Linux Foundation
 
Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Mirage - Extreme specialization of cloud appliances (OSCON 2013)Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Mirage - Extreme specialization of cloud appliances (OSCON 2013)
Amir Chaudhry
 
LinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and BeyondLinuxCon Japan 13 : 10 years of Xen and Beyond
LinuxCon Japan 13 : 10 years of Xen and Beyond
The Linux Foundation
 
2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update2018 Genivi Xen Overview Nov Update
2018 Genivi Xen Overview Nov Update
The Linux Foundation
 
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
The Linux Foundation
 
Xen time machine
Xen time machineXen time machine
Xen time machine
The Linux Foundation
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slides
The Linux Foundation
 
Erlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackErlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stack
Viktor Sovietov
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
The Linux Foundation
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
The Linux Foundation
 
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
The Linux Foundation
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
The Linux Foundation
 
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
The Linux Foundation
 
Advanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and WindowsAdvanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and Windows
Anil Madhavapeddy
 
OWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsOWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for Clouds
The Linux Foundation
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
Stefano Stabellini
 
PVH : PV Guest in HVM container
PVH : PV Guest in HVM containerPVH : PV Guest in HVM container
PVH : PV Guest in HVM container
The Linux Foundation
 
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisXPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
The Linux Foundation
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
The Linux Foundation
 
Metrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMetrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernels
Madhuri Yechuri
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
The Linux Foundation
 
Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...
The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
The Linux Foundation
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016
The Linux Foundation
 
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
The Linux Foundation
 
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
Docker, Inc.
 

Más contenido relacionado

La actualidad más candente

CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
The Linux Foundation
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
The Linux Foundation
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
The Linux Foundation
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
The Linux Foundation
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
Stefano Stabellini
 
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisXPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
The Linux Foundation
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
The Linux Foundation
 
Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...
The Linux Foundation
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
The Linux Foundation
 

La actualidad más candente (20)

CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
CIF16: Building the Superfluid Cloud with Unikernels (Simon Kuenzer, NEC Europe)
 
Xen time machine
Xen time machineXen time machine
Xen time machine
 
Aplura virtualization slides
Aplura virtualization slidesAplura virtualization slides
Aplura virtualization slides
 
Erlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stackErlang on Xen: Redefining the cloud software stack
Erlang on Xen: Redefining the cloud software stack
 
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
XPDDS19: The Xen-Blanket for 2019 - Christopher Clark and Kelli Little, Star ...
 
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM SystemsXPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
XPDDS18: CPUFreq in Xen on ARM - Oleksandr Tyshchenko, EPAM Systems
 
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
CIF16: Unikernels: The Past, the Present, the Future ( Russell Pavlicek, Xen ...
 
Xen Project 15 Years down the Line
Xen Project 15 Years down the LineXen Project 15 Years down the Line
Xen Project 15 Years down the Line
 
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
XPDDS18: Windows PV Drivers Project: Status and Updates - Paul Durrant, Citri...
 
Advanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and WindowsAdvanced Docker Developer Workflows on MacOS X and Windows
Advanced Docker Developer Workflows on MacOS X and Windows
 
OWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for CloudsOWF: Xen - Open Source Hypervisor Designed for Clouds
OWF: Xen - Open Source Hypervisor Designed for Clouds
 
ELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for EmbeddedELC21: VM-to-VM Communication Mechanisms for Embedded
ELC21: VM-to-VM Communication Mechanisms for Embedded
 
PVH : PV Guest in HVM container
PVH : PV Guest in HVM containerPVH : PV Guest in HVM container
PVH : PV Guest in HVM container
 
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, GaloisXPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
XPDS14: Unikernels: Who, What, Where, When, Why - Adam Wick, Galois
 
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,PavlicekXen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
Xen, XenServer, and XAPI: What’s the Difference?-XPUS13 Bulpin,Pavlicek
 
Metrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernelsMetrics towards enterprise readiness of unikernels
Metrics towards enterprise readiness of unikernels
 
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
XPDS14: Xen and the Art of Certification - Nathan Studer & Robert VonVossen, ...
 
Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...Scale14x: Are today's foss security practices robust enough in the cloud era ...
Scale14x: Are today's foss security practices robust enough in the cloud era ...
 
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
XPDS13: Xen in OSS based In–Vehicle Infotainment Systems - Artem Mygaiev, Glo...
 
XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016XPDS16: Xen Project Weather Report 2016
XPDS16: Xen Project Weather Report 2016
 

Similar a OSCON14: Mirage 2.0

XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
The Linux Foundation
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
Docker, Inc.
 
Kernel Mode Threats and Practical Defenses
Kernel Mode Threats and Practical DefensesKernel Mode Threats and Practical Defenses
Kernel Mode Threats and Practical Defenses
Priyanka Aash
 
The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
Adrien Blind
 
WebGL games with Minko - Next Game Frontier 2014
WebGL games with Minko - Next Game Frontier 2014WebGL games with Minko - Next Game Frontier 2014
WebGL games with Minko - Next Game Frontier 2014
Minko3D
 

Similar a OSCON14: Mirage 2.0 (20)

XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
XPDS14: MirageOS 2.0: branch consistency for Xen Stub Domains - Anil Madhavap...
 
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
DockerCon EU 2015: The Missing Piece: when Docker networking unleashing soft ...
 
20200113 - IBM Cloud Côte d'Azur - DeepDive Kubernetes
20200113 - IBM Cloud Côte d'Azur - DeepDive Kubernetes20200113 - IBM Cloud Côte d'Azur - DeepDive Kubernetes
20200113 - IBM Cloud Côte d'Azur - DeepDive Kubernetes
 
Docker Online Meetup #31: Unikernels
Docker Online Meetup #31: UnikernelsDocker Online Meetup #31: Unikernels
Docker Online Meetup #31: Unikernels
 
Gns3
Gns3Gns3
Gns3
 
Import golang; struct microservice - Codemotion Rome 2015
Import golang; struct microservice - Codemotion Rome 2015Import golang; struct microservice - Codemotion Rome 2015
Import golang; struct microservice - Codemotion Rome 2015
 
TDC2017 - Embedded Linux - Deploy Software Update for Linux Devices
TDC2017 - Embedded Linux - Deploy Software Update for Linux DevicesTDC2017 - Embedded Linux - Deploy Software Update for Linux Devices
TDC2017 - Embedded Linux - Deploy Software Update for Linux Devices
 
Cigna Innovation Summit
Cigna Innovation SummitCigna Innovation Summit
Cigna Innovation Summit
 
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
Linux, Unikernel, LinuxKit: towards redefining the cloud stack.
 
Kernel Mode Threats and Practical Defenses
Kernel Mode Threats and Practical DefensesKernel Mode Threats and Practical Defenses
Kernel Mode Threats and Practical Defenses
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
DockerCon - The missing piece : when Docker networking unleashes software arc...
DockerCon - The missing piece : when Docker networking unleashes software arc...DockerCon - The missing piece : when Docker networking unleashes software arc...
DockerCon - The missing piece : when Docker networking unleashes software arc...
 
The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so... The missing piece : when Docker networking and services finally unleashes so...
The missing piece : when Docker networking and services finally unleashes so...
 
WebGL games with Minko - Next Game Frontier 2014
WebGL games with Minko - Next Game Frontier 2014WebGL games with Minko - Next Game Frontier 2014
WebGL games with Minko - Next Game Frontier 2014
 
Linux container & docker
Linux container & dockerLinux container & docker
Linux container & docker
 
Studienarb linux kernel-dev
Studienarb linux kernel-devStudienarb linux kernel-dev
Studienarb linux kernel-dev
 
Dockerized maven
Dockerized mavenDockerized maven
Dockerized maven
 
Creating IoT application using ARM mbed and NanoService solution
Creating IoT application using ARM mbed and NanoService solutionCreating IoT application using ARM mbed and NanoService solution
Creating IoT application using ARM mbed and NanoService solution
 
[Android Codefest Germany] Adding x86 target to your Android app by Xavier Ha...
[Android Codefest Germany] Adding x86 target to your Android app by Xavier Ha...[Android Codefest Germany] Adding x86 target to your Android app by Xavier Ha...
[Android Codefest Germany] Adding x86 target to your Android app by Xavier Ha...
 
Docker, cornerstone of cloud hybridation ? [Cloud Expo Europe 2016]
Docker, cornerstone of cloud hybridation ? [Cloud Expo Europe 2016]Docker, cornerstone of cloud hybridation ? [Cloud Expo Europe 2016]
Docker, cornerstone of cloud hybridation ? [Cloud Expo Europe 2016]
 

Más de The Linux Foundation

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
The Linux Foundation
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
The Linux Foundation
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
The Linux Foundation
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
The Linux Foundation
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
The Linux Foundation
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
The Linux Foundation
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
The Linux Foundation
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
The Linux Foundation
 

Más de The Linux Foundation (20)

ELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made SimpleELC2019: Static Partitioning Made Simple
ELC2019: Static Partitioning Made Simple
 
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
XPDDS19: How TrenchBoot is Enabling Measured Launch for Open-Source Platform ...
 
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
XPDDS19 Keynote: Xen in Automotive - Artem Mygaiev, Director, Technology Solu...
 
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
XPDDS19 Keynote: Xen Project Weather Report 2019 - Lars Kurth, Director of Op...
 
XPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather ReportXPDDS19 Keynote: Unikraft Weather Report
XPDDS19 Keynote: Unikraft Weather Report
 
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
XPDDS19 Keynote: Secret-free Hypervisor: Now and Future - Wei Liu, Software E...
 
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, XilinxXPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
XPDDS19 Keynote: Xen Dom0-less - Stefano Stabellini, Principal Engineer, Xilinx
 
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
XPDDS19 Keynote: Patch Review for Non-maintainers - George Dunlap, Citrix Sys...
 
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, BitdefenderXPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
XPDDS19: Memories of a VM Funk - Mihai Donțu, Bitdefender
 
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
OSSJP/ALS19: The Road to Safety Certification: Overcoming Community Challeng...
 
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making... OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
OSSJP/ALS19: The Road to Safety Certification: How the Xen Project is Making...
 
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, CitrixXPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
XPDDS19: Speculative Sidechannels and Mitigations - Andrew Cooper, Citrix
 
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltdXPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
XPDDS19: Keeping Coherency on Arm: Reborn - Julien Grall, Arm ltd
 
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
XPDDS19: QEMU PV Backend 'qdevification'... What Does it Mean? - Paul Durrant...
 
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&DXPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
XPDDS19: Status of PCI Emulation in Xen - Roger Pau Monné, Citrix Systems R&D
 
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM SystemsXPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
XPDDS19: [ARM] OP-TEE Mediator in Xen - Volodymyr Babchuk, EPAM Systems
 
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
XPDDS19: Bringing Xen to the Masses: The Story of Building a Community-driven...
 
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
XPDDS19: Will Robots Automate Your Job Away? Streamlining Xen Project Contrib...
 
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
XPDDS19: Client Virtualization Toolstack in Go - Nick Rosbrook & Brendan Kerr...
 
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSEXPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
XPDDS19: Core Scheduling in Xen - Jürgen Groß, SUSE
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Último (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 

OSCON14: Mirage 2.0

  • 1. :GITYOUR OWNCLOUDHERE NYMOTE Anil Madhavapeddy University of Cambridge @avsm Richard Mortier University of Nottingham @mort___ http://openmirage.org/ http://nymote.org/ http://decks.openmirage.org/oscon14/ Press <esc> to view the slide index, and the <arrow> keys to navigate.
  • 2. INTRODUCING MIRAGE OS 2.0 These slides were written using Mirage on OSX: They are hosted in a 938kB Xen unikernel written in statically type-safe OCaml, including device drivers and network stack. Their application logic is just a couple of source files, written independently of any OS dependencies. Running on an ARM CubieBoard2, and hosted on the cloud. Binaries small enough to track the entire deployment in Git!
  • 4. LEANINGTOWEROFCLOUD Numerous pain points: Complex configuration management. Duplicated functionality leads to inefficiency. VM image size leads to long boot times. Lots of code means a large attack surface. https://flic.kr/p/8N1hWh
  • 5. COMPLEXITY KILLS YOU The enemy is complexity: Applications are deeply intertwined with system APIs, and so lack portability. Modern operating systems offer dynamic support for many users to run multiple applications simultaneously. Almost unbounded scope for uncontrolled interaction! Choices of distribution and version. Ad hoc application configuration under /etc/ Platform configuration details, e.g., firewalls.
  • 7. DOCKER:CONTAINERISATION Docker bundles up all this state making it easy to transport, install and manage.
  • 8. CAN WE DO BETTER? Disentangle applications from the operating system. Break up operating system functionality into modular libraries. Link only the system functionality your app needs. Target alternative platforms from a single codebase.
  • 9. THE UNIKERNEL APPROACH Unikernels are specialised virtual machine images compiled from the full stack of application code, system libraries and config This means they realise several benefits: Contained, simplifying deployment and management. Compact, reducing attack surface and boot times. Efficient, able to fit 10,000s onto a single host.
  • 10. IT'S ALL JUST SOURCE CODE Capture system dependencies in code and compile them away.
  • 11. RETARGET BY RECOMPILING develop application logic using native Unix. Swap system libraries to target different platforms:
  • 12. RETARGET BY RECOMPILING test unikernel using Mirage system libraries. Swap system libraries to target different platforms:
  • 13. RETARGET BY RECOMPILING deploy by specialising unikernel to Xen. Swap system libraries to target different platforms:
  • 14. END RESULT? Unikernels are compact enough to boot and respond to network traffic in real-time. Appliance Standard Build Dead Code Elimination DNS 0.449 MB 0.184 MB Web Server 0.674 MB 0.172 MB Openflow learning switch 0.393 MB 0.164 MB Openflow controller 0.392 MB 0.168 MB
  • 15. END RESULT? Unikernels are compact enough to boot and respond to network traffic in real-time.
  • 16. GIT YOUROWN CLOUD Unikernels are small enough to be tracked in GitHub. For example, for the :Mirage website 1. Source code updates are merged to ; 2. Repository is continuously rebuilt by ; if successful: 3. Unikernel pushed to ; and 4. Our cloud toolstack spawns VMs based on pushes there. mirage/mirage-www Travis CI mirage/mirage-www-deployment Our entire cloud-facing deployment is version-controlled from the source code up!
  • 17. MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! $mirageconfigureapp/config.ml--unix
  • 18. MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! 2. Compile it and debug under Unix using the mirage tool. $cdapp $makedepend#installlibrarydependencies $makebuild #buildtheunikernel
  • 19. MIRAGE OS 2.0WORKFLOW As easy as 1—2—3! 1. Write your OCaml application using the Mirage module types. Express its configuration as OCaml code too! 2. Compile it and debug under Unix using the mirage tool. 3. Once debugged, simply retarget it to Xen, and rebuild! All the magic happens via the OCaml module system. $mirageconfigureapp/config.ml--xen $cdapp&&makedepend&&makebuild
  • 23. GIT YOUROWN CLOUD Unikernels are small enough to be tracked in GitHub. For example, for the :Mirage website 1. Source code updates are merged to ; 2. Repository is continuously rebuilt by ; if successful: 3. Unikernel pushed to ; and our 4. Cloud toolstack spawns VMs based on pushes there. mirage/mirage-www Travis CI mirage/mirage-www-deployment Our entire cloud-facing deployment is version-controlled from the source code up!
  • 24. IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). gittag to link code and binary across repositories. gitlog to view deployment changelog. gitpull to deploy new version. gitcheckout to go back in time to any point. gitbisect to pin down deployment failures.
  • 25. IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). Low latency deployment of security updates. No need for Linux distro to pick up and build the new version. Updated binary automatically built and pushed. Pick up latest binary directly from repository. Statically type-checked language prevents classes of attack.
  • 26. IMPLICATIONS Historical tracking of source code and built binaries in Git(hub). Low latency deployment of security updates. Unified development for cloud and embedded environments. Write application code once. Recompile to swap in different versions of system libraries. Use compiler optimisations for exotic environments.
  • 27. WRAPPINGUP Mirage OS 2.0 is an important step forward, supporting more, and more diverse, backends with much greater modularity. For information about the many components we could not cover here, see :openmirage.org , Git-like distributed branchable storage. , a from-scratch native OCaml TLS stack. , for low-latency inter-VM communication. , modular C foreign function bindings. Irmin OCaml-TLS Vchan Ctypes
  • 28. WHY? NYMOTE.ORG We need to claim control over our online lives rather than abrogate it to The Cloud: Doing so means we all need to be able to run our own infrastructure. Without having to become (Linux) sysadmins! How can we achieve this? Mirage is the foundation for building personal clouds, securely interconnecting and synchronising data between our devices.
  • 29. HTTP://OPENMIRAGE.ORG/ Featuring blog posts by: , , , , , , , , and . Amir Chaudhry Thomas Gazagnaire David Kaloper Thomas Leonard Jon Ludlam Hannes Mehnert Mindy Preston Dave Scott Jeremy Yallop Thanks for listening! Questions? (and please rate the talk!)