tisos

View Github Repository Open presentation in a new window

sjfloat

See all presentation from sjfloat

tisos

0 0

tisos

On Github sjfloat / tisos

(Enter '?' for navigation help)

Steve Jones

steve@jonescape.com or sjfloat@gmail.com

@sjfloat (both twitter and google+)

Remember when...

you developed your programs without computers?

when you waited your turn, loaded your program and ran it?

computers didn't have operating systems?

Yeah, me neither

Early computers

Essentially calculators

Serial

Special-purpose

Appliances

(No, pair programming is not new)

Why Operating Systems?

Multi-programming

Multi-process

Multi-user

Multi-purpose

Many unused drivers and utilities

Great complexity -- generally moreso than our apps

Lots of aging legacy C code

I Love My Operating System

Great package management system

Commitment to Free Software

Awesome community

Over 25,000 packages available

It's undisputably the best

Darn! Can't connect to the wireless network

#$?!&!!, I'm switching to NixOS!

No One Cares About My Stupid Operating System

Admit it, you didn't care

No one does

Least of all, my customer

The objective is just to deliver our product or service

But My OS Has Lots of Awesome Tools and Utilities

For me, my pals and for the #BadGuys :^(

This could be a problem...

Appliances vs General Purpose Computing Environments

Let's not conflate the factory with the store front

Laptop/Desktop Microwave Oven Phone ATM Machine Server General Purpose ✔ ✔ Appliance ✔ ✔ ✔

Is My Server a General Purpose Computing Environment?

Should it be?

Why do I treat it like one?

So, How Do I Maintain These Without My Tools?

  • You don't...
  • We're describing Cattle, Not Pets
  • Immutable
  • Ephemeral

Operating Systems: Development Workflow Variation

  • On a dev team, each individual's computing environment tends to diverge from one another.
  • This divergence is a primary source of 'works on my box'.
  • Things such as VM, libraries and configuration are a source of drift.

Containers

  • Virtualization at the Operating System Level
  • Shared operating system and kernel
  • Mostly isolates app and dependencies in user-space
  • "Looks" like a dedicated operating system

Containers

  • Encapsulate build dependencies
  • Isolate development environment from deployable
  • Use your awesome operating system and tools
  • Standardize what matters
  • Decouple development tools and env from production concerns

Container Security

  • Don't use privileged user
  • SELinux
  • AppArmor
  • https://github.com/docker/docker-bench-security

Containers

Require host OS

But host OS can be minimal

So, why do we use an OS at all?

Do I have any options?

Unikernels

What are they?

Me: "unikernels" Alphabet: "unicorn tools"

Unicorn Tools!

Unikernels

Single process

Single user

Single purpose

Very simple

Very small footprint

Only your application

Massively scalable

Typical boot time in 10s of ms

MirageOS

  • Composable using OCaml modules
  • Targets multiple platforms, including Xen, ARM and Javascript
  • NO config files -- Almost entirely type-checked, modular code
  • Reimplemented network stack
  • TLS -- Bitcoin Piñata
  • Jitsu -- Just-In-Time Summoning of Unikernels

OCaml

  • All the usual benefits of a functional language
  • Strongly-typed (with type inference)
  • High-level language
  • Fast executables
  • Sophisticated module system -- also strongly-typed

MirageOS

https://mirage.io/

Anil Madhavapeddy @avsm

Amir Chaudhry @amirmc

Yeah, but...

OCaml?

Are There Any Other Choices for Unikernels?

Yes, several...

HalVM

  • Port of Haskell
  • Similar to MirageOS
  • Runs on Xen hypervisor
  • Adam Wick @acwpdx

LING

  • Port of Erlang BEAM
  • Runs on Xen hypervisor, Rasberry Pi

Erlang / OTP

  • Another Functional Language
  • Strongly, but dynamically typed
  • Extreme fault-tolerance
  • Legendary availability
  • Fail-fast
  • Supervisor trees vs error-handling code
  • Actors for concurrency

LING

  • http://cloudozer.com/
  • http://erlangonxen.org/
  • @erlang_on_xen
  • Viktor Sovietov @vsovietov

RUMP Kernels

  • Componentized NetBSD
  • Originally conceived for driver development
  • Provides POSIX layer and libc
  • Used to build Unikernels from Anykernel components
  • Resulting unikernel runs on Xen hypervisor
  • More general, language agnostic

Anykernels

"We use the term anykernel to describe a kernel code base with the property of being able to use unmodified drivers and the relevant support routines in rump kernels." -- Antti Kantee

RUMP Kernels

http://rumpkernel.org/

Justin Cormack @justincormack

Antti Kantee @anttikantee

Martin Lucina @matolucina

OSv

  • "Fat" unikernel
  • More general - not language-specific
  • Provides POSIX layer, Linux ABI and JVM
  • Targets multiple platforms, including Xen

Other interesting combinations

Erlang on OSv Zvi Avraham @Zvi MirageOS/OCaml on RUMP Martin Lucina @matolucina

Steve Jones

steve@jonescape.com or sjfloat@gmail.com

@sjfloat (both twitter and google+)

http://www.meetup.com/Pittsburgh-Functional-Programming-Meetup/

@pghfpmeetup

(Thanks pulp-o-mizer!)

1
(Enter '?' for navigation help)