OCaml/MirageOS Diary, Week 3

Published: 2016–02–19 Originally published at rudenoise.uk.

Whilst continuing to work through Real World Ocaml, I did some research into related projects and this caught my interest: MirageOS (a unikernel/library-OS for building small, fast and secure web-servers).

My history with servers 2003–2016

  • 2003 Started my dev “career”. The website I worked on was a LAMP stack hosted on a single “beefy” server, kept in a rack, in (what I remember to be, but can’t find supporting evidence for) a nuclear fallout shelter beneath Manchester’s China Town. We administered it via ssh and ftp. If it ran into trouble someone had to run down there and physically swap it for a spare. Apparently, it set alight once when (non-pornographic) images were hot-linked by an Italian porn site. It got too hot. Data backup was done as DB dumps and redundancy was RAID enabled drives! I enjoyed those years.
  • 2006–2011 Servers were less exciting as the projects I worked on lived in RackSpace boxes (with SLAs and management packages). There were DB, Server and Network admins at the larger companies. We even used source control. Blogs, like High Scalability, had tales of server-farms in shipping containers and other exotic and exciting set-ups.
  • 2011–2014 Things started getting a bit tasty again as cloud services were consumerised. DevOps tooling had trickled down (and my employer dealt with global scale and location problems). The creation, movement and management of servers was becoming another every-day tool (thanks to Vagrant, Chef, Puppet, AWS CLI and their like).
  • 2015 Docker was now firmly in place as a way to build and manage consistent environments (from dev machines to live servers). Servers were now another programming tool.
  • 2016 Unikernels?!

Why Unikernels?

In a NodeJS stack, for example, there are a lot of moving parts Operating System, system tools, NodeJS, NPM packages — that also pull in further packages — and sitting on top: the application).

Stacks like this have a lot components to think about, manage and deploy. In a world of micro-services the ratio of stuff to application code grows further.

On top of this, each item in the stack has the potential to introduce security vulnerability.

The challenge now is to reduce the complexity/stack-size. Go apps with micro-containers is a good example of this movement.

A potential step on from this are Unikernels and Library Operating Systems. Application code and operating system compiled and deployed as one purpose built unit. This leads to tiny (measured in kB rather than MB), fast starting and quickly deployed servers with fewer attack surfaces.

For a good history and overview of all this I recommend Unikernels: Rise of the Virtual Library Operating System.

So what am I doing about it?

I’ve enjoyed learning OCaml but needed a real-world project to use it on. I’ve also been looking to contribute to an Open Source project, ideally one that could play a part in the future of the internet’s infrastructure. Discovering Unikernels lead me to sign up for the Mirage OS Hackathon (and it’s in Marrakech).

I’m all in.

If you want to be informed when more of this stuff is written you can subscribe or why not look at Rudenoise’s home page?

Originally published at rudenoise.uk.