[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MirageOS-devel] provisioning and deploying unikernels on own hardware


over the last weekends I worked on a system to provision and deploy
MirageOS unikernels onto a machine with hypervisor (under my control).

The result is a bunch of unix processes (event log, console output,
statistics, connection handling + virtual machine creation and deletion)
written in OCaml, which communicate via unix domain sockets.

A unikernel is - together with its configuration (memory, network
device*s, optional block device, CPU id) embedded in an authenticated
key/value store (X.509 certificate).   I use the X.509 certificate chain
to further delegate resources (by handing out (subCA) certificates) and
check policies.

I wrote some text about it at https://hannes.nqsb.io/Posts/VMM ; code is
at https://github.com/hannesm/vmm

It's up and running since some weeks on my machine now, feel free to
send me signing requests in case you want to deploy unikernels.  It is
all based on FreeBSD and Solo5 ukvm at the moment, but it should work on
Linux + ukvm as well (at least it compiles ;).

Please let me know of any feedback, to either the system design, the
implementation, or the article,


MirageOS-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.