pkgsrccon 2016 the rumprun unikernel · app rumprun-bake bake.conf app.img rumprun step 1:...
TRANSCRIPT
![Page 2: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/2.jpg)
2
unikernels: how did we get here
● batch processing: single app on a single machine● time sharing: multiple apps on a single maschine
‒ process isolation, multi-user
‒ shared dependencies
‒ sandboxing
‒ virtualisation, containerization
● unikernel: single app on a virtual machine‒ specialized, no moving parts, isolated through hypervisor
![Page 3: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/3.jpg)
3
removinglayers of abstraction
![Page 4: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/4.jpg)
4
uni · kernel
POSIXapplication
Rumprunrun-time
Rumprun toolchain
bootable,single-purpose
binary image
hypervisorXen, KVM, bare-metal
![Page 5: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/5.jpg)
5
getting started
$ git clone http://repo.rumpkernel.org/rumprun$ cd rumprun$ git submodule update --init$ CC=cc ./build-rr.sh hw[...]>> Built rumprun for hw : x86_64-rumprun-netbsd>> cc: x86_64-rumprun-netbsd-gcc>>>> ./build-rr.sh ran successfully
![Page 6: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/6.jpg)
6
Rumprun workflowfoo.c
x86_64-rumprun-netbsd-gcc
bar.c
app
rumprun-bake
bake.conf
app.img
rumprun
step 1: cross-compile‒ compile against NetBSD's libc
‒ support for autotools & cmake
step 2: bake‒ choose hypervisor, drivers & subsystems
step 3: launch‒ mount points for block devices
‒ configure network
‒ environment variables, main args
![Page 7: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/7.jpg)
7
runninghello world
![Page 8: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/8.jpg)
8
rumprun-packages
applications‒ apache2, nginx, haproxy
‒ redis, mysql, sqlite, leveldb
‒ tor, mpg123, …
programming languages‒ C/C++ (from toolchain)
‒ Lua, PHP, Python, Ruby, node.js
‒ Rust, Erlang, Go
contiguous integration‒ ensuring all packages build
‒ running twice a day (3+hrs)
![Page 9: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/9.jpg)
9
seconddemonstration
![Page 10: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/10.jpg)
10
https://twitter.com/rhatr/status/740244315411251201https://blog.xenproject.org/2015/08/06/on-rump-kernels-and-the-rumprun-unikernel/
“Pssst, want a portable, kernel-quality TCP/IP stack?”
rump kernels‒ free, reusable, componentized,
kernel-quality drivers— hardware drivers— file systems, network protocols— POSIX system calls
![Page 11: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/11.jpg)
11
Rumprun: unikernel based on rump kernels
rumprun
applicationcode & libraries
libcprovides POSIX API
rump kernelnetwork protocols, file systems, drivers
rumprun platformbootstrapping, threads, memory
● from rump/NetBSD‒ rump kernel & drivers
‒ (mostly) unmodified libc
● our own‒ platform-specific bootstrapping
‒ “bare-metal” hypercall implementation— thread scheduler— memory allocator— console output
![Page 12: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/12.jpg)
12
debugging unikernels
gdb‒ using qemu's debugging interface
— same for Xen
‒ unikernel is a single ELF file— can step through the full stack
rump sysproxy rumpctrl— “remote shell”— ifconfig, mount, sysctl
syscalls over TCP/IP— not enabled by default— even works for bare-metal
![Page 13: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/13.jpg)
13
limitations
single address-space‒ no processes
‒ no virtual memory
‒ no signals
toolchain‒ still experimental
threading‒ cooperative
‒ single-core— need to spawn multiple unikernels
to use multiple cores
![Page 14: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/14.jpg)
14
more rump kernel
frankenlibc‒ alternative rump unikernel
‒ interesting software architecture
‒ runs on Linux/FreeBSD/NetBSD— seccomp & Capsium support
nolibc Rumprun‒ directly use the rump kernel
‒ some assembly required
‒ experimental Linux/LibOS support
![Page 15: pkgsrcCon 2016 The Rumprun Unikernel · app rumprun-bake bake.conf app.img rumprun step 1: cross-compile ‒ compile against NetBSD's libc ‒ support for autotools & cmake step 2:](https://reader033.vdocuments.net/reader033/viewer/2022050105/5f435b16026ec84cd3751ff8/html5/thumbnails/15.jpg)
15
getting started:http://rumpkernel.org
@rumpkernel
#rumpkernel irc.freenode.net
contact me:[email protected]
@gandro23
gandro on irc.freenode.net
documentation:‒ wiki, tutorials, how-to
‒ video tutorials
‒ rump man pages
code: repo.rumpkernel.org/rumprun
repo.rumpkernel.org/rumprun-packages