@fen Yeah, in theory you don't actually *need* a crapload of RAM to run everything in separate isolated VMs like #QubesOS does... but that'd require for the various things to be #unikernel programs (+ some qubes vchan interaction protocol stuff) instead of just running a full instance of Linux + Xorg + your program for each.

And as it turns out, implementing that is more work & bother than just adding some more ram to one's machine.

It's not like 10~15yo workstations don't have enough.

If I wanted to run a single program in an #immutable #VM that discards its state on terminating (ideally with the program image on disk being read-only), what would you suggest?

#Unikernel systems seem like an option, possibly.

The idea would be to run an untrusted program inside the VM operate on arbitrary third-party input, convert it into a sanitized/safer format and spit it back out over #RPC to be handled in a program where failure on the simpler format is safe.

#VirtualMachines

@rq A full #UNIX system on what should often be no more than a #unikernel application?

I did it! An #unikernel which provides 𝐨𝐧𝐥𝐲 an user interface via SSH (#MirageOS) in #OCaml! Imagine a full operating system as your MUA or IRC client which can be reachable via SSH!

Last week, during @SUSE Hackweek 22, I built a #unikernel application running #WebAssembly modules.
This is based on RustyHermit, a #Rust based unikernel.

That was a fun!

You can read more here: https://flavio.castelli.me/2023/02/07/building-a-unikernel-that-runs-webassembly---part-1/

Source code: https://github.com/flavio/hermit-wasm

its high time i try #unikernel #xen

its high time i try #unikernel #xen

I just published an article about albatross (the old one from 5 years ago is a bit outdated) at https://hannes.robur.coop/Posts/Albatross #MirageOS #orchestration #OCaml #unikernel enjoy reading, feedback appreciated :)

Im achten SystemCall geht es um #unikernel. Wir haben uns das MirageOS, quasi den Großvater der Unikernel angeschaut, und dann ein Proof of Concept gefunden, wo Forscher*innen den Linux Kern zu einem Unikernel umgebaut haben.

Am Ende diskutieren wir den clean-slate Ansatz gegen die Erweiterung etablierter Systeme.

https://www.systemcall.rocks/sc8-unikernel-mirage-linux.html

So #fedibrain, unikernels for Node.js (eg., Nanos, etc. https://nanos.org/) – yay/nay/oh no, please stay away?

Thoughts/experiences?

#unikernel #nodejs

The Need For Slimmer Containers

https://iximiuz.com/en/posts/thick-container-vulnerabilities/

#distroless
#unikernel
#slimdevops

We have actually been hosting the project website https://muen.sk as a MirageOS/Solo5 unikernel running on Muen for almost four years now:

https://mastodon.social/@Kensan/99173608153724833

This happened shortly after attending the brilliant 3rd MirageOS retreat in Marrakech. Meeting such wonderful folks like @hannesm @yomimono mato @reynir and all the other people like Anil etc, got me excited about Unikernels and MirageOS.
#MirageOS #Unikernel

Hmm. Is there a #unikernel that can host #Gemini ?
cc: #MirageOS ?

Related, so I don't lose the link: "Making Popcorn: Adding a disk to a #Rust Rumprun #Unikernel" https://polyfractal.com/post/adding-a-disk-to-a-rust-rumprun-unikernel/

Also interesting, these guys are creating an OS in Rust and writing a book about it at the same time – basically 'Rust does MINIX': "intermezzOS is a teaching operating system, specifically focused on introducing systems programming concepts to experienced developers from other areas of programming." http://intermezzos.github.io/

Was anderes, auf was mich der #36c3 aufmerksam gemacht hat: #Unikernel. Das ist ein sehr interessantes Konzept und scheint eine richtige Microservice-Alternative zu dem #Docker Wahnsinn zu sein.

Da scheint es schon ein paar zu geben, nicht nur das auf dem 36c3 vorgestellte #MirageOS, sondern auch #IncludeOS, #NanoVM, #RumpRun, etc. Welchen will man denn zum kennenlernen nehmen?

Übersicht über Unikernel: https://github.com/cetic/unikernels/blob/master/README.md

HermiTux, a binary-compatible #unikernel. https://ssrg-vt.github.io/hermitux/

"HermiTux is a unikernel: a minimal operating system with low memory/disk footprint and sub-second boot time, executing an application within a single address space on top of an hypervisor. Moreover, HermiTux is binary-compatible with Linux: it can run native Linux executables."

#relevanttomyinterests #programming #embedded

Thank you to everyone who participated in the Microkernels and Component based OS devroom at #FOSDEM. It was a pleasure to host such an international group of presenters, and it was good to see that the #unikernel and #microkernel communities can get along so well :-)

For those that missed it nearly all of the recordings should be available today:
https://fosdem.org/2019/schedule/track/microkernels_and_component_based_os/

Je viens de faire mumuse avec les #unikernel , #opam , et #ocaml . J'étais loin d'imaginer qu'un language appris a l'école il y a 15 ans pouvait refaire surface et surtout sponsorisé par #Facebook ( #reason https://facebook.github.io/reason/ ).