unikernel user summit 2015: getting started in unikernels using the rump kernel
TRANSCRIPT
Getting Started in UnikernelsUsing the Rump Kernel
Justin Cormack @justincormack
Slides athttp://texaslinuxfest2015.myriabit.com/
2
Justin CormackLondon based developer working on rump kernels and unikernels for the
last few years.
Co-author of new ebook Docker in the Trenches: Successful Production
Deployment
On twitter @justincormack and Github justincormack
3
Why unikernel?Lots more in the previous talk...
• Just the code you need.
• Self contained with all dependencies
• Makes system software more accessible
4
What is the rump kernel?Essentially it is the drivers from NetBSD without the rest of the kernel
• TCP, UDP, sockets
• File system drivers
• Hardware drivers and virtio drivers
• Random numbers, crypto
5
What is the rump kernel not?It does not have
• Scheduler
• Processes
• Userspace
6
Why not Linux?It has not been done yet...
While the code to use NetBSD drivers without the kernel has been
upstream for years, originally for easy driver development in userspace
and for running the test suite, eg to spin up a TCP stack for testing.
Hajime Tazaki is working on LibOS-Nuse which starts the work with the
network stack.
7
Turning the rump kernel into a unikernel• Add simple threading and scheduler
• Add platform support: so far for userspace, Xen, KVM, Qemu and some
bare metal platforms.
• Add libc, and other userspace libraries
8
Architecture
9
Architecture• The hypercall layer provides threads, clock, and scheduler, eg if running
in userspace this is very simple
• Code is a normal library, so syscalls are just function calls, sharing the
same stack
•
10
What doesn't work• Single process only – cannot fork or exec.
• No virtual memory – cannot mmap files.
• No shared librarues – everything is statically linked.
11
Languages known to workSo far mostly tested with C programs, many dynamic languages expect
dynamic libraries, although this can be worked around in principle.
• C, C++
• Lua, LuaJIT
• Python, PHP
12
Programs known to work• Nginx
• Redis
• MySQL
• LevelDB
• mpg123
• roundcube
• ...
13
Build process• Essentially we are cross compiling
• And we need to make static binaries
• Unfortunately not everything likes to do those nowadays
• Still working on improving and simplifying the build process...
14
Build stepsWill build for qemu, as it runs anywhere on Linux. Build is pretty much
the same for Xen, KVM.
1. Build (cross) toolchain
2. Compile any (static) libraries needed
3. Compile program
4. Configure program
5. Run
15
1. Build toolchain• git clone https://github.com/rumpkernel/rumprun
• cd rumprun
• git submodule update --init
• ./build-rr.sh hw
• export PATH=$PWD/app-tools:$PATH
16
2. Build an application• git clone https://github.com/rumpkernel/rumprun-
packages
• cd rumprun-packages
• echo "RUMPRUN_TOOLCHAIN_TUPLE=x86_64-rumprun-
netbsd" > config.mk
• cd nginx
• make
• rumpbake hw_generic bin/nginx.qemu bin/nginx
17
3. Configure networking• sudo ip tuntap add dev tap0 mode tap user $(whoami)
• ip link set dev tap0 up
• sudo brctl addbr bridge0
• sudo ip link set bridge0 up
• sudo brctl addif bridge0 tap0
• sudo ip addr add 10.0.0.1/24 dev bridge0
• replace /etc/qemu-ifup with an empty script
18
4. Run unikernel• rumprun qemu -i -I 'qnet0,vioif,-net
tap,ifname=tap0' -W qnet0,inet,static,10.0.0.2/24 -b
images/stubetc.iso,/etc -b images/data.iso,/data
bin/nginx.qemu -c /data/conf/nginx.conf
• curl http://10.0.0.2/
19
Building other applicationsModify the build as appropriate, hopefully as simple as:
• ./configure --host=x86_64-rumprun-netbsd --disable-
shared
20
Docker buildsThe toolchain and packaged applications are experimentally available as
docker containers, will be finalized and documented shortly
• docker pull justincormack/rumprun
• docker pull justincormack/rumprun-packages
21
Getting help• rumpkernel.org
• IRC #rumpkernel on Freenode
• Mailing list https://www.freelists.org/list/rumpkernel-users
• Twitter @rumpkernel
22