sakin aikin , wanda ke ba ka damar ƙirƙirar tsarin aiki na aikace-aikacen guda ɗaya, wanda aka isar da aikace-aikacen azaman "unikernel" mai dogaro da kansa wanda zai iya aiki ba tare da amfani da tsarin aiki ba, keɓaɓɓen kwaya na OS, da kowane yadudduka. Harshen haɓaka aikace-aikacen OCaml. Lambar aikin ƙarƙashin lasisin ISC kyauta.
Duk ƙananan ayyuka na asali ga tsarin aiki ana aiwatar da su azaman ɗakin karatu da aka haɗe zuwa aikace-aikacen. Ana iya haɓaka aikace-aikacen akan kowane OS, bayan haka an haɗa shi cikin ƙwaya ta musamman (ma'anar ) wanda zai iya gudana kai tsaye a saman Xen, KVM, BHyve, da VMM (OpenBSD) hypervisors, a kan dandamali na wayar hannu, a matsayin tsari a cikin yanayin POSIX mai dacewa, ko kuma akan Amazon Elastic Compute Cloud da Google Compute Engine Cloud.
Yanayin da aka samar ba ya ƙunshi wani abu mai banƙyama kuma yana hulɗar kai tsaye tare da hypervisor ba tare da direbobi da matakan tsarin ba, wanda ya ba da damar samun raguwa mai yawa a cikin farashi mai girma da kuma ƙara tsaro. Yin aiki tare da MirageOS ya sauko zuwa matakai uku: shirya tsari tare da tantance waɗanda ake amfani da su a cikin muhalli , gina muhalli, da kaddamar da yanayi. Lokacin gudu don gudana a saman Xen ya dogara ne akan kwaya mai tsiri , da kuma ga sauran hypervisors da tsarin tushen kwaya .
Duk da cewa an ƙirƙiri aikace-aikace da ɗakunan karatu a cikin babban yaren OCaml, sakamakon yanayin yana nuna kyakkyawan aiki da ƙaramin girman (misali, sabar DNS yana ɗaukar 200 KB kawai). Hakanan ana sauƙaƙe kulawar yanayin, tunda idan kuna buƙatar sabunta shirin ko canza tsarin, ya isa ya ƙirƙira da gudanar da sabon yanayi. Tallafawa a cikin yaren OCaml don aiwatar da ayyukan cibiyar sadarwa (DNS, SSH, OpenFlow, HTTP, XMPP, da sauransu), aiki tare da ma'ajiya da samar da sarrafa bayanai daidai gwargwado.
Babban canje-canje a cikin sabon sakin suna da alaƙa da bayar da tallafi don sabbin abubuwan da aka gabatar a cikin kayan aiki (yanayin sandbox don gudanar da unikernel):
- Ƙara ikon gudanar da unikernel MirageOS a cikin keɓe muhalli ("sandboxed process tender") wanda kayan aikin ya samar . Lokacin amfani da spt backend, MirageOS kernels suna gudana a cikin tsarin masu amfani da Linux, waɗanda ke ƙarƙashin ƙarancin keɓancewa dangane da seccomp-BPF;
- Tallafin da aka aiwatar daga aikin Solo5, wanda ke ba ku damar ayyana masu adaftar cibiyar sadarwa da yawa da na'urorin ajiya da aka haɗe zuwa unikernel a keɓance bisa hvt, spt da muen backends (amfani da genode da virtio backends a halin yanzu yana iyakance ga na'ura ɗaya);
- Ƙarfafa kariya na ƙofofin baya dangane da Solo5 (hvt, spt), alal misali, ana ba da taro a yanayin SSP (Kariyar Smashing Stack).
source: budenet.ru