Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa MirageOS 3.6, nsanja yoyendetsera mapulogalamu pamwamba pa hypervisor

Kutulutsidwa kwa MirageOS 3.6, nsanja yoyendetsera mapulogalamu pamwamba pa hypervisor

chinachitika kutulutsidwa kwa polojekiti Mirage OS 3.6, zomwe zimakulolani kuti mupange machitidwe opangira ntchito imodzi, momwe ntchitoyo imaperekedwa ngati "unikernel" yodziyimira yokha yomwe ingakhoze kuchitidwa popanda kugwiritsa ntchito machitidwe opangira opaleshoni, kernel yosiyana ya OS ndi zigawo zilizonse. Chilankhulo cha OCaml chimagwiritsidwa ntchito kupanga mapulogalamu. Project kodi wogawidwa ndi pansi pa layisensi ya ISC yaulere.

Magwiridwe onse otsika omwe amapangidwa ndi makina ogwiritsira ntchito akugwiritsidwa ntchito ngati laibulale yomwe imalumikizidwa ndi pulogalamuyi. Ntchitoyi imatha kupangidwa mu OS iliyonse, pambuyo pake imapangidwa kukhala kernel yapadera (lingaliro alireza), yomwe imatha kuthamanga molunjika pamwamba pa Xen, KVM, BHyve ndi VMM (OpenBSD) hypervisors, pamwamba pa nsanja zam'manja, monga ndondomeko mu malo ogwirizana ndi POSIX, kapena ku Amazon Elastic Compute Cloud ndi Google Compute Engine mtambo.

Chilengedwe chopangidwa sichikhala ndi chilichonse chopanda kanthu ndipo chimagwirizana mwachindunji ndi hypervisor popanda madalaivala kapena zigawo za dongosolo, zomwe zimalola kuchepetsa kwakukulu kwa mtengo wapamwamba ndi kuwonjezeka kwa chitetezo. Kugwira ntchito ndi MirageOS kumabwera pamagawo atatu: kukonzekera kasinthidwe ndikuzindikira zomwe zimagwiritsidwa ntchito m'chilengedwe. OPAM phukusi, kumanga chilengedwe ndi kuyambitsa chilengedwe. Nthawi yothamanga yothamanga pamwamba pa Xen imatengera kernel yong'ambika Mini-OS, ndi ma hypervisors ena ndi machitidwe a kernel Solo5.

Ngakhale kuti mapulogalamu ndi malaibulale amapangidwa m'chinenero chapamwamba cha OCaml, madera omwe amatsatira amawonetsa ntchito yabwino komanso kukula kochepa (mwachitsanzo, seva ya DNS imangotenga 200 KB). Kusamalira madera kumakhalanso kosavuta, chifukwa ngati kuli kofunikira kusintha pulogalamuyo kapena kusintha kasinthidwe, ndikokwanira kupanga ndi kukhazikitsa malo atsopano. Zothandizidwa mabuku khumi ndi awiri m'chinenero cha OCaml kuti mugwire ntchito zapaintaneti (DNS, SSH, OpenFlow, HTTP, XMPP, etc.), gwirani ntchito ndi kusungirako ndikupereka ndondomeko yofananira.

Kusintha kwakukulu pakumasulidwa kwatsopano kumakhudzana ndi kupereka chithandizo chazinthu zatsopano zomwe zimaperekedwa muzolembazo Solo5 0.6.0 (malo a sandbox oyendetsa unikernel):

  • Adawonjezera kuthekera koyendetsa unikernel MirageOS pamalo akutali spt ("sandboxed process tender") yoperekedwa ndi zida Solo5. Mukamagwiritsa ntchito spt backend, ma maso a MirageOS amayenda munjira za ogwiritsa ntchito a Linux pomwe kudzipatula pang'ono kumayikidwa kutengera seccomp-BPF;
  • Thandizo lakhazikitsidwa chiwonetsero cha ntchito kuchokera ku projekiti ya Solo5, yomwe imakulolani kufotokozera ma adapter angapo a netiweki ndi zida zosungira zomwe zimalumikizidwa ndi unikernel modzipatula kutengera hvt, spt ndi muen backends (kugwiritsa ntchito genode ndi virtio backends pakadali pano ndi chipangizo chimodzi);
  • Chitetezo cha backends zochokera Solo5 (hvt, spt) chalimbikitsidwa, mwachitsanzo, kumanga mu SSP (Stack Smashing Protection) mode waperekedwa.

Source: opennet.ru

Kuwonjezera ndemanga