Virtualization Technology News and Information
Article
RSS
Xen Project Introduces New Mirage OS Release
The Xen Project Collaborative Project hosted at the Linux Foundation today announced the release of Mirage OS v2.0, which includes the industry's first software framework that unifies cloud and embedded deployments behind a safe, secure programming language, allowing developers to seamlessly build systems that span both embedded devices and public cloud services. The latest release also includes support for distributed computation, networking and storage.

Most applications running in the cloud are not optimized to do so. They make assumptions about the underlying operating system, resulting in larger footprints with increased costs and risks. The open source Mirage OS represents a new approach where the application code is combined with the specific components of the operating system it needs into a single-purpose unikernel appliance. With Mirage OS, developers can create lean and efficient unikernels for secure, cost-effective and high-performance network applications. Mirage OS unikernels run directly on the Xen Project hypervisor, which allows them to be quickly deployed to many leading cloud platforms.

For the first time, application developers using Mirage OS can deploy their projects to embedded ARM-based devices, such as the Cubieboard2 board, as well as to public clouds like Amazon EC2, Rackspace Cloud and Verizon Cloud. With a particular focus on scalability, resilience and safety, Mirage OS is ideal for creating mission-critical systems and can easily span from embedded devices in homes and buildings to large cloud deployments. This milestone release opens up the coming wave of connected devices to application developers with a number of significant new libraries to provide support for disconnected operation, security and enhanced interoperability, including:

  • Irmin distributed Git-like storage system: enables a fully distributed workflow, with support for disconnected operation, efficient merge operations and application-specific conflict resolution algorithms. Irmin offers a way to circulate and integrate data among remote workers, sensors or devices in different connectivity environments and can seamlessly sync all information, pairing well with mobile computing and the Internet of Things.
  • OCaml-TLS: a clean-slate implementation of the transport layer security (TLS) protocol in pure OCaml for security sensitive applications. TLS, also known as Secure Sockets Layer (SSL), is the Internet's most widely used security protocol. By re-building security-critical software in OCaml, Mirage OS obstructs bugs related to spatial and temporal memory safety, such as Heartbleed.
  • ARM device support: allows Mirage OS applications to be deployed as guest VMs under the Xen Project on ARM hypervisor, making it possible to run on low-power embedded devices, home routers, and many of the low-cost single-board ARM computers now available.
  • vchan protocol: natively supports faster and more efficient Xen inter-domain communication using shared memory, e.g. between two VMs residing in the same Xen host. This provides a higher level of security compared to network sockets since messages will never leave the host's shared memory.
  • Ctypes library: provides enhanced interoperability with existing C code and Mirage OS components can be linked into existing C applications. Ctypes makes it easy to interact with non-OCaml code by generating C glue code and also can produce standalone native object files that can be embedded within other non-OCaml applications.

"Unikernels built on high-level languages, such as the Mirage OS and our own open source HaLVM, offer tremendous benefits for building security-critical components. By using Mirage OS for our MAC-enhanced XenStore, we were able to quickly and easily add next-generation security features, while maintaining confidence that our additions met critical quality and safety metrics," said Adam Wick, Technical Director, Systems Software at Galois, a U.S. company developing critical systems that solve critical software security, safety, privacy and performance problems for government and commercial clients.

Another Mirage OS user, OnApp, recently introduced the global OnApp Federation network of 2,000 public OnApp clouds for sharing compute resources (CPU, RAM and storage).

"Unikernels form a building block that enable us to scale out efficient, on-demand virtual machines across the global OnApp federated cloud provider marketplace. Mirage OS is an exciting technology on which to provision new 'liquid' services in the public cloud without sacrificing security and isolation," said Julian Chesterfield, Director of Emerging Technologies at OnApp.

"The seamless development workflow for both the cloud and embedded devices represents the best approach to creating native applications for the Internet of Things and Personal Clouds, including Nymote, which aims to give users lifelong control of their networked personal data. These core advances will enable developers to focus on adding value to their services and impressing their customers with creative offerings. In the future, we believe all software will be written this way." said Dr. Amir Chaudhry, Programme Manager at OCaml Labs, and part of the international User Centric Networking project.

Mirage OS is an open source project led by Dr. Anil Madhavapeddy of the Systems Research Group at the University of Cambridge. Additional contributors include developers from Citrix, the FreeBSD Core Team, Galois, OCamlPro and a growing number of individual contributors. Institutional and grant support for Mirage OS comes from Horizon Digital Economy Research RCUK, OCaml Labs and the User Centric Networking project. For more information about Mirage OS and to participate, please visit OpenMirage.org.

Published Tuesday, July 22, 2014 6:31 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<July 2014>
SuMoTuWeThFrSa
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789