Mirage OS Logo

The MirageOS Documentation

and developer guides


Weekly Meeting: 2014-11-26
By Amir Chaudhry - 2014-11-26

Agenda

  • Configuration Modularity
  • Entropy for Mirage/TLS
  • Merging IPv6 and STACKV4
  • Conduit lives!
  • Pioneer projects
  • Irmin update

Attendees: Amir Chaudhry (chair), Thomas Gazagnaire, Thomas Leonard, Anil Madhavapeddy, Richard Mortier, Hannes Mehnert, Nicolas Ojeda Bar, Dave Scott and Magnus Skjegstad

Notes

Configuration Modularity

There's been a discussion about configuration modularity on the mailing list and ThomasG will be looking at this for the medium term. This isn't particularly urgent but we do need to have an idea of what to do. As a first step, ThomasG will discuss this with Mort when he's next in Cambridge, with the aim of getting some thoughts written down for further discussion.

Entropy for Mirage/TLS

Hannes summarised the discussions on the email thread so far. There are several scenarios depending on whether we have any control of dom0 or not. For the cases where we don't, we'll have to come up with another way of getting entropy into the unikernel. We could get entropy in via Xenstore or by using vchan. These are of equivalent difficulty to implement and Dave has been looking at them. Dave's currently tidying up Xenstore library so it's easier to write and is adding unit tests too. Will also be looking at the ring code too. Could use these libraries to make a Xen randomd. In general, there's reluctance to use Xenstore as the solution since we're not comfortable putting secret entropy through it — much better to use vchan.

ThomasL did get TLS working on the cubieboard recently (as did Hannes at ICFP).

Merging IPv6 and STACKV4

See also the notes from the last call.

Anil has been merging some of Nic's changes into his trees. There has been a fair amount of renaming but for the most part, it shouldn't be that difficult to update other code that uses the stack — things may simply need to be recompiled (and conduit makes parts of this easier).

Would really like to be able to test the stack from Mac OSX. Anil is adding bridging support to tuntap (which is available in Yosemite). There's no documentation to follow so it's taken some hacking but it is now attaching to an interface and seems to work. Is wondering about building a Mirage fetcher over IPv6.

In terms of next steps, we should be able to merge what Anil is doing now and then deploy on the mirage-www site! Mort reminded everyone that we would also need to update Mirage skeleton to remove the STACK example and update any others (and perhaps a few pages on the website too).

Conduit lives!

Conduit was released and Anil assures us that it's awesome. People have been using it and are reporting issues that Anil is looking into. These seem to be related to SSL and he'll deal with them.

Pioneer Projects

See also the notes from an earlier call.

We previously discussed the idea of a list of possible jobs/projects for newcomers to Mirage. Amir came up with a name for these (Pioneer Projects) and Anil started putting together a list, which you can see on the mirage-www wiki page. If you've worked on an aspect of Mirage and can recognise a project that could go on this list, please do add it. Don't worry about defining difficulty levels as we can examine that after we have a collection of things for people to browse through.

--

AoB

  • Irmin Update - If anyone has feedback on the new API, ThomasG would grateful to hear it. He's now thinking of encryption for Irmin so thoughts on that are also welcome. Encrypting the backend is of interest and should be easier with new API. It may be easier to evaluate the new API after trying to build a few command line tools (e.g. logging).

  • Using Irmin instead of crunch - Mort heard rumours that Irmin could be ready to use instead of Crunch. Mort's website is quite heavy as it contains a lot of PDFs he needs to serve. Using Irmin may be possible but ThomasG wants to get to a point where Irmin should just be able to clone a repo that contains the assets. Irmin could even watch the repo and if there are new events, then pull them in. There are a number of other things to complete before we can get to this point though. Those things are (1) clibs support in OPAM, (2) the git smart http protocol in ocaml-git and (3) TLS in mirage-cohttp.

  • Anil was going to modify crunch to get it to do git-clone if the directory doesn't already exist. There weren't any objections to this.

  • The next call is scheduled for Wednesday, 10th December - Please refer to the mailing list for actual details a day or so in advance.