Use a file (that we can drop easily into the rootfs) instead of passing the full
command on the CLI (as config.json needs to be edited otherwise).
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
For now, use jbuilder to build the calf as well, this gives us a bit
more control than the mirage tool. We will switch back to the mirage
tool later on if we want to use more fancy backends (such as KVM).
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
The protocol allows the client to send concurrent RPCs to the server.
The server replies by keeping the client ID, and the client keeps a
dispatch table of queries to route the retries. By doing things like
that, the server has a strong control over resource allocation, so
a bad client cannot exhaust all the server memory.
Also add some simple tests for the serialization + wire protocol which
are all passing. Proper concurrency/resource exhaustion usage will be
added later.
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
Previously, the control plane was using HTTP client/server, that various people
found way too complex to run in a privileged container (for very good reasons).
So switching to a simpler binary protocol, using c-like structures. Will
probably switch to an other serialization protocol later (eg. protobuf
or cap-n-proto).
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
The ebpf packages were somewhat neglected during the restructuring of the
the repository and currently do not build. They were also a little awkward
to use. So move them to ./projects for now until it matures.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The new hiearchy is:
- pkg/{init,mirage-compile}: additional Moby packages
- src/sdk -> the begining of the MirageOS SDK for Moby
- src/dhcp-client -> the code for the MirageOS dhcp-client service
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
Today the SDK only contains helper code to create secure Moby services based on
MirageOS. Today the SDK only defines the architecture and the communication
pipes between the privileged service and the calf; the proper communication
API will be specified after we have a few more use-cases.
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
The aim of the split kernel is to introduce a level of intra-kernel
protection into the kernel so that, amongst other things, it can
offer lifetime guarantees over kernel code and data integrity.
These patches only wire in the kernel build from a 4.11-rc3 snapshot.
The userspace tools will follow shortly. Instructions came via
https://github.com/linux-okernel/linux-okernel (linux-okernel branch)
and via @edwards-n and @t-koulouris.
The build can be done via `cd projects/okernel && make`.
Signed-off-by: Anil Madhavapeddy <anil@docker.com>
Split the bits which can be re-used in other services (e.g. init dance
and the server-side of the control path). `main.ml` now only contains what
is specific to the DHCP logic (+ the /caf directory).
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
Plus a few more minor improvements:
- compile with jbuilder.
- start working on the control path.
Signed-off-by: Thomas Gazagnaire <thomas@gazagnaire.org>
docker-compose and other utilities use the .yml extension.
For consistency rename all .yaml to .yml
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
