© 2021 Strange Loop
Unikernels are a new mechanism to deploy lightweight, scalable, secure microservices that offer big functionality for relatively low cost. To do so, they allow us to compile our services to run directly on virtual “bare metal”, throwing away all the parts of the application and operating system stack we don't need. Don't want a file system? Throw out all that code, and the disk driver, too. Why pay (in cost, size, performance, or exploits) for all the stuff you don't use?
In this workshop, we'll talk the soup to nuts of designing, building, testing, and deploying microservices using unikernels. We'll start by showing a simple microservice design using the HaLVM, and then walk through how we build, test, and deploy it. For attendees with EC2 credentials, we'll even show how to load it into Amazon's cloud.
Not a Haskell fan? We'll show how to perform the exact same steps using Mirage (OCAML), the rump kernel (C), IncludeOS (C++), and other unikernels. Want to further explore the design space? Let's extend our base microservice to perform any number of interesting tasks: authentication, routing, caching, computation … you name it, and we'll walk you through the process of building and deploying your microservice.
Experience with unikernels is not required for this class, but experience with unikernel-capable languages and tools (Haskell's Cabal, OCAML's OPAM, Make / GCC / ld, etc.) is strongly recommended.
Adam Foltzer is a research engineer at Galois, and a member of the Haskell.org Committee. Adam was lucky enough to begin programming in Scheme when he was quite young, and has since then had a passion for functional and denotational programming. While getting a B.S. and M.S. in Computer Science from Indiana University, he began using Haskell while studying the theory, design, and implementation of programming languages; parallel and concurrent programming; and quantum and reversible computing. Prior to studying Computer Science, he studied Russian language and literature, archaeology, and how to fly small aircraft.
Dr. Adam Wick leads Galois's systems software and mobile security team, and was the creator of the HaLVM. In his current role, he has led projects that have used the HaLVM for communications and network security tasks, and has given talks at several Xen Summits, QCons SF, StrangeLoop, and various other symposiums about this work. He is also the co-inventer of CyberChaff, a unique network defense tool built using the HaLVM. Beyond the HaLVM, Adam has led Galois's investigations into secure operating system design, trustworthy mobile roots of trust, and predictive security for UAVs. Before Galois, Adam received his Ph.D. from the University of Utah, and his B.S from Indiana University.
Trevor Elliott is an engineer at Galois, and the designer and implementer of the Haskell Network Stack (HaNS). Trevor has extensive experience with the HaLVM, having used it in several engineering efforts at Galois, including CyberChaff. In addition, Trevor has worked on a wide variety of projects at Galois, including efforts in compiler design, cryptography, network security, and web system design. Trevor earned his B.S. in Computer Science from Portland State University in 2008.