CodeMesh 2015

3 November 2015

These are the slides from my talk today at CodeMesh. This time around I was earlier in the schedule so I get to enjoy the rest of the conference! If you’re reading this at the conference now, please do follow the link in my talk to rate it and give me feedback!

The specific items I reference in the talk are below with links to more information.

Security and the Bitcoin Piñata

This is a bounty where we have locked away some bitcoin in a unikernel that is running our new TLS stack. This was a new model of running a bounty and has proven a great way to stress test the code in the wild.

Some background to the Bitcoin Pinata, “The Bitcoin Piñata!”
The Pinata itself “You have reached the BTC Piñata”
Looking over the results of the attempts “Reviewing the Bitcoin Piñata”

You can follow up with more of the background work on the TLS stack by looking at the paper, “Not-quite-so-broken TLS: lessons in re-engineering a security protocol specification and implementation” and find other users of the libraries via https://nqsb.io.

Automated deployment

I’ve previously written about how we do unikernel deployments for MirageOS. Although the scripts themselves have evolved and become more sophisticated, these are still a good introduction.

Initial post on building a unikernel “From Jekyll to Unikernel”
The deployment steps for one of our repos “Heroku for Unikernels: Part 1 - Automated deployment”
Some thoughts on what the future might look like “Heroku for Unikernels: Part 2 - Self Scaling Systems”

Summoning on demand

The work on summoning unikernels was presented at Usenix this year and you can read the paper, “Jitsu: Just-In-Time Summoning of Unikernels”. The example I showed in the talk can be found at http://www.jitsu.v0.no.

Other resources

The MirageOS website, https://mirage.io
- The mirage-skeleton repo, which has a number of examples
The Rump Kernels site, http://rumpkernel.org
The Nymote site, http://nymote.org
- *The Introductory post is a useful place to start.