| I really like the concept of MirageOS. I think its the only way to scale up above c10m [1]. In Mirage single application servers are able to git rid of a ton of the multiprocess kernel complexity. One really cool improvement/simplification I'd like to see: I'd like to remove all CPU level security (ie. context switches). For now I don't see the benefit of removing memory safety/abstraction but that could be discussed. Something like a SQL DB is the perfect example. In production its the only application on the OS. It already has its own set of security concerns (the majority of which are not solved by context switching). Yes, it increases the scope of a DBs security concerns, but it allows the application to choose its own security model. The DB has as much power as the kernel now, so maybe the DB would reimplement context switches for all network activity (be as safe as the Kernel lets it be today)? Maybe instead it would optimize context switches away for a majority of calls except writes? The possibilities/optimizations only grow, at the cost of only a 5-10% code size increase (ie to implement the subset of kernel security features that it actually needs). The other really nice thing about this could be: Imagine if Mirage allowed you to run a process with kernel level permissions and (as I understand it) it already allows that one process to run arbitrary OCaml on a selected CPU core. Imagine then the one process built into Mirage was the code for multi-process/multi-thread management with scheduling, message passing, security, signals and all the bells and whistles of a monolithic kernel. You could essentially construct monolithic kernels on the same framework that allowed us to build optimized databases, optimized servers. I think this set of lower level libraries, would be a game changer. If these libraries (framework) for building monolithic applications could be extracted out of the Linux kernel that would be huge since you could run it on any device Linux currently has drivers for (think embedded). However, even as it stands if you could create a framework for building Kernels with MirageOS on Xen, that would be really impressive. [1] http://c10m.robertgraham.com/p/manifesto.html |