Hi,
Kurt Mackey @kurt had hinted at 38min20 into the podcast [1] that “… we could actually run even things like Unikernel type apps, so we could actually run a kernel-less application, if you were able to build something like that…”.
I am experimenting with MirageOS unikernels that are written in OCaml, building and running them on Linux and/or OpenBSD.
As fly.io does not only offer dual-stack IPv4/IPv6 Anycast, but also supports UDP besides TCP, it would be nice to try and run DNS server unikernels, for example!
Are there any pointers on how to get started with unikernels on fly.io?
Thank you.
Fly is working on a “serverless” offering that’d suit unikernels (probably as a function-as-a-service) a bit better: Tease us with more "machine" info?
Till that becomes a reality, I’ve restored to deploying distroless containers to Fly today for DNS workloads I run (written in golang), and the resulting image size is less than 10MiB, iirc. Though, note that Fly doesn’t itself run docker images as-is.
We haven’t exposed any tooling for unikernels yet. Mostly because very few developers have asked. Right now, we’re in “build something for the maximum possible developers” mode, but I think we’ll go a little deeper on VM options over the next year or so.
One reason this is hard: most of our service relies on a special init process we inject and use to supervise application processes. We can theoretically launch any ol’ kernel into a firecracker, but we’d then have to define and support some way of handing off network information, passing back stdout, etc. Without our init environment, the stuff happening within a firecracker is opaque and very hard to debug.
@ignoramous Thanks for your reply with the excellent pointers. I was not aware of Distroless Containers yet. But I will try them on Fly, first together with the minimal example Reflect from Miek Gieben’s Go DNS library.
In the past, MirageOS devs had mentioned the idea of targeting Firecracker VMs as well, once they are done with Solo5. The latter has been achieved on OpenBSD some two or three years ago. So maybe it is worthwhile to followup with them about Firecracker, and other ways to target Fly.