Nanos is a new kernel designed to run one and only one application in a virtualized environment. It has several constraints on it compared to a general purpose operating system such as Windows or Linux – namely it’s a single process system with no support for running multiple programs nor does it have the concept of users or remote administration via ssh.
↫ Nanos GitHub page
The project has a website with more information and instructions, and the code’s on GitHub.
I believe there’s merit in a simplified OS. But I do wonder if they’re painting themselves in with this mission statement. Even in the case of a single purpose machine, remote administration is probably going to be a requested feature at some point. If they stick to their guns it may make the OS less useful.
Even in the case of a single purpose machine, remote administration is probably going to be a requested feature at some point.
Remote administration is probably less of a problem then it sounds like.
A lot of the concepts needed to admin something like this have been worked out due to application containers.
The people running this are probably going to have their own hardware, and will have access to the host machine. They can ssh into the host, and control the machine via hypervisor tools. There is also the option of connecting to a virtual serial port to access the system, but that might not be what they’re going for.
With recent versions of KVM, folders on the host can be shared. Any persistent data could be saved on the host system.
Or the app could be architected to only use services. Logs and telemetry are shipped to a centralized server, files are in a object store like Minio/S3/Ceph, auth is handled by another service, caching an other server, db is remote, etc.
(I’m sure you know all this, and the second half is for the wider audience.)
Flatland_Spider,
I would never want something like this in a bare metal OS, but if it’s always a container and they can rely on the host functionality, then point taken.
I had a similar idea for my VMs. I thought it might be easier to share file systems than allocate VM images. but unless it’s been optimized more recently, the host file system access is extremely slow. Slower than samba. As a result I abandoned this approach for my environment.
I’d be curious to hear from people who’ve implemented such micro VMs. Obviously it would work, but it seems like you might end up reconstructing mature OS-like abstractions, administrative concepts, and APIs at the VM level. Are there net simplifications, or is all the complex functionality ultimately have to be reimplemented on the VM level.
There’s been work on virtiofs lately, so it might be better.
https://virtio-fs.gitlab.io/
I haven’t tried it. It’s an interesting feature, and I might try it next time I’m doing some development.
The unikernel concept probably makes more sense for larger organizations which have invested in a cloud provider, or have teams dedicated to maintaining all the ancillary services.
No users, single process… that reminds me of something, what is it called again? MS-DOS.
It’s a unikernel or library OS.
Both are pretty interesting ideas that I haven’t had time to play with.
MS-DOS was hardly the first single-process OS with no user support.
Can you run Linux on top of it?
Good question. But I’m sure someone will get Doom running on top of it soon enough!
There is actually quite a lot of them, with OSv probably the first to be “prominent”, Here is a list: https://github.com/seeker89/unikernels The main problem with them is that debug is impossible, ale they are not really as compatible as they claim and there are containers that are just soo much easier. Nowadays, there is also WebAssembly, which is probably not only easier but also more secure and flexible than them.
We really are reinventing the mainframe concepts again – IBM did “A VM host and lightweight single-ask VMs” back before the moon landings, and still sells them. See e.g. CMS ( https://en.wikipedia.org/wiki/Conversational_Monitor_System ).
What is old is new again. Most cloud concepts are comparable with “big remote machine and lightweight terminals for user interaction”, much like you’d have with a VAX-11 and a dozen VT220’s. The definitions and implementation might be different, but the concept is largely the same