yomimono yomimono

## update-rules instructions

I figured out some of the wiring for this script to clear out and add firewall rules.  Change `ocamldev` to the dev VM you'll launch, and `fetchmotron` to the VM which is a client of the firewall under test if necessary (you should only need to do this in update-firewall).

In dom0:

make a file in /etc/qubes-rpc called yomimono.updateFirewall:

```

sudo bash

## 3.1.0-announce.txt
Hello all,

We are happy to announce the release of version 3.1.0 of MirageOS.  Full release notes are available at https://github.com/mirage/mirage/releases/tag/3.1.0.  Thanks to hannes for handling this release, and to mato for documentation updates!

3.1.0 is compatible with the recently-released version 0.3.0 of the solo5 execution environment.  solo5 (and, in 3.1.0, therefore MirageOS) now includes experimental support for several new environments:

* the Muen Separation Kernel[1] (with `mirage configure -t muen`)
* FreeBSD vmm (with `mirage configure -t ukvm`)
* OpenBSD vmm (with `mirage configure -t ukvm`)
* ARM64 hosts[2] (with `mirage configure -t ukvm`)

## user_and_multistage
user@whale:~/minim$ cat Dockerfile
FROM ocaml/opam:alpine-3.5_ocaml-4.04.0 as ocaml

FROM scratch

COPY --from=ocaml /bin/sh /
CMD ["/sh"]
user@whale:~/minim$ docker build -t minim .
Sending build context to Docker daemon  53.76kB
Step 1/4 : FROM ocaml/opam:alpine-3.5_ocaml-4.04.0 as ocaml

## mirageos-unikernels-miragesdk.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              3 stars
            
          
                yomimono
                / mirageos-unikernels-miragesdk.md
            
            
              Last active
              May 16, 2017 07:11
            
              
                mirageos/unikernels update from docker internal systems summit, 20 april 2017
              
          
    MirageOS/Unikernels (but secretly something else)


speaking now: @mindypreston (@yomimono on github)

Very Quick MirageOS Update


we released version 3.0 in February
tl;dr: supports KVM via the solo5 project

better errors


better logs


## gist:e6c90105ac8f3f80cecd01761dd644d9
Less Code, Less Magic, More Results

## Major Changes

* The solo5 targets `ukvm` and `virtio` (see [https://mirage.io/blog/introducing-solo5]), which allow unikernels to run on KVM hypervisors and on FreeBSD via bhyve, are now available in the mainline `mirage` package.  These targets use a newly refactored freestanding OCaml runtime (see [https://github.com/mirage/ocaml-freestanding]).
* The `V1` and `V1_LWT` modules, which contained module type definitions agreed upon by implementations used in `mirage`, have been renamed to `Mirage_types` and `Mirage_types_lwt`.  The module type definitions themselves are no longer contained in this repository, but have been moved to their own independently-versioned repositories and are merely referenced from `Mirage_types` and `Mirage_types_lwt`.
* Across the universe of module type definitions, errors in computation are now signalled by a `result` type and a set of polymorphic variants representing common errors that might occur.  Individual implementations may extend

## pcb_snippet.ml
337     (* Compose the overall thread from the various tx/rx threads
338        and the main listener function *)
339     let tx_thread = (Tx.thread t pcb ~send_ack ~rx_ack) in
340     let rx_thread = (Rx.thread pcb ~rx_data) in
341     let wnd_thread = (Wnd.thread ~utx ~urx ~wnd ~state ~tx_wnd_update) in
342     let threads = [ tx_thread; rx_thread; wnd_thread ] in
343     let catch_and_cancel = function
344       | Lwt.Canceled -> ()
345       | ex ->
346         (* cancel the other threads *)

## client.ml
open Lwt
open V1_LWT

module Main (C: V1_LWT.CONSOLE) (CLIENT_STACK: V1_LWT.STACKV4) = struct
    let local_webserver="8.8.8.8"
    let port = 5162

  let start c client_stack =
    let construct_request () =
      let buf = Io_page.(to_cstruct (get 1)) in

## dispatch.ml
open Lwt
open Printf
open V1_LWT
open Re_str

module Main (C:CONSOLE) (FS:KV_RO) (S:Cohttp_lwt.Server) = struct

  let start c fs http =

    let read_fs name =

## config.ml
open Mirage

(* If the Unix `MODE` is set, the choice of configuration changes:
   MODE=crunch (or nothing): use static filesystem via crunch
   MODE=fat: use FAT and block device (run ./make-fat-images.sh)
 *)
let mode =
  try match String.lowercase (Unix.getenv "FS") with
    | "fat" -> `Fat
    | _     -> `Crunch

## never_graduate.ino
#include <Adafruit_NeoPixel.h>

#define PIN 6
#define PIXELS 7
#define MAX_PERTURBATION 3
#define RANDOM_SOURCE 10

Adafruit_NeoPixel strip = Adafruit_NeoPixel(PIXELS, PIN, NEO_GRB + NEO_KHZ800);

void setup() {

	I figured out some of the wiring for this script to clear out and add firewall rules. Change `ocamldev` to the dev VM you'll launch, and `fetchmotron` to the VM which is a client of the firewall under test if necessary (you should only need to do this in update-firewall).

	In dom0:

	make a file in /etc/qubes-rpc called yomimono.updateFirewall:

	```

	sudo bash
	Hello all,

	We are happy to announce the release of version 3.1.0 of MirageOS. Full release notes are available at https://github.com/mirage/mirage/releases/tag/3.1.0. Thanks to hannes for handling this release, and to mato for documentation updates!

	3.1.0 is compatible with the recently-released version 0.3.0 of the solo5 execution environment. solo5 (and, in 3.1.0, therefore MirageOS) now includes experimental support for several new environments:

	* the Muen Separation Kernel[1] (with `mirage configure -t muen`)
	* FreeBSD vmm (with `mirage configure -t ukvm`)
	* OpenBSD vmm (with `mirage configure -t ukvm`)
	* ARM64 hosts[2] (with `mirage configure -t ukvm`)
	user@whale:~/minim$ cat Dockerfile
	FROM ocaml/opam:alpine-3.5_ocaml-4.04.0 as ocaml

	FROM scratch

	COPY --from=ocaml /bin/sh /
	CMD ["/sh"]
	user@whale:~/minim$ docker build -t minim .
	Sending build context to Docker daemon 53.76kB
	Step 1/4 : FROM ocaml/opam:alpine-3.5_ocaml-4.04.0 as ocaml
	Less Code, Less Magic, More Results

	## Major Changes

	* The solo5 targets `ukvm` and `virtio` (see [https://mirage.io/blog/introducing-solo5]), which allow unikernels to run on KVM hypervisors and on FreeBSD via bhyve, are now available in the mainline `mirage` package. These targets use a newly refactored freestanding OCaml runtime (see [https://github.com/mirage/ocaml-freestanding]).
	* The `V1` and `V1_LWT` modules, which contained module type definitions agreed upon by implementations used in `mirage`, have been renamed to `Mirage_types` and `Mirage_types_lwt`. The module type definitions themselves are no longer contained in this repository, but have been moved to their own independently-versioned repositories and are merely referenced from `Mirage_types` and `Mirage_types_lwt`.
	* Across the universe of module type definitions, errors in computation are now signalled by a `result` type and a set of polymorphic variants representing common errors that might occur. Individual implementations may extend
	337 (* Compose the overall thread from the various tx/rx threads
	338 and the main listener function *)
	339 let tx_thread = (Tx.thread t pcb ~send_ack ~rx_ack) in
	340 let rx_thread = (Rx.thread pcb ~rx_data) in
	341 let wnd_thread = (Wnd.thread ~utx ~urx ~wnd ~state ~tx_wnd_update) in
	342 let threads = [ tx_thread; rx_thread; wnd_thread ] in
	343 let catch_and_cancel = function
	344 \| Lwt.Canceled -> ()
	345 \| ex ->
	346 (* cancel the other threads *)
	open Lwt
	open V1_LWT

	module Main (C: V1_LWT.CONSOLE) (CLIENT_STACK: V1_LWT.STACKV4) = struct
	let local_webserver="8.8.8.8"
	let port = 5162

	let start c client_stack =
	let construct_request () =
	let buf = Io_page.(to_cstruct (get 1)) in
	open Lwt
	open Printf
	open V1_LWT
	open Re_str

	module Main (C:CONSOLE) (FS:KV_RO) (S:Cohttp_lwt.Server) = struct

	let start c fs http =

	let read_fs name =
	open Mirage

	(* If the Unix `MODE` is set, the choice of configuration changes:
	MODE=crunch (or nothing): use static filesystem via crunch
	MODE=fat: use FAT and block device (run ./make-fat-images.sh)
	*)
	let mode =
	try match String.lowercase (Unix.getenv "FS") with
	\| "fat" -> `Fat
	\| _ -> `Crunch
	#include <Adafruit_NeoPixel.h>

	#define PIN 6
	#define PIXELS 7
	#define MAX_PERTURBATION 3
	#define RANDOM_SOURCE 10

	Adafruit_NeoPixel strip = Adafruit_NeoPixel(PIXELS, PIN, NEO_GRB + NEO_KHZ800);

	void setup() {