The new syntax and then(): is used above to chain callbacks to the previous lambda function. This allows you to quickly create and manage the flow of callback logic.
with stack:
def handle_connection(s:connected_socket, a:socket_address) -> future<>:
output = s.output()
input = s.input()
return do_with( s, output, input ):
return repeat() and then( callback=lambda:output.close() ):
return input.read() and then( capture=[output], future=[buf] ):
if buf:
return output.write( move(buf) ) and then():
return next
else:
return stop
future<> handle_connection(connected_socket s, socket_address a) {
auto output = s.output();
auto input = s.input();
return do_with(std::move(s),std::move(output),std::move(input), [] (auto& s,auto& output,auto& input) {
return repeat([&] {
return input.read().then([&output] (auto buf){
if (buf==true) {
return output.write(std::move(buf)).then([] (){
return stop_iteration::no;
});
} else {
return make_ready_future(stop_iteration::yes);
}
});
}).then([&](){ return output.close(); });
});
}
This hello world loads the Numpy library, no special modifications were required to allow the Numpy C modules to work on OSv. The final VM image is tiny, just 25.7MB.
The Python script above is marked with @embed, which directs Pythia to inline it into the final compiled C++ module below.
The statically typed python-like-code above uses special syntax for interacting with CPython Objects, this is transpiled by Pythia into C++11.
Above is our port of CPython2.7 running a basic hello world on OSv. This is a work in progress, we plan to strip down Python and remove things that are not portable to OSv (like the multiprocessing module), and then optimize for OSv using the low level kernel API. We have another simpler hello world, here, that directly uses the Python CAPI.
Pythia is our custom transpiler and frontend to OSv. It allows you to mix normal Python scripts and statically typed Python code that is transpiled to C++11. Your python script is embedded into the C++ module, and not loaded from the VM file system. This further reduces the attack surface, and helps improve security. We are working to improve Pythia with even greater security, so that it can inject generated encryption keys into each image build, and provide you tools to verify that your cloud instances are only running the code you have deployed into your Zero-Trust network.
The official OSv apps repo on github is missing Python, how could nobody working on a Python port! In 2013 OSv launched with lots of momentum, but this year things have slowed down. We expect this is partly due to bad policy by Cloudius-Systems, not accepting pull requests, and patches are becoming lost and not merged into the main repo!
Development of OSv had a good start, the first two years of development were very active, and driven by Avi Kivity (CTO of Cloudius) contributing about 100,000 lines of new code.
Then in 2015 Nadav Har'El, takes over development of OSv, and it hits a brick wall, with only 2,000 lines of new code, what the hell happened?
Zvi Avraham at this years Erlang user conference talks about OSv security and how unikernels have a very small attack surface (jump to 14min). At 20minutes in, Avraham says "containers are not a secure solution". Container solutions like Docker are not secure when compared to unikernel systems like OSv.
At 30minutes in, Avraham talks about the interesting details of the work in progress on porting Erlang/OPT to OSv. Erlang is highly dependent on OS fork and multiple processes, making it especially difficult to port to OSv.
At the end of the presentation (jump to 30min), Avi Kivity talks about security and compares it to Docker. OSv and the hypervisor it runs within have a very small attack surface compared to Docker. The attack surface of Docker is huge by comparison, because it includes the entire general purpose OS, Linux. Once a hacker, or malicious sys-admin insider, has penetrated a network, Linux provides them many hiding places they can implant their malicious code: kernel modules, inserting scripts into cron jobs, or hack bash login config files like ~/.bashrc, etc... It takes significant time and expertise to maintain a secure Linux cluster. With OSv this is simply not an issue, because the developer hard-codes everything that goes into the VM image, tests the image locally, and can then easily deploy it directly to the network cluster. Most of the security management is then moved to the hypervisor level, which requires fewer system administrators, and less people with privileged access.
Glauber Costa (lead developer at Cloudius-Systems). OSv has smaller attack-surface size than linux.
Security enhanced micro kernel seL4. seL4 is incomplete and only secures the kernel layer. OSv lets you package safe containers for your apps. "If I run seL4, is my system secure? Not automatically, no. Security is a question that spans the whole system, including its human parts. An OS kernel, verified or not, does not automatically make a system secure. In fact, any system, no matter how secure, can be used in insecure ways. "
OSv is a library-operating-system, and allows you to custom code your Zero-Trust network policies directly into each VM instance, there are no runtime configuration files to worry about, security policies can be compiled into the kernel.
In the USENIX presentation above, Nadav Har’El talks about the performance advantages of OSv, but completely forgets to mention the security advantages that OSv offers. Performance optimizations can quickly become a distraction. The most important issue is security, and OSv fits particularly well into the zero-trust internal network model. OSv allows programmer to package their applications into VM images that can be easily deployed to the cloud. With OSv there is less reliance on system administrators to manage the security of the cloud deployment, and therefore less people that need privileged trusted access within the network.
Kivity and Costa give a great overview of OSv, its superior performance and security at LinuxCon2013. They explain how system administration is greatly simplified by using VM image containers. OSv potentially provides the most secure system platform, by allowing developers to better integrate with a zero-trust internal network, and depend less on system administrators for security. (skip ahead to 27minutes to see the part on security)