Skip to content

Tools for running rump unikernels in userspace

License

Notifications You must be signed in to change notification settings

thehajime/frankenlibc

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Frankenlibc

Frankenlibc is a build tool to build applications with userspace rump kernels based unikernels, as well as for some bare metal platforms.

Buildbot for various platforms at build.myriabit.eu:8014/waterfall.

Build Status

build with "make", or with "./build.sh" for additional options.

Frankenlibc provides a small libc that is enough to let the fiber-based librumpuser library run natively on your platform without any system libraries. It combines this library, the rump kernel, and NetBSD's libc into a single libc that you can just use to link against applications to make them run against a rump kernel rather than the host.

Currently there are three userspace implementations included, NetBSD, Linux and FreeBSD, and one very basic baremetal implementation, qemu-arm, plus a work in progress spike target for the riscv simulator. The currently supported and tested architecture/OS combinations are: Linux x86_64, i386, arm, powerpc64, mips, NetBSD x86_64, i386, arm, FreeBSD x86_64, i386. There is work in progress support for powerpc, aarch64 and riscv64. Both arm and mips work with hard and soft float. Powerpc64 supports the v1 ELF ABI only at present, arm is EABI only, and mips is o32 ABI only. Additional implementations and architectures will be added soon.

There is also an option to build a deterministic version with no random numbers and a fake clock, so runs are completely repeatable.

There is a wrapper called rexec ("rump exec") that can pass in files, block devices and tap devices as network devices, and will also run the program in a seccomp sandbox on Linux or under Capsicum on FreeBSD. These are pretty aggressive, eg open cannot be called, but you may want to add further sandboxing in addition. The wrapper will also drop any root privileges and capabilities.

A compiler wrapper is generated in rump/bin to compile your own programs, which works out the best method to wrap the compiler. Essentially you just need to use the include files, libc and other libraries and crt files in the rump/ output directory. For gcc a spec file is used, while many clang installations can use a sysroot, although eg NetBSD's linker does not support sysroot. For most systems a line like the following will work if you do not use the wrapper:

gcc -nostdinc -Irump/include -Lrump/lib -Brump/lib -o rumpobj/tests/hello -static tests/hello.c

A number of NetBSD system tools are built as part of the build, named with the rump. prefix eg rump.ls, rump.ifconfig, rump.newfs, rump.tar to allow simple tests and file system manipulation.

A docker repository with the tools built for linux is available at Docker hub or with

docker pull justincormack/frankenlibc
docker run -e RUMP_VERBOSE=1 justincormack/frankenlibc rexec rump.helloworld

Some more experimental docker repositories with application builds are also available at the same location, with builds of Nginx, Nginx with Lua.

About

Tools for running rump unikernels in userspace

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 86.1%
  • Objective-C 4.0%
  • Assembly 3.6%
  • Roff 3.4%
  • C++ 1.5%
  • Makefile 0.7%
  • Other 0.7%