38 lines
2.4 KiB
Plaintext
38 lines
2.4 KiB
Plaintext
|
---
|
||
|
title: Tiny Imaginary Computers
|
||
|
author: Reynir Björnsson
|
||
|
---
|
||
|
|
||
|
This website is running as a *Mirage unikernel*.
|
||
|
A traditional application is one or more programs that run in an operating system on a computer alongside other programs.
|
||
|
A *unikernel* is a program that is also an operating system.
|
||
|
That sounds boring -- an operating system where only one program ever runs?!
|
||
|
And that is correct, this is often not what you want.
|
||
|
Luckily, modern machines have the capability to run many *virtual machines*.
|
||
|
This provides some benefits:
|
||
|
|
||
|
- A virtual machine is well isolated from other virtual machines.
|
||
|
You don't have to worry about one application messing with the files of another,
|
||
|
or a malicious application sending the private bits from another application somewhere where it doesn't belong.
|
||
|
|
||
|
- You know what your application needs from the operating system, so you can leave out the things that are not needed.
|
||
|
This simplifies things, makes the operating system much smaller.
|
||
|
Furthermore, it's a big security benefit - every bit of code is a potential security issue.
|
||
|
Only a few years ago it was a huge problem for many people because their virtual machine had a vulnerability in the virtual floppy drive!
|
||
|
|
||
|
- The program is self-contained.
|
||
|
All that it needs is packaged up in the unikernel.
|
||
|
In traditional software you often have a number of dependencies that you need on your computer in order to run the application, and they all need to have a compatible version.
|
||
|
|
||
|
This website is using a *library* called [Canopy](https://github.com/Engil/Canopy) that a guy I met in Morocco and later Leipzig wrote.
|
||
|
The first thing it does when it starts is to fetch files that are under *version control*.
|
||
|
This means the files have a log of what was done, and every change is tracked.
|
||
|
You can go back in time if you regret a change!
|
||
|
I made the files public on a website hosted by my friends [data.coop](https://data.coop/).
|
||
|
Whenever I push new changes there Canopy makes sure to get the latest updates.
|
||
|
You are welcome to take a look at the history: [https://git.data.coop/reynir/frontloberne](https://git.data.coop/reynir/frontloberne)
|
||
|
Canopy knows how to make the simple text files look pretty in your web browser.
|
||
|
|
||
|
On the same machine I run another Canopy instance which serves a technical blog at [blog.mirage.reyn.ir](https://blog.mirage.reyn.ir/).
|
||
|
At the moment I'm only running a few other things, but I could easily run 100s of instances.
|