The MirageOS retreat 2024
My involvement and experience of the MirageOS retreat 2024
Redeveloping TCP from the ground up
Core Internet protocols require operational experiments, even if formally specified
Deploying reproducible unikernels with albatross
fleet management for MirageOS unikernels using a mutually authenticated TLS handshake
Mirroring the opam repository and all tarballs
Re-developing an opam cache from scratch, as a MirageOS unikernel
All your metrics belong to influx
How to monitor your MirageOS unikernel with albatross and monitoring-experiments
Deploying binary MirageOS unikernels
Finally, we provide reproducible binary MirageOS unikernels together with packages to reproduce them and setup your own builder
Cryptography updates in OCaml and MirageOS
Elliptic curves (ECDSA/ECDH) are supported in a maintainable and secure way.
The road ahead for MirageOS in 2021
Home office, MirageOS unikernels, 2020 recap, 2021 tbd
Traceroute
A MirageOS unikernel which traces the path between itself and a remote host.
Deploying authoritative OCaml-DNS servers as MirageOS unikernels
A tutorial how to deploy authoritative name servers, let's encrypt, and updating entries from unix services.
Reproducible MirageOS unikernel builds
MirageOS unikernels are reproducible :)
X509 0.7
Five years since ocaml-x509 initial release, it has been reworked and used more widely
Summer 2019
Bringing MirageOS into production, take IV monitoring, CalDAV, DNS
The Bitcoin Piñata - no candy for you
More than three years ago we launched our Bitcoin Piñata as a transparent security bait. It is still up and running!
My 2018 contains robur and starts with re-engineering DNS
New year brings new possibilities and a new environment. I've been working on the most Widely deployed key-value store, the domain name system. Primary and secondary name services are available, including dynamic updates, notify, and tsig authentication.
Albatross - provisioning, deploying, managing, and monitoring virtual machines
all we need is X.509
Conex, establish trust in community repositories
Conex is a library to verify and attest package release integrity and authenticity through the use of cryptographic signatures.
Who maintains package X?
We describe why manual gathering of metadata is out of date, and version control systems are awesome.
Jackline, a secure terminal-based XMPP client
implement it once to know you can do it. implement it a second time and you get readable code. implementing it a third time from scratch may lead to useful libraries.
Exfiltrating log data using syslog
sometimes preservation of data is useful
Re-engineering ARP
If you want it as you like, you've to do it yourself
Minimising the virtual machine monitor
MirageOS solo5 multiboot native on bhyve
Counting Bytes
looking into dependencies and their sizes
Configuration DSL step-by-step
how to actually configure the system
Catch the bug, walking through the stack
10BTC could've been yours
Fitting the things together
building a simple website
Why OCaml
a gentle introduction into OCaml
Operating systems
Operating systems and MirageOS