Toggle Menu

<-- Back to schedule

CloudABI: Cloud computing meets fine-grained capabilities

Project: CloudABI

CloudABI is a new runtime environment that attempts to make it easier to use UNIX-like operating systems at the core of a cloud/cluster computing platform.

Instead of using full machine virtualization (Xen, bhyve, KVM) or techniques that attempt to virtualize namespaces (FreeBSD Jails, Linux cgroups), CloudABI makes it possible to safely run user-provided executables directly on top of a UNIX kernel. The entire setup has very low CPU/memory overhead, but there's also no need for any complex configuration.

Compared to other UNIX ABIs (Linux, FreeBSD, etc), CloudABI is relatively compact. The number of system calls is low (~60) and all data types and structures have been decoupled from the public C runtime environment, meaning that it is relatively straight-forward to add support for CloudABI to other operating systems. Implementations for FreeBSD, Linux and NetBSD already exist. This allows users of such computing platforms to run the same executables without targeting a specific operating system. There is no need to recompile.

CloudABI uses Clang as its C/C++ compiler. It ships with a modern C library that is specifically designed to work in a capabilities-centric environment. The C library is almost entirely thread-safe and has high testing coverage. CloudABI attempts to abstract away traditional UNIX concepts that are not applicable to pure cloud/cluster computing environments, such as UNIX process credentials management (local users and groups), file system access control management and terminal interaction.

In this presentation I will discuss several design aspects of CloudABI and how it can be used to make UNIX software more reliable, more secure and easier to test and deploy.

Ed Schouten

Ed Schouten started contributing to FreeBSD back in 2005, when he helped porting FreeBSD to the Microsoft Xbox. After re-implementing the TTY layer (that's part of FreeBSD 8 and later), he worked on various other projects that eventually made their way into FreeBSD. Ed was the author of FreeBSD's "ClangBSD" branch, aimed at importing Clang into FreeBSD's base system. Later on he developed an initial prototype of a new console driver that's now imported into the system, called vt(4).

Last year, Ed started his own IT company called Nuxi, based in the Netherlands. He is currently working on developing new infrastructure aimed at making cluster/cloud computing easier, more robust and more secure.


Geelong 2016

Our Emperor Penguin Sponsors

Geelong

About Geelong

Geelong is Victoria's second largest city, located on Corio Bay, and within a short drive from popular beach-front communities on the Bellarine Peninsula as well as being the gateway to the famous Great Ocean Road

More Info »

linux.conf.au

linux.conf.au

linux.conf.au is widely regarded by delegates as one of the best community run Linux conferences worldwide and is the largest Linux and Open Source Software conference in the Asia-Pacific.

Read More »

Sponsorship

Sponsorship

Our Sponsors help make linux.conf.au become the awesome conference everyone comes back to year after year. Come see who's on board this year, or find out how to get in contact with us

Sponsorship »