I'm really sold on the idea: Instead of a full-blown OS, you compile your application with a thin layer of support libraries that provide the OS features that your application needs (network, I/O) and that talks to a hypervisor.<p>I mean, if your application runs in a virtualized environment, there's little need to SSH into the system in the first place (except for debugging purposes). Thus, why bother with a full-blown operating system? In the virtualized case, the true OS logic is in the host OS anyway, talking to the hardware. Cutting out all those superfluous layers in the app VM makes it small, start quickly, and gives less attack surface. Sounds like a win-win to me.<p>In contrast, FreeBSD on Firecracker is a full-blown OS, but boots in 25 milliseconds on the Firecracker hypervisor.
What is the benefit over using containers, as in Docker? Whether you use a container runtime or an actual hypervisor comes down to pretty much the same thing, operationally. Both keep your self-contained services alive and distributed. From the application perspective, a container also contains only those parts of an OS the app actually needs, and defers everything else to the host. The only caveat about MirageOS seems to be that your applications need to be written in OCaml, which is a neat language and all, but certainly not mainstream…
Also with a bit living inside Docker.<p><a href="https://mirage.io/blog/2022-04-06.vpnkit" rel="nofollow noreferrer">https://mirage.io/blog/2022-04-06.vpnkit</a>
Another one is HalVM [0], for Haskell. Unfortunately it's not maintained anymore.<p>[0] <a href="https://github.com/GaloisInc/HaLVM">https://github.com/GaloisInc/HaLVM</a>
You can also have a few examples about unikernels here: <a href="https://builds.robur.coop/" rel="nofollow noreferrer">https://builds.robur.coop/</a>.
Is this (functionally) similar to CloudCaptain, ex-BoxFuse?<p><a href="https://cloudcaptain.sh/" rel="nofollow noreferrer">https://cloudcaptain.sh/</a>
Personal pet-peeve (from Requirements page):<p>> (…) They should build on any modern UNIX (or macOS) system with OCaml and OPAM installed. (…)<p>I just checked. MacOS Sonoma is STILL UNIX certified, and I get that wording “any modern UNIX” would not be clear this minor error annoys me.<p>s/or MacOS/including MacOS/
The rough Rust of this is <a href="https://github.com/hermit-os/hermit-rs">https://github.com/hermit-os/hermit-rs</a><p>Though last I looked it wasn't nearly as mature as MirageOS.