package albatross

  1. Overview
  2. Docs
Albatross - orchestrate and manage MirageOS unikernels with Solo5

Install 

dune-project
 Dependency

github.com Readme Changelog ISC License Edit opam file Versions (11)

Authors

  1. H
    Hannes Mehnert <hannes@mehnert.org>

Maintainers

  1. H
    Hannes Mehnert <hannes@mehnert.org>

Sources

albatross-1.4.3.tbz
sha256=fd235fedabdbc7b7523bfc3afab2b878dd862314b52fcc80604076a2cff9eb2b
sha512=86939f0e444f49ed52398efeef8d5382a66b8529d084c22b83cd5c2bc860b2df0d9827093f96ed9bde4d586694dd758d9fb0e6800aedcd761f244c55a6a549f3

doc/albatross/Vmm_resources/index.html

Module Vmm_resourcesSource

A tree data structure including policies and dynamic usage.

Considering delegation of resources to someone, and further delegation to others - using a process which is not controlled by the authority - requires runtime tracking of these delegations and the actual usage:

If Alice may create 2 virtual machines, and she delegates the same capability further to both Bob and Charlie, the authority must still enforce that Alice, Bob, and Charlie are able to run 2 virtual machines in total, rather than 2 each.

Sourcetype t = private {
  1. policies : Vmm_core.Policy.t Vmm_trie.t;
  2. block_devices : (int * bool) Vmm_trie.t;
  3. unikernels : Vmm_core.Unikernel.t Vmm_trie.t;
}

The type of the resource tree.

Sourceval empty : t

empty is the empty tree.

Sourceval find_vm : t -> Vmm_core.Name.t -> Vmm_core.Unikernel.t option

find_vm t id is either Some vm or None.

Sourceval find_policy : t -> Vmm_core.Name.t -> Vmm_core.Policy.t option

find_policy t Name.t is either Some policy or None.

Sourceval find_block : t -> Vmm_core.Name.t -> (int * bool) option

find_block t Name.t is either Some (size, active) or None.

Sourceval check_vm : t -> Vmm_core.Name.t -> Vmm_core.Unikernel.config -> (unit, [> `Msg of string ]) result

check_vm t Name.t vm checks whether vm under Name.t in t would be allowed under the current policies.

insert_vm t Name.t vm inserts vm under Name.t in t, and returns the new t. The caller has to ensure (using check_vm) that a VM with the same name does not yet exist, and the block device is not in use.

  • raises Invalid_argument

    if block device is already in use, or VM already exists.

Sourceval insert_policy : t -> Vmm_core.Name.t -> Vmm_core.Policy.t -> (t, [> `Msg of string ]) result

insert_policy t Name.t policy inserts policy under Name.t in t, and returns the new t or an error.

Sourceval check_block : t -> Vmm_core.Name.t -> int -> (unit, [> `Msg of string ]) result

check_block t Name.t size checks whether size under Name.t in t would be allowed under the current policies.

Sourceval insert_block : t -> Vmm_core.Name.t -> int -> (t, [> `Msg of string ]) result

insert_block t Name.t size inserts size under Name.t in t, and returns the new t or an error.

Sourceval remove_vm : t -> Vmm_core.Name.t -> (t, [> `Msg of string ]) result

remove_vm t Name.t removes vm Name.t from t.

Sourceval remove_policy : t -> Vmm_core.Name.t -> (t, [> `Msg of string ]) result

remove_policy t Name.t removes policy Name.t from t.

Sourceval remove_block : t -> Vmm_core.Name.t -> (t, [> `Msg of string ]) result

remove_block t Name.t removes block Name.t from t.

Sourceval pp : t Fmt.t

pp is a pretty printer for t.