12:23 <hannes> echelon: for me, the goal of MirageOS is different: to provide robust, secure, low-resource-usage (reduced carbon footprint) services that can be reasoned about / formally verified

16:06 <echelon> that's nice to have for me as well, but im wondering what the app/system layer would look like on a *bsd system

16:06 <echelon> would I still need to run a full linux system in vmm to host the unikernel?

16:07 <echelon> assuming im on openbsd

16:07 <hannes> uhm no

16:09 <hannes> on top of bhyve/vmm, there's solo5 (https://github.com/solo5/solo5 - which provides a host system process solo5-hvt [i.e. tender / qemu replacement]), on the guest side you've solo5-bindings-hvt (same repo as above, providing a think layer), and then the ocaml runtime, and then ocaml code :)

16:09 <hannes> no posix / linux / unix in the stack on the guest side

16:10 <echelon> so I would install docker natively on openbsd, and then have docker use the unikernel? or would docker need to run within the vm?

16:10 <hannes> not sure how docker comes into play, as said yesterday

16:13 <echelon> assuming I have containers that I want to run using mirage as the base kernel

16:14 <hannes> MirageOS does not provide a Unix/POSIX API -> no containers to be run "on top of MirageOS"

16:14 <echelon> im confused because the demo of mirage I've seen at this meetup was almost entirely done with docker containers

16:15 <echelon> ok

16:17 <hannes> sorry, I don't know which meetup you're talking about

16:17 <hannes> maybe reach out to the speaker to get some more details / technical background :)

16:18 <echelon> so im guessing then docker itself would need to run on a linux vm on top of *bsd, and then you would have the unikernel layer on top of docker

16:18 <echelon> yeah, it was 2 or 3 yrs ago in nyc

16:19 <hannes> maybe. i'm not sure why you'd want a "unikernel layer on top of docker", instead of having unikernels directly on the bsd hypervisor..

16:19 <echelon> well, if that works, even better

16:20 <hannes> it works, maybe https://github.com/Solo5/solo5/blob/master/docs/architecture.md helps to understand it better

16:22 <hannes> this is as well pretty informative https://mirageos.org/wiki/technical-background

16:24 <echelon> thanks

17:49 <dinosaure> echelon: then, it possible to run an unikernel inside a docker container, however the container must have some privilege such as NET_ADMIN

17:49 <dinosaure> at least, it's better to use your unikernel on xen or kvm

17:51 <smondet> echelon: I think I was at that meetup :) The docker containers were used for building, testing, and deploying the unikernels, but the final product was not running inside docker

18:19 <echelon> smondet: this one? https://youtu.be/zliiEBzhX9M

18:20 <echelon> i tired rewatching it, but his screen that was projected doesn't show up in the video

20:52 <smondet> echelon: hmm, I've seen Amir present mirage once, but the one I had in mind was at Jane St's old office, it was Anil or Thomas... hard to remember right though :)