Running micro-services, implemented in Ocaml

Hello there. Yaron advised to ask the broad audience.

Here is my question: anyone executed Ocaml under containers/process level virtualization?

I might assume that one of the potential vectors might be applicable, for implementing business intelligence software: that might be a bytecode/ocamlrun or that would be a compilation into native code (ocamlopt).

Native code would raises thoughts about performance considerations - and ocamlrun would be an option if you want to separate something cause of programming languages aspects/libs/frameworks. So you can transpose specific approaches of Ocaml syntax against specific BI code, to make specific combinations effective where required (and avoid build errors, as well).

Ivan

I don’t entirely understand your question, but a couple of potentially useful pointers:

• MirageOS (https://mirage.io) is a unikernel framework written in OCaml that can compile OCaml code to bare-metal and hypervisor-level kernel that are independent of an operating system.
• Docker itself uses a ton of OCaml in the Mac and Windows ports: https://speakerdeck.com/avsm/the-functional-innards-of-docker-for-mac-and-windows

So the answer to “has anyone executed Ocaml under containers/process level virtualization” is “yes”

Unfortunately you are proposing a solution (MirageOS and the ecosystem), which does not fit my needs (and the needs of other DevOpss).

I was considering to take some bare metal servers and run Kubernetes, for executing Ocaml apps under a process isolation. Most of that stuff would consider rather concentrating on decoupled micro-services.

https://github.com/ocaml/infrastructure/wiki/Containers - this smells like that is sort of ocamlrun related execution option (so that is an ocamlrun, executing in a container). Now what is lacking - is another option, where I would compile an ordinary native app (via ocamlopt) and deploy those.

Hence that I am not seeking to follow cloud-native concepts - I just want to use advantages of one approach and another approach, by choosing a proper one. Maybe there would a production environment, allowing both cases - but no there would be two groups of physical servers involved.

Ivan

Hi Ivan, you want to deploy a native binary OCaml microservice in a Docker container, right? Please see here: https://medium.com/@bobbypriambodo/lightweight-ocaml-docker-images-with-multi-stage-builds-f7a060c7fce4

I don’t run my OCaml services in docker, but I do run them in a very constrained bubblewrap container.

First, it’s relatively easy to statically compile OCaml binaries in a docker container to reduce their dependencies on the guest:

Create a Dockerfile:

FROM ocaml/opam2:alpine-3.8-ocaml-4.07

RUN git pull && opam update && opam switch create 4.07.1+flambda && \
    eval $(opam env) && \
    opam depext --install cmdliner cohttp-lwt-unix conf-libev containers

The build commands will then be:

docker build -t my-ocaml-container .
docker run --volume=$PWD:/build/ -it my-ocaml-container make -C /build/ static

Add -ccopt -static to your build commands, for example using dune:

(env (release-static (flags (:standard -ccopt -static))))

And invoke it like this: dune build --profile release-static main.exe

You can drop the statically compiled binary on basically any Linux host, even without access to /usr, /bin etc. In my case:

bwrap
    --tmpfs / \
    --ro-bind /app/ /app/ \
    --bind /app/log/ /app/log/ \
    --dev /dev \
    --tmpfs /tmp/ \
    --ro-bind /etc/resolv.conf /etc/resolv.conf \
    --ro-bind /etc/localtime /etc/localtime \
    --remount-ro / \
    --new-session \
    --unshare-all --share-net \
    {cmd}

More infos:

• https://github.com/ocaml/infrastructure/wiki/Containers
• http://rgrinberg.com/posts/static-binaries-tutorial/

Hello,Yawar.

Yes, at the the second predicted approach. Thanks for your tips - will check later.

Ivan

Hello, Fabian.

Yes, that would look similar to a predicted pipeline.

Ivan