Hello there. Yaron advised to ask the broad audience.
Here is my question: anyone executed Ocaml under containers/process level virtualization?
I might assume that one of the potential vectors might be applicable, for implementing business intelligence software: that might be a bytecode/ocamlrun or that would be a compilation into native code (ocamlopt).
Native code would raises thoughts about performance considerations - and ocamlrun would be an option if you want to separate something cause of programming languages aspects/libs/frameworks. So you can transpose specific approaches of Ocaml syntax against specific BI code, to make specific combinations effective where required (and avoid build errors, as well).
I don’t entirely understand your question, but a couple of potentially useful pointers:
So the answer to “has anyone executed Ocaml under containers/process level virtualization” is “yes”
Unfortunately you are proposing a solution (MirageOS and the ecosystem), which does not fit my needs (and the needs of other DevOpss).
I was considering to take some bare metal servers and run Kubernetes, for executing Ocaml apps under a process isolation. Most of that stuff would consider rather concentrating on decoupled micro-services.
https://github.com/ocaml/infrastructure/wiki/Containers - this smells like that is sort of ocamlrun related execution option (so that is an ocamlrun, executing in a container). Now what is lacking - is another option, where I would compile an ordinary native app (via ocamlopt) and deploy those.
Hence that I am not seeking to follow cloud-native concepts - I just want to use advantages of one approach and another approach, by choosing a proper one. Maybe there would a production environment, allowing both cases - but no there would be two groups of physical servers involved.
Hi Ivan, you want to deploy a native binary OCaml microservice in a Docker container, right? Please see here: https://medium.com/@bobbypriambodo/lightweight-ocaml-docker-images-with-multi-stage-builds-f7a060c7fce4
I don’t run my OCaml services in docker, but I do run them in a very constrained bubblewrap container.
First, it’s relatively easy to statically compile OCaml binaries in a docker container to reduce their dependencies on the guest:
Create a Dockerfile:
RUN git pull && opam update && opam switch create 4.07.1+flambda && \
eval $(opam env) && \
opam depext --install cmdliner cohttp-lwt-unix conf-libev containers
The build commands will then be:
docker build -t my-ocaml-container .
docker run --volume=$PWD:/build/ -it my-ocaml-container make -C /build/ static
-ccopt -static to your build commands, for example using dune:
(env (release-static (flags (:standard -ccopt -static))))
And invoke it like this:
dune build --profile release-static main.exe
You can drop the statically compiled binary on basically any Linux host, even without access to
/bin etc. In my case:
--tmpfs / \
--ro-bind /app/ /app/ \
--bind /app/log/ /app/log/ \
--dev /dev \
--tmpfs /tmp/ \
--ro-bind /etc/resolv.conf /etc/resolv.conf \
--ro-bind /etc/localtime /etc/localtime \
--remount-ro / \
--unshare-all --share-net \
Yes, at the the second predicted approach. Thanks for your tips - will check later.
Yes, that would look similar to a predicted pipeline.