December 7, 2016 by Ed Schouten
About two months ago we published an article on this blog to announce the availability of CloudABI for ARMv6. As you may recall, we mentioned that although CloudABI’s C library and runtime had been ported to ARMv6 successfully, we were still blocked on some features that didn’t make it into the 3.9 release of LLD, such as support for thread-local storage.
We’re happy to report that the latest development version of LLD now has these missing features implemented, meaning that it can now be used to create usable CloudABI programs for ARMv6.
In today’s article, let’s briefly take a look at how CloudABI for ARMv6 works in practice, by building a sandboxed web server written in C and running it on ARMv6 hardware.
The first step towards building our sandboxed web server is to install our CloudABI development tools. In my case I want to build our web server on my Macbook, so let’s go ahead and install a cross compiler for CloudABI and a copy of CloudABI’s C library for ARMv6, using Homebrew:
$ brew tap nuxinl/cloudabi $ brew install --HEAD cloudabi-toolchain $ brew install armv6-unknown-cloudabi-eabihf-cxx-runtime
As you can see, we’re passing in the
--HEAD flag to
brew install, so
that Homebrew doesn’t install the latest official release (based on LLVM
3.9), but the development version (based on LLVM SVN trunk). Once that’s
done, we’re all good to go:
$ armv6-unknown-cloudabi-eabihf-cc clang-4.0: error: no input files
Often when I give demos on how CloudABI works, I make use of a very simple web server that I wrote myself. It’s a rather primitive tool, as it can only serve a fixed HTTP response, but that also makes it easy to understand. Let’s go ahead and build it!
$ wget https://nuxi.nl/blog/assets/cloudabi-webserver.c $ armv6-unknown-cloudabi-eabihf-cc -O2 \ -o cloudabi-webserver cloudabi-webserver.c $ ls -l cloudabi-webserver -rwxr-xr-x 1 ed staff 242736 Dec 7 17:09 cloudabi-webserver
A system that I typically use to develop and test CloudABI software for ARMv6 is my Raspberry Pi 2. In my case it’s running FreeBSD 12.0-CURRENT, though recent versions of FreeBSD 11.0-STABLE also provide CloudABI support for ARMv6 out of the box. Let’s go ahead and set up the system to be able to run CloudABI software:
$ kldload cloudabi32 $ pkg install cloudabi-utils
We can now use the
cloudabi-run utility to start our sandboxed web
server. This utility parses a YAML file that lists the resources on
which our web server depends, ensuring that only those resources are
exposed to the program.
In our case the YAML file specifies that the process is allowed to access a TCP socket bound to port 12345 and write log entries to stdout. The YAML file is also used to declare the HTML code that needs to be served back to the browser.
In a way it acts as a mixture between a configuration file and a security policy. There is no need to write both of these separately.
$ scp macbook:cloudabi-webserver . $ cat cloudabi-webserver.yaml %TAG ! tag:nuxi.nl,2015:cloudabi/ --- socket: !socket bind: 0.0.0.0:12345 logfile: !fd stdout message: | <h1>Hello, world!</h1> <p>It looks like our sandboxed web server works!</p> $ cloudabi-run cloudabi-webserver < cloudabi-webserver.yaml
And voila! As soon as we run the web server using
cloudabi-run, we can
visit it over the network!
The idea behind this article is to show you how easy it is to use CloudABI to build a simple sandboxed application and run it. We hope it also shows you that it’s really easy to build applications for different types of hardware architectures, regardless of the operating system or hardware architecture your development system has.
By making cross compiled libraries available as packages that can be directly installed using your operating system’s package manager (Homebrew in this example), cross compilation of software becomes trivial.