Documentation and guides

Weekly Meeting: 2015-04-23

23rd Apr 2015: Release of 2.4.0, Irmin updates, TLS and Jitsu


Attendees: Amir Chaudhry (chair), Thomas Gazagnaire, David Kaloper, Thomas Leonard, Jon Ludlum, Anil Madhavapeddy, Hannes Mehnert, Richard Mortier, Dave Scott, Magnus Skjegstad and Jeremy Yallop


Mirage 2.4.0 released

ThomasG released mirage.2.4.0, along with conduit.0.8.0, mirage-conduit.2.1.0, tcpip.2.4.0 and mirage-http.2.2.0. These releases improve the TLS support, fix ARP issues, make the mirage HTTP server signature only depend on V1.FLOW and fix some usability issues with the mirage command-line tool. 2.4.0 is an intermediate release to help unblock some of the interface changes required, but is not the 'supported' SSL release yet. We can prepare a release properly when DavidK finishes the entropy support

See the thread on the mailing list: "Release of Mirage 2.4.0"

Anil is planning to do a blog post on 2.4.0 and is cherry picking some things to unblock something else.

Irmin updates

Watch API - Is done but the tests are not done and they're not working. It's a matter of fixing the tests not bugs in this case.

CueKeeper is now using the new API. Sync support can sync between two branches but not sever sync. Next step is to achieve remote sync. Should be ok but cannot use git-format yet. Transcoding may be possible but not just yet. Cannot quite use git-format everywhere as there are other things we need to think about (zlib etc). Basically ocaml-git needs to work from JavaScript.

TLS status

Entropy - There's an issue that is tracking all the remaining pieces for Entropy support (mirleft/ocaml-nocrypto#55).

DavidK wrote up the current state of things on the issue and it's almost there. He just needs to finish the discussions with ThomasL about ARM support. Anil has been reviewing the code for nocrypto and it looks good. AsyncSSL is hard to use correctly - certificate validation was working only a month ago.

First user of the TLS (outside those who developed it) is There's not been a single crash or issue and it's not on a loop so if it did go down, we would know about it fairly quickly. We currently have an 'A' from the SSL tests but we'd really like to get an A+. It seems that may have more to do with browsers at this stage than anything to do with TLS.

In terms of releases, we first need ASN1 to go out and then nocrypto after it's been cleaned up, then some modifications to TLS to remove some deprecated code. At that point, we should have out of the box support for MirageOS!

There are also things that need to be fixed in xentropyd. DavidK will remove the entropy signature from nocrypto and at some point will also work on a Piñata summary post.

Quality and test

There are now bulk build results available at These is are lists of what works, is just broken and highlights where something may have changed. This is a very experimental script (it's a bit messy at the moment). We can make a MirageOS specific version which should be quicker to run — this one takes a day and a half to run.

We should also be keeping an eye on is-mirage-broken, as we need to keep that fixed. ThomasL is in town and is thinking of doing some UI and Irmin-based stuff which could be cool.

We're also looking at adding Scaleway's ARM cloud as a place to run tests and services. If people want access to ARM machines there we can likely arrange for that — however we don't want them to go unused. It would be neat to use them as build bots (i.e. doing the build in the cloud but deploying to Cubieboards). They're currently trying to get Xen booted (scaleway/kernel-tools#14). In the meantime, if anyone wants to try them out, they have a one month free trial.


Working on getting the release of Jitsu into the mirage-dev repo. ThomasG is working on TCP/IP code and may be able to merge that into main stack soon. Is also cleaning up the Jitsu code-base and adding ARP support too. Anil has an ancient patch but is not confident about merging it yet.

Magnus is also working on a blog post about Jitsu, which will hopefully be ready soon.

We want to get Jitsu running on one of our machines and Anil will set that up soon (without the synjitsu component for now). Once Dave has set up XenServer on the relevant machine and we'll take it from there.

Getting this up and running depends on the state of the Monk machine. We'll have to come back to this when it's ready.

3.0 planning

Only had a brief amount of time to discuss this but the feeling is tha quality and test will be key. We need to improve our workflows to have better processes such that things break less often. When things are reported as broken, we need to move to fix them.