monocore is the engine behind the monocore platform, providing a robust foundation for running AI workloads in isolated microVMs. It handles everything from VM lifecycle management to OCI image distribution, making it easy to deploy and orchestrate code sandboxes securely.
[!WARNING] This project is in early development and is not yet ready for production use.
Table of Contents
Overview
Monocore provides:
- 🔒 Secure isolation through microVMs
- 🏃 Efficient container-like experience
- 📦 OCI-compatible image management
- 🎯 Simple service orchestration
Getting Started
Installation
Prerequisites:
- Rust toolchain (1.75+)
- Linux OS / macOS
- libkrun (installed automatically)
Build and Install:
# Clone the repository
# Build and install (installs to /usr/local/bin)
&&
Basic Usage
- Create a configuration file:
# monocore.toml
[[]]
= "counter"
= "alpine:latest"
= 512
= "main"
= "/usr/bin/count"
[[]]
= "date-service"
= "alpine:latest"
= 256
= "main"
= "/bin/date"
- Manage your services:
# Pull required images
# Start services
# View status
# Stop services
# Remove services
- Run in server mode:
# Start the REST API server (default port: 3456)
# Or use the default port
For more CLI options:
REST API
When running in server mode, monocore provides a REST API for managing services:
| Endpoint | Method | Description |
|---|---|---|
/up |
POST | Start services defined in config |
/down |
POST | Stop running services |
/status |
GET | Get status of all services |
/remove |
POST | Remove service files |
Example API usage:
# Start services
# Get service status
# Stop services in a group
# Remove services
Features
Secure Isolation
- Isolated microVM environments for each service
- Resource constraints and limits enforcement
- Network isolation between service groups
Efficient Runtime
- Fast microVM provisioning and startup
- Minimal resource overhead
- Optimized layer caching and sharing
OCI Integration
- Pull images from any OCI-compliant registry
- Smart layer management and deduplication
- Local image caching for faster startups
Service Orchestration
- Dependency-aware service scheduling
- Health monitoring and automatic recovery
- Log rotation with configurable retention
Architecture
Directory Structure
Monocore maintains its state in ~/.monocore:
graph TD
monocore_root[~/.monocore] --> monoimage[monoimage/]
monoimage --> monoimage_repo[repo/]
monoimage_repo --> monoimage_cid["[repo-name]__[tag].cid"]
monoimage --> monoimage_layer[layer/]
monocore_root --> oci[oci/]
oci --> oci_repo[repo/]
oci_repo --> oci_tag["[repo-name]__[tag]/"]
oci_tag --> oci_config[config.json]
oci_tag --> oci_manifest[manifest.json]
oci_tag --> oci_index[index.json]
oci --> oci_layer[layer/]
oci_layer --> oci_layer_hash["[hash]"]
monocore_root --> rootfs[rootfs/]
rootfs --> rootfs_service[service/]
rootfs_service --> rootfs_service_rootfs["[service-name]/"]
rootfs --> rootfs_ref[reference/]
rootfs_ref --> rootfs_ref_repo["[repo-name]__[tag]/"]
rootfs_ref_repo --> rootfs_ref_repo_merged[merged/]
monocore_root --> service[service/]
service --> service_info["[service-name]/"]
service_info --> service_json[service.json]
service_info --> group_json[group.json]
monocore_root --> run[run/]
run --> run_service["[service-name]__[pid].json"]
monocore_root --> log[log/]
log --> log_stderr["[service-name].stderr.log"]
log --> log_stdout["[service-name].stdout.log"]
API Examples
Basic MicroVM:
use MicroVm;
async
Service Orchestration:
use ;
async
Development
Running Examples
# Basic MicroVM Examples
# Networking Examples
# OCI Image Examples
# Orchestration Examples
Development Tips
- Use
RUST_BACKTRACE=1for detailed error traces - On macOS, examples are automatically signed with entitlements
- The build directory (
~/.monocore) contains logs and service state - Check service logs in
~/.monocore/log/for debugging
License
This project is licensed under the Apache License 2.0.