Aurae is on a mission to be the most loved and effective way of managing workloads on a single piece of hardware. My hope is that by bringing a better set of controls to a node, I can unlock brilliant higher order distributed systems in the future.

Aurae takes ownership of all runtime processes on a single piece of hardware like systemd, and provides mTLS encrypted gRPC APIs (Aurae Standard Library) to manage the processes. Aurae has a new style of isolation called "Aurae Cells" that manage cgroups and namespaces directly from pid1. With Aurae Cells the project offers a way to slice up a system using various isolation strategies for enterprise workloads including MicroVMs.

Learn about 3 specific parts of the project and how they influenced the decision to move to Rust.

1. Managing cgroups (v1/v2) directly with Rust, and how kata containers and systemd influenced the container runtime module.
2. mTLS encrypted gRPC with tonic and rustls. Learn why I have given up on OpenSSL and where rustls is working well and not so well for us.
3. Serving ephemeral short lived microVMs with Aurae, and how we "spawn" a new host and kernel into a microVM that shares properties with the parent instance of Aurae.

I talk about my journey to Rust from Go and why I believe it is necessary to reimagine parts of Kubernetes in Rust.