-
Notifications
You must be signed in to change notification settings - Fork 91
Build a custom Firecracker ready image with docker
Dmitrii Ustiugov edited this page Jun 19, 2020
·
1 revision
Complete instructions by Firecracker
In host:
dd if=/dev/zero of=rootfs.ext4 bs=1M count=300
mkfs.ext4 rootfs.ext4
mkdir /tmp/my-rootfs
sudo mount rootfs.ext4 /tmp/my-rootfs
docker run -it --rm -v /tmp/my-rootfs:/my-rootfs alpine
In guest:
apk add openrc
apk add util-linux
# Set up a login terminal on the serial console (ttyS0):
ln -s agetty /etc/init.d/agetty.ttyS0
echo ttyS0 > /etc/securetty
rc-update add agetty.ttyS0 default
# Make sure special file systems are mounted on boot:
rc-update add devfs boot
rc-update add procfs boot
rc-update add sysfs boot
# Set up root password
echo "root:root" | chpasswd
# Set up DNS
echo "nameserver 8.8.8.8" >> /etc/resolv.conf
# Then, copy the newly configured system to the rootfs image:
for d in bin etc lib root sbin usr; do tar c "/$d" | tar x -C /my-rootfs; done
for dir in dev proc run sys var; do mkdir /my-rootfs/${dir}; done
# All done, exit docker shell
exit
In host again:
sudo umount /tmp/my-rootfs
Complete instructions by Firecracker
In host:
sudo ip tuntap add tap0 mode tap
sudo ip addr add 172.16.0.1/24 dev tap0
sudo ip link set tap0 up
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
In guest:
ip addr add 172.16.0.2/24 dev eth0
ip link set eth0 up
ip route add default via 172.16.0.1 dev eth0
# You can see an error when starting the networking service but that is normal
rc-service networking start
Method that works: base ubuntu
Method to try to get a smaller image: start from weaveworks/ignite-ubuntu, see link ignite (not sure if it will provide a smaller image though)