Using Linuxkit Generated Iso In Docker

Posted on  by 

  • Using Linuxkit Generated Iso In Docker For Mac Linuxkit is a new project presented by Docker during the DockerCon 2017. If we look at the description of the project on: A secure, portable and lean operating system built for containers I am feeling already exited.
  • Once you have built the tool, use. Linuxkit build linuxkit.yml to build the example configuration. You can also specify different output formats, eg linuxkit build -format raw-bios linuxkit.yml to output a raw BIOS bootable disk image, or linuxkit build -format iso-efi linuxkit.yml to output an EFI bootable ISO image.

Linuxkit is a new project presented by Docker during the DockerCon 2017. If welook at the description of the project onGitHub:

A secure, portable and lean operating system built for containers

I wanna create a docker image from an ISO file. And I meet the same question like this iso to docker file. I did same operations with him, and I know it's wrong now. Now what i have is: an ISO file. My own ISO file, based on ubuntu but it's not ubuntu. A computer, running ubuntu on it.

I am feeling already exited. I was an observer of the project when JustinCormack and the othercontributors wasworking on a private repository. I was invited as part of ci-wg group into theCNCF and I loved this project from the first day.

You can think about linuxkit as a builder for Linux operating system everythingbased on containers.

It’s a project that can stay behind your continuous integration system to allowus to test on different kernel version and distribution. You can a light kernelswith all the services that you need and you can create different outputsrunnable on cloud providers as Google Cloud Platform, with Docker or with QEMU.

Continuous delivery, new model

I am not really confident about Google Cloud Platform but just to move over I amgoing to do some math with AWS as provider.Let’s suppose that I have the most common continuous integration system, one bigbox always up an running configured to support all your projects or if you arealready good you are running containers to have separated and isolatedenvironment.

Let’s suppose that you Jenkins is running all times on m3.xlarge:

m3.xlarge used 100% every months costs 194.72$.

Using Linuxkit Generated Iso In Docker Download

Let’s have a dream. You have a very small server with just a frontendapplication for your CI and all jobs are running in a separate instance, tiny asa t2.small.

t2.small used only 1 hour costs 0.72$ .

I calculated 1 hour because it’s the minimum that you can pay and I hope thatyour CI job can run for less than 1 hour.Easy math to calculate the number of builds that you need to run to pay as youwas paying before.

194.72 / 0.72 ~ 270 builds every month.

If you are running less than 270 builds a months you can save some moneytoo. But you have other benefits:

  1. More jobs, more instances. Very easy to scale. Easier that Jenkinsmaster/slave and so on.
  2. How many times during holidays your Jenkins is still up and running withoutto have nothing to do? During these days you are just paying for the frontendapp.

And these are just the benefit to have a different setup for your continuousdelivery.

LinuxKit CI implementation

There is a directory called./test that containssome linuxkit use case but I am going to explain in practice how linuxkit istested. Because it uses itself, awesome!

In first you need to download and compile linuxkit:

You can move it in your $PATH with make install.

At the moment the CLI is very simple, the most important commands are build andrun. linuxkit is based on YAML file that you can use to describe your kernel,with all applications and all the services that you need. Let’s start with thelinuxkit/test/test.yml.

Linuxkit builds everythings inside a container, it means that you don’t need alot of dependencies it’s very easy to use. It generates different output inthis case kernel+initrd, iso-bios, iso-efi, gpc-img depends of theplatform that you are interested to use to run your kernel.

I am trying to explain a bit how this YAML works. You can see that there aredifferent primary section: kernel, init, onboot, service and so on.

Download

Pretty much all of them contains the keyword image because as I said beforeeverything is applied on containers, in this example they are store inhub.docker.com/u/mobylinux/.

The based kernel is mobylinux/kernel:4.9.x, I am just reporting what theREADME.md said:

  • kernel specifies a kernel Docker image, containing a kernel and afilesystem tarball, eg containing modules. The example kernels are built fromkernel/
  • init is the base init process Docker image, which is unpacked as the basesystem, containing init, containerd, runc and a few tools. Built frompkg/init/
  • onboot are the system containers, executed sequentially in order. Theyshould terminate quickly when done.
  • services is the system services, which normally run for the whole time thesystem is up
  • files are additional files to add to the image
  • outputs are descriptions of what to build, such as ISOs.

At this point we can try it. If you are on MacOS as I was you don’t need toinstall anything one of the runner supported by linuxkit is hyperkit itmeans that everything is available in your system.

./test contains different test suite but now we will stay focused on./test/check directory. It contains a set of checks to validate how thekernel went build by LinuxKit. They are the smoke tests that are running on eachnew pull request created on the repository for example.

As I said everything runs inside a container, if you look into the checkdirectory there is a makefile that build a mobylinux/check image, that imagewent run in LinuxKit, into the test.yml file:

You can use theMakefileinside the check directory to build a new version of check, you can just usethe command make.

When you have the right version of your test we can build the image used by moby:

Using Linuxkit Generated Iso In Docker Linux

Part of the output is:

And if you look into the directory you can see that there are all these filesinto the root. These files can be run from qemu, google cloud platform,hyperkit and so on.

On MacOS with this command LinuxKit is using hyperkit to start a VM, I can not copypaste all the output but you can see the hypervisor logs:

When the VM is ready LinuxKit is starting all the init, onboot, the logs iseasy to understand as the test.yml is starting containerd, runc:

The last step is the check that runs the real test suite:

The last log is the output ofcheck-kernel-config.shfiles.

If you are on linux you can do the same command but by the default you are goingto use qemu an open source machine emulator.

I did some test in my Asus Zenbook with Ubuntu, when you run moby run this isthe command executed with qemu:

By default is testing on x86_64 but qemu supports a lot of other archs anddevices. You can simulate an arm and a rasperry pi for example. At themoment LinuxKit is not ready to emulate other architecture. But this is the mainscope for this project. It’s just a problem of time. It will be able soon!

Detect if the build succeed or failed is not easy as you probably expect. Thestatus inside the VM is not the one that you get in your laptop. At the momentto understand if the code in your PR is good or bad we are parsing the output:

Explain how linuxkit tests itself at the moment is the best way to get how itworks. It is just one piece of the puzzle, if you have a look here everypr has a GitHub Status that point toa website that contains logs related that particular build. That part is notmanaged by linuxkit because it’s only the builder used to create theenvironment. All the rest is managed bydatakit. I will speak about it probably inanother blogpost.

Conclusion

Using Linuxkit Generated Iso In Docker

Using Linuxkit Generated Iso In Docker Container

runc, docker, containerd, rkt but also Prometheus, InfluxDB, Telegraf a lot ofprojects supports different architecture and they need to run on differentkernels with different configuration and capabilities. They need to run on yourlaptop, in your IBM server and in a Raspberry Pi.

This project is in an early state but I understand why Docker needs somethingsimilar and also, other projects as I said are probably going to get somebenefits from a solution like this one. Have it open source it’s very good andI am honored to be part of the amazing group that put this together. I just didsome final tests and I tried to understand how it’s designed and how it works.This is the result of my test. I hope that can be helpful to start in the rightmindset.

My plan is to create a configuration to test InfluxDB and play a bit with qemuto test it on different architectures and devices. Stay around a blogpost willcome!

Some Links:

Using Linuxkit Generated Iso In Docker Command

Reviewers: Justin Cormack

Generated

get 'Docker the Fundamentals'by. Drive your boat as a Captain

You can get the Chapter 2 of the book 'Drive your boat as a Captain' just leave click on the cover and leave your email to receive a free copy.

Using Linuxkit Generated Iso In Docker Windows 10

This chapter is getting started with Docker Engine and the basic concept around registry, pull, push and so on. It's a good way to start from zero with Docker.

Coments are closed