🧨

Firecracker On Alpine Metal

 
a bookmark:
 
Things I like:
apk add tmux apk add neovim apk add python3 apk add python-dev apk add git apk add github-cli apk add gcc apk add musl-dev
Get acl
apk add acl
Set this thing
setfacl -m u:${USER}:rw /dev/kvmsetfacl -m u:${USER}:rw /dev/kvm
 
Download firecracker:
release_url="https://github.com/firecracker-microvm/firecracker/releases" latest=$(basename $(curl -fsSLI -o /dev/null -w %{url_effective} ${release_url}/latest)) arch=`uname -m` curl -L ${release_url}/download/${latest}/firecracker-${latest}-${arch}.tgz \ | tar -xz
 
Get rid of the bullshit:
mv release-v1.1.2-x86_64/firecracker-v1.1.2-x86_64 /bin/firecracker
mv release-v1.1.2-x86_64/jailer-v1.1.2-x86_64 /bin/jailer
 
Install poetry:
curl -sSL https://install.python-poetry.org | python3 -
Make note of PATH, or explicitly call this shit
root:~# curl -sSL https://install.python-poetry.org | python3 - Retrieving Poetry metadata # Welcome to Poetry! This will download and install the latest version of Poetry, a dependency and package manager for Python. It will add the `poetry` command to Poetry's bin directory, located at: /root/.local/bin You can uninstall at any time by executing this script with the --uninstall option, and these changes will be reverted. Installing Poetry (1.2.2): Done Poetry (1.2.2) is installed now. Great! To get started you need Poetry's bin directory (/root/.local/bin) in your `PATH` environment variable. Add `export PATH="/root/.local/bin:$PATH"` to your shell configuration file. Alternatively, you can call Poetry explicitly with `/root/.local/bin/poetry`. You can test that everything is set up by executing: `poetry --version`
 
 
 

Creating an alpine based firecracker VM Disk

 
Prerequisites:
  • A public key next to the Dockerfile
    FROM alpine:3.13 RUN apk update \ && apk add openrc openssh sudo util-linux \ && ssh-keygen -A \ && mkdir -p /home/alpine/.ssh \ && addgroup -S alpine && adduser -S alpine -G alpine -h /home/alpine -s /bin/sh \ && echo "alpine:$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n1)" | chpasswd \ && echo '%alpine ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/alpine \ && ln -s agetty /etc/init.d/agetty.ttyS0 \ && echo ttyS0 > /etc/securetty \ && rc-update add agetty.ttyS0 default \ && rc-update add devfs boot \ && rc-update add procfs boot \ && rc-update add sysfs boot \ && rc-update add local default COPY ./key.pub /home/alpine/.ssh/authorized_keys RUN chown -R alpine:alpine /home/alpine \ && chmod 0740 /home/alpine \ && chmod 0700 /home/alpine/.ssh \ && chmod 0400 /home/alpine/.ssh/authorized_keys \ && mkdir -p /run/openrc \ && touch /run/openrc/softlevel \ && rc-update add sshd
     

    Creating an iperf3 Firecracker VM for networking testing

     
    Dockerfile
    FROM alpine:3.13 RUN apk update \ && apk add openrc openssh sudo util-linux \ && ssh-keygen -A \ && mkdir -p /home/iperf/.ssh \ && addgroup -S iperf && adduser -S iperf -G iperf -h /home/iperf -s /bin/sh \ && echo "iperf:$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n1)" | chpasswd \ && echo '%iperf ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/iperf \ && ln -s agetty /etc/init.d/agetty.ttyS0 \ && echo ttyS0 > /etc/securetty \ && rc-update add agetty.ttyS0 default \ && rc-update add devfs boot \ && rc-update add procfs boot \ && rc-update add sysfs boot \ && rc-update add local default COPY ./key.pub /home/iperf/.ssh/authorized_keys RUN chown -R iperf:iperf /home/iperf \ && chmod 0740 /home/iperf \ && chmod 0700 /home/iperf/.ssh \ && chmod 0400 /home/iperf/.ssh/authorized_keys \ && mkdir -p /run/openrc \ && touch /run/openrc/softlevel \ && rc-update add sshd