Running Firecracker inside Docker

Question

Is there any way to run Firecracker inside Docker container.

I tried the basic networking in firecracker although having containerized firecracker can have many benefits

No hurdle to create and manage overlay network and attach
Deploy in Docker swarm and in Kubernetes
No need to clean IPTables/Network rules etc.

What's the point of running Firecracker inside Docker? Firecracker was build to run containers (AWS Fargate) on top of it. Why would anyone containerize Firecracker? Anyway, this reminds me of something Kelsey Hightower has said: "Treating containers like a black box will eventually leave you in the dark." — tgogos, Jan 18 '19 at 09:28
I'm not sure if treating container as a blackbox part applies to me, but you raised a valid point here. Honestly I found it as a more of hack to move forward with the problems that I need to deal with If I'm trying to use Firecracker in production. The reason to make it containerised was to use docker overlay networks. I couldn't found any other solution that gives me same flexibilities with little effort where I can create overlay network, attach to microVms, put IPTables rules and cleanup everything at once. I would definitely not consider docker if I get same networking support in fireC — Swarvanu Sengupta, Jan 19 '19 at 11:40
I didn't mean to be offensive with my previous comment, so let me rephrase: "Treating containers like a black box will eventually leave us in the dark". I do think that Firecracker is not the kind of abstraction that someone would run inside Docker. — tgogos, Jan 21 '19 at 11:32
As per my understanding Docker and Firecracker are orthogonal. They are designed to solve a very different set of problems. I don't see why would someone not containerise firecracker when having it containerised can help to deal with the problems container was meant for. https://rancher.com/introducing-ranchervm-package-and-run-virtual-machines-as-docker-containers/ — Swarvanu Sengupta, Jan 22 '19 at 07:30

score 1 · Answer 1 · answered Apr 20 '19 at 00:51

1

You can use kata-containers to simplify

https://github.com/kata-containers/documentation/wiki/Initial-release-of-Kata-Containers-with-Firecracker-support

answered Apr 20 '19 at 00:51

MaxV

2,601
3
18
25

score 0 · Answer 2 · answered Jan 18 '19 at 07:58

0

I came up with something very basic as this: https://github.com/s8sg/docker-firecracker

It allows creating go application that can run inside containerized firecracker

answered Jan 18 '19 at 07:58

Swarvanu Sengupta

360
4
11

Peter Rosemann · Answer 3 · 2022-02-12T11:44:13.260

Setup Tutorial

You find a good tutorial with all the basics at the Weaveworks

fire-up-your-vms-with-weave-ignite

it introduces

weaveworks ignite (Github)

Ignite works like a One-to-One replacement for "docker", and it does work on my Raspberry PI 4, with Debian11 too.

How to use

Create and start a VM

 $ sudo ignite run weaveworks/ignite-ubuntu \
                --cpus 1 \
                --memory 1GB \
                --ssh \
                --name my-vm1

Show your VM Processes

 $ ignite ps

Login into your running VM

 $ sudo ignite ssh my-vm1

It takes a couple of sec to start (manualy) a new VM on my Raspberry PI 4 (8Gb, 64bit Debian11):

Login into any of these

$ sudo ignite ssh my-vm3

Footloose

If you add footloose you can start up a cluster of MicroVMs, which allows additional scenarios. It works more less like docker-swarm with VMs. Footloose reads a description of the Cluster of Machines to create from a file, by default named footloose.yaml. Please check

footloose vm cluster (Github)

Note: be aware of a Apache ignite, which is a solution for something else, and don't get confused by it.

The initial idea for this answer is from my gist here