ignite icon indicating copy to clipboard operation
ignite copied to clipboard

Published 20 hours ago verified publisher icon weaveworks

Running Firecracker VMs in Kubernetes with Ignite

Open mojojoji opened this issue 4 years ago • 4 comments

I came across the Ignite project when I was researching ways to run and manage VMs using Kubernetes. I had experimented with KubeVirt to run VMs using Kubernetes but wanted the speed of starting that Firecracker provides. Is there a way to run the ignite spawn and Firecracker in a Kubernetes Pod?

If this functionality doesn't exist then I would like to propose a way to implement this.

As per the architecture diagram of Ignite, there are 4 steps involved in running an Ignite VM. (https://github.com/weaveworks/ignite/blob/master/docs/architecture.png)

  1. ignite image import to pull and import the rootfs and kernel images
  2. ignite create to create the read-only snapshots of the VM
  3. Run ignite-spawn inside a container with the read-only snapshots and firecracker binary to start the VM
  4. Firecracker to start the VM and run it using KVM

The first 2 steps and initial lines of code of ignite-spawn are used to prepare the filesystem for the VM. And the remaining is running the VM in firecracker.

In Kubernetes, we can run the steps to get the filesystems ready in a init container and once everything is ready run the container with Ignite spawn. The files used by the VM can be mounted as emptydir/hostpath/PVC for both these containers.

A Kubernetes CRD and controller can be used to receive Ignite YAML files and start the Pods in a statefulset/deployment with the above containers running inside.

This will be then similar to KubeVirt but running VM using Firecracker.

If this approach looks good I can try to create a working version of this and create a pull request.

mojojoji avatar Dec 21 '20 12:12 mojojoji

👍🏻 I'm also interested in this!

gaby avatar Mar 04 '21 05:03 gaby

I'm also interested in this

codesiddhant avatar Aug 09 '21 06:08 codesiddhant

@darkowlzz and I would love to see a POC of this. Some other users have also had success running nested KVM inside of ignite VM's.

The init-container design sounds like a pretty cool way to expose some status information using the native Pod API. It does add some latency to the VM start, so there is a trade-off there. Potentially, we could expose some of that structured status in a Custom Resource instead and have the best of both worlds there, since the ignite run code will handle all of the image pull and device setup itself if the VM is not already created.

Please feel welcome to join the ignite dev call on Mondays if you would like to collab on the design or do any pair-programming :))

stealthybox avatar Aug 09 '21 17:08 stealthybox

Since I didnt get any response here for a long time, I had built something similar using firecracker without using ignite. To build root filesystem from container image (Ahead of time): https://github.com/anyfiddle/firecracker-rootfs-builder Init container to pull the root filesystem and make it ready for firecracker: https://github.com/anyfiddle/kubecracker-init The container that runs firecracker : https://github.com/anyfiddle/find

mojojoji avatar Aug 10 '21 17:08 mojojoji