Moby and LinuxKit: Building a custom minimal, immutable Linux distributions

Johnny Mkhael -

You can also have a go at the interactive tutorial I built here: LinuxKit 101: building the redis-os from DockerCon2017

Moby and LinuxKit?

So, DockerCon2017 is amazing!

As you should know by now, Docker introduced the Moby project!
If you missed it, go read the announcement here by Solomon Hykes. https://blog.docker.com/2017/04/introducing-the-moby-project/

At it's core, LinuxKit.

LinuxKit, a toolkit for building custom minimal, immutable Linux distributions.

Build Moby

I like to get my hands dirty. So let's build one of the examples supplied to understand more.

Prerequisites

But first, install qemu if you haven't done so yet. You'll probably need build-essentials too.

sudo apt install qemu

Then just clone and build the Moby tools:

git clone https://github.com/linuxkit/linuxkit
cd linuxkit/
make 
sudo make install

If all goes well, you'll have two binaries created under bin directory: moby and linuxkit. As per this pr:

  • moby: just does the simple build case,
  • linuxkit: is useful to push and run the constructed image

Let's make sure it works:

moby

and see the usage output:

Please specify a command.

USAGE: moby [options] COMMAND

Commands:
  build       Build a Moby image from a YAML file
  version     Print version information
  help        Print this message

Run 'moby COMMAND --help' for more information on the command

Options:
  -q	Quiet execution
  -v	Verbose execution

Build one of the examples

Cool. Let's build the sshd example, which should produce a kernel:4.9, with some services, among them, linuxkit/sshd

cd examples/
moby build sshd.yml

After about a minute or so:

linuxkit run sshd

... after a while...

Starting containerd

Welcome to LinuxKit

                            ##         .
                  ## ## ##        ==
               ## ## ## ## ##    ===
           /"""""""""""""""""\___/ ===
      ~~~ {~~ ~~~~ ~~~ ~~~~ ~~~ ~ /  ===- ~~~
           \______ o           __/
             \    \         __/
              \____\_______/


  / # INFO[0000] starting containerd boot...                   module=containerd
  INFO[0000] starting debug API...                         debug="/run/containerd/debug.sock" module=containerd
  INFO[0000] loading monitor plugin "cgroups"...           module=containerd
  INFO[0000] loading runtime plugin "linux"...             module=containerd
  INFO[0000] loading snapshot plugin "snapshot-overlay"...  module=containerd
  INFO[0000] loading grpc service plugin "content-grpc"...  module=containerd
  INFO[0000] loading grpc service plugin "runtime-grpc"...  module=containerd
  INFO[0000] loading grpc service plugin "images-grpc"...  module=containerd
  INFO[0000] loading grpc service plugin "rootfs-grpc"...  module=containerd
  INFO[0000] loading grpc service plugin "healthcheck-grpc"...  module=containerd
  INFO[0000] loading grpc service plugin "metrics-grpc"...  module=containerd
  INFO[0000] starting GRPC API server...                   module=containerd
  INFO[0000] containerd successfully booted in 0.107088s   module=containerd
   - 000-sysctl
   - dhcpcd
   - rngd
   - sshd

Once the machine booted up, check it's kernel is 4.9 built by moby and that sshd is running:

/ # uname -a
Linux moby-525400123456 4.9.22-moby #1 SMP Fri Apr 14 12:32:33 UTC 2017 x86_64 Linux

/ # pgrep -l sshd
404 /usr/sbin/sshd

Nice! Cannot get easier than that. (Well, with Docker, it will... you just wait)

Next

Where to go next? Maybe we will build something tailored to a particular stack, or tailored for HPC/GPUs maybe?