Boot2lxc Minimal VM based on Alpine
- 1 year 1 month ago
We just made available a boot2lxc minimal vm based on Alpine. How minimal? It's is a mere 65 MB download.
LXC is of course supported in the Linux kernel and you do not need a VM to run it. That is counterproductive given containers are a bare metal alternatives to virtualization. The rationale is to give Windows and OSX users an easy way to try the Flockport App Store and LXC .
We were looking for a minimal OS and Ubuntu supports LXC best. But some initial efforts and the lowest we could get the Vivid image download was around 250MB. Surely we could do better.
Docker it appears users Tinycore for their boot2docker image, but Tinycore is too minimalist and missing things like bridge-utils and a lot of other packages and functions you need for a properly functioning LXC environment.
We had recently used Alpine for our micro containers and Alpine seemed perfect both as a container and host OS. So Alpine made the most sense. We did run into a couple of issues with LXC in Alpine though
1. LXC networking is not available out of the box,
2. cgroups memory is not supported in the Alpine kernel
3. Alpine LXC does not have Python 3 support
For a lot of users networking is the first thing that gets them down so we needed to fix that first. We repurposed the lxc-net Debian script for Alpine so LXC networking works out of the box. Its a quick hack and needs to be fine tuned properly for OpenRC.
What this does basically is set up a standalone lxcbr0 bridge, enable dnsmasq DHCP on the subnet and some iptables rules for outward access for containers.
I tracked the cgroup memory issue in Alpine and it is supposed to be fixed in 3.14.37 but it wasn't working in my initial tests on release 3.14 , or even 3.2 rc3. We have to check the docs on this futrher
Grsec does not play well with LXC containers, chroot and namespaces. Since this is designed for relatively new users we went with the vanilla Alpine kernel.
Python3 support is missing in the Alpine LXC package so a number of 'decorative' functions like 'lxc-ls -f' do not work.
This boot2lxc image gives you a lightweight LXC environment along with the Flockport utility that lets users view and download containers directly to their system from the Flockport App Store .