Building Ubuntu 20.04 Root Filesystem for Firecracker

The Ubuntu 20.04 rootfs image will be built using a docker container.

~$ mkdir rootfs
~$ docker run -it --rm --privileged -v $(pwd)/rootfs:/output ubuntu:20.04
root@eb9757d0a7d2:/# apt update
root@eb9757d0a7d2:/# apt install -y debootstrap 
root@eb9757d0a7d2:/# cd /output/
root@eb9757d0a7d2:/output# truncate -s 1G /output/ubuntu-20_04.ext4
root@eb9757d0a7d2:/output# mkfs.ext4 /output/ubuntu-20_04.ext4
root@eb9757d0a7d2:/output# mkdir /rootfs
root@eb9757d0a7d2:/output# mount /output/ubuntu-20_04.ext4 /rootfs
root@eb9757d0a7d2:/output# debootstrap --include apt,netplan.io,vim focal /rootfs http://archive.ubuntu.com/ubuntu/
root@eb9757d0a7d2:/output# echo 'ubuntu-focal' > /rootfs/etc/hostname
root@eb9757d0a7d2:/output# mkdir /rootfs/etc/systemd/system/serial-getty@ttyS0.service.d/
root@eb9757d0a7d2:/output# cat <<EOF > /rootfs/etc/systemd/system/serial-getty@ttyS0.service.d/autologin.conf
[Service]
ExecStart=
ExecStart=-/sbin/agetty --autologin root -o '-p -- \\u' --keep-baud 115200,38400,9600 %I $TERM
EOF
root@eb9757d0a7d2:/output# cat <<EOF > /rootfs/etc/netplan/99_config.yaml
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: true
EOF
root@eb9757d0a7d2:/output# chroot /rootfs netplan generate
root@eb9757d0a7d2:/output# chroot /rootfs systemctl disable systemd-resolved.service
root@eb9757d0a7d2:/output# chroot /rootfs rm /etc/resolv.conf
root@eb9757d0a7d2:/output# chroot /rootfs touch /etc/resolv.conf
root@eb9757d0a7d2:/output# rm /rootfs/var/cache/apt/* -rf
root@eb9757d0a7d2:/output# echo "deb http://archive.ubuntu.com/ubuntu/ focal main restricted universe" > /rootfs/etc/apt/sources.list
root@eb9757d0a7d2:/output# echo "deb http://archive.ubuntu.com/ubuntu/ focal-security main restricted universe" >> /rootfs/etc/apt/sources.list
root@eb9757d0a7d2:/output#echo "deb http://archive.ubuntu.com/ubuntu/ focal-updates main restricted universe" >> /rootfs/etc/apt/sources.list
root@eb9757d0a7d2:/output# chroot /rootfs passwd -d root
root@eb9757d0a7d2:/output# exit

The microVM can now be started. Remember to set a password for root!!!

~/rootfs$ firectl --kernel=vmlinux-5.4.83 --root-drive=ubuntu-20_04.ext4 --kernel-opts="reboot=k panic=1 pci=off console=ttyS0"

Lots of inspiration were drawn from https://github.com/bkleiner/ubuntu-firecracker

Network access can be configured by following firecracker’s docs

firecracker-microvm/firecracker

yay!