Using LinuxKit on real hardware

LinuxKit is a promising toolkit for building secure, portable and lean operating systems for containers. One of its advantages is having a predictable container set (in other words, installed packages in the system), hence providing a homomorphic environment for QA and benchmarking tests.

However, the project is fairly new, and users may have problems setting and running it up, especially on the real hardware. The documentation and packages are under way, but it's already possible to get it working.

Yaml Configuration

See below the sample configuration that you can use to boot the image on the real hardware and get Wi-Fi working. Few notes though:

  • The OS is assumed to be run from USB mass storage (see root=/dev/sda1 kernel parameter). Please modify it for your needs.
  • Please use your own Wi-Fi driver instead of brcmfmac for the modprobe. You can use lspci tool to get the required name.
  • Please use real <ssid> and <password> values for the wpa_supplicant configuration.
  • I've provided few Docker images to use while the official packages are not updated yet. You may want to create your own versions, the related information is available in their description:
The sample configuration:

\src: linuxkit.yml

kernel: image: nuald/kernel:4.12.14-extra cmdline: "console=tty0 root=/dev/sda1 rootwait vga=791" init: - linuxkit/init:6fe9d31a53bbd200183bb31edd795305e868d5a7 - linuxkit/runc:a1b564248a0d0b118c11e61db9f84ecf41dd2d2a - linuxkit/containerd:ad6710e069cb538c76314a28e09d6b49958c88e0 - nuald/linux-firmware:latest onboot: - name: modprobe image: linuxkit/modprobe:69494c187eddc12b3f24e4e0cbd5d3360bda3504 command: ["modprobe", "-a", "brcmfmac"] services: - name: wpa_supplicant image: nuald/wpa_supplicant:a5cef22bd214b2845f65636bc9cf60d805712fe5-amd64 binds: - /etc/wpa_supplicant:/etc/wpa_supplicant command: ["/sbin/wpa_supplicant", "-i", "wlan0", "-c", "/etc/wpa_supplicant/wpa_supplicant.conf"] - name: dhcpcd image: linuxkit/dhcpcd:d4408777ed6b6e6e562a5d4938fd09804324b33e command: ["/sbin/dhcpcd", "wlan0"] - name: getty image: linuxkit/getty:bf6872ce0a9f3ab519b3e502cc41ba3958bda2a6 env: - INSECURE=true files: - path: etc/wpa_supplicant/wpa_supplicant.conf contents: | network={ ssid="<ssid>" psk="<password>" } trust: org: - linuxkit

Usage Notes

The configuration has been tested for the image loaded by so-called "Legacy" BIOS mode. You may need to change the BIOS settings to disable Secure Boot and/or enable Legacy BIOS booting options.

The image is prepared with the moby tool:

moby build -format iso-bios linuxkit.yml

Please verify the USB device you're putting image into. For macOS you can use Disk Utility Tool:

diskutil list

Before writing, please unmount the device. For macOS (assuming /dev/disk2 the proper USB device):

diskutil umountDisk /dev/disk2

Next step is putting the image into USB. For both Linux and macOS the procedure the same (please note /dev/rdisk2 - "r" prefix stands for the BSD "raw" device, it's used to make the operation faster):

sudo dd if=linuxkit.iso of=/dev/rdisk2 bs=1m

The last step (for safety), please eject the disk (it may not be visible directly in the system, therefore need to use CLI). For macOS (assuming the same device as above):

diskutil eject /dev/disk2

That's it! It may not working immediately, but it's a step forward. LinuxKit has the great potential, and I hope you can enjoy it as much as I do.
Scalateχ \src: LinuxKit.scalatex

Comments

Popular posts from this blog

Python vs JS vs PHP for embedded systems

DIY: Business cards in LaTeX

Memory reclaiming in Python