Nanovms running in Docker x86 container for M1 Mac ARM64.

Docker Ops

This project is an attempt to enable Nanos unikernels to be managed by Ops on non-intel architectures such as the Mac M1 ARM64.

Unless there is something I have missed (as of 20 November, 2021) Ops does not run properly on the M1 ARM64 architecture. This is because the implementation of nanos used by Ops currently assumes an Intel64 environment. You can run Ops for things that don't involve building, running, or deploying nanos images. Putting Ops (and therefore Nanos) in an Intel64 container allows Nanos to operate in its intended environment.

Ops is a build and deployment tool for the Nanos unikernel. A unikernel is a minimal operating environment which is used to create a compatible image to run a single applicaiton in cloud environments and for use locally using qemu. I use it to test out unikernels running Go applications. Docker is similar in that it is a scaled down Linux or other Operating system container intended to run at a single entry point. A Docker container can have most things installed that would normally be installed on any operating system, including additional user accounts, logging daemons, etc. Nanos only runs one thing and its purpose is to handle calls for an Intel64 linux architecture so that the single application will be able to run. Nanos also provides useful things such as network port and filesystem access.

The goal of this code is to provide a workflow that is as friction-free as possible in terms of building and deploying nanos unikernels. Using the dockerops application you can call Ops running in a Docker intel64 image as if it were running on its own.

This project should work fine on a non-M1 mac but that would be redundant, as Ops runs well on Intel64 macs.

To run

  1. install the TaskFile runner. A few conventions are used to ensure that the proper container is called and the tasks consistently manage that. I know how to write make files but I find Taskfile to be easy to read and use. On a mac with Homebrew you can install Taskfile with
    brew install go-task/tap/go-task
    
  2. Make sure that you have a running and recent Docker installation that supports multiple architectures (for the purposes of this application, Intel64). Any Mac release from 18 April, 2021 or later should.
  3. Build the container using the task task build in the build directory.
  4. Compile dockerops in cmd/dockerops using go build . .
  5. Make sure you have a valid config file (see the sample in the config directory. This file needs either to be in the same directory as the binary or have its location indicated using the -c flag when invoking dockerops.
    1. Note that to do useful things you will need to expose a directory containing things like GCP authentication files. See the config file for this.
  6. Run dockerops. See the Ops site for information on how to run Ops and use it to make containers and deploy them to the cloud.

Sample usage

Here is the usage output for the dockerops app

% ~/bin/dockerops -h
Usage: dockerops [--configpath CONFIGPATH] [--env ENV] [--verbose] [CALL [CALL ...]]

Positional arguments:
CALL                   call to ops - surround with quotes

Options:
--configpath CONFIGPATH, -c CONFIGPATH
                        config path - defaults to [dockeropps dir]/dockerops.yml
--env ENV, -e ENV      Set environment variable as key=val
--verbose, -v          print out what is being handled and done
--help, -h             display this help and exit

Here is a sample invocation

% ./dockerops
Usage:
ops [command]

Available Commands:
build       Build an image from ELF
deploy      Build an image from ELF and deploy an instance
env         Cross-build environment commands
help        Help about any command
image       manage nanos images
instance    manage nanos instances
pkg         Package related commands
profile     Profile
run         Run ELF binary as unikernel
update      check for updates
version     Version
volume      manage nanos volumes

Flags:
-h, --help            help for ops
    --show-debug      display debug messages
    --show-errors     display error messages
    --show-warnings   display warning messages

Use "ops [command] --help" for more information about a command.

Here is an invocation to list existing images

% ~/bin/dockerops ops image list
+---------------------+---------------------------------------+---------+--------------+
|        NAME         |                 PATH                  |  SIZE   |  CREATEDAT   |
+---------------------+---------------------------------------+---------+--------------+
| nanoapplinux.img    | /root/.ops/images/nanoapplinux.img    | 41.8 MB | 1 week ago   |
+---------------------+---------------------------------------+---------+--------------+
| nats-test-image.img | /root/.ops/images/nats-test-image.img | 44.8 MB | 2 months ago |
+---------------------+---------------------------------------+---------+--------------+
| natslinux.img       | /root/.ops/images/natslinux.img       | 44.7 MB | 2 months ago |
+---------------------+---------------------------------------+---------+--------------+

In the background the script run.sh is invoked in the container. This script takes all passed in args and uses them to create an invocation of Ops, which is in the container at /app/ops. If you put /app/ops or ops in your call it will be cleaned up and the call made will be proper for Ops.

Things to do

  • Ensure that things like building and running Ops work
    • This so far has not been tested. Possible issues include stdout and stderr interaction when doing things like running an image in the container.
  • Use this for development and make any improvements that arise from that
Owner
Ian Marsman
I program mostly in Go and work with virtual machine deployment in my day job using various industry standard tools and frameworks.
Ian Marsman
Similar Resources

Running Go binary into Docker

This go file make a get into an API, that API provides a JSON with a cat information

Feb 7, 2022

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.

Vilicus Table of Contents Overview How does it work? Architecture Development Run deployment manually Usage Example of analysis Overview Vilicus is an

Dec 6, 2022

Testcontainers is a Golang library that providing a friendly API to run Docker container. It is designed to create runtime environment to use during your automatic tests.

When I was working on a Zipkin PR I discovered a nice Java library called Testcontainers. It provides an easy and clean API over the go docker sdk to

Jan 7, 2023

A tool to restart a Docker container with a newer version of the image

repull A tool to restart a Docker container with a newer version of an image used by the container Often you may need to pull a newer version of an im

Nov 28, 2022

A toolbox for debugging docker container and kubernetes with web UI.

A toolbox for debugging docker container and kubernetes with web UI.

A toolbox for debugging Docker container and Kubernetes with visual web UI. You can start the debugging journey on any docker container host! You can

Oct 20, 2022

Docker container lazy loading

Lazytainer Putting your containers to sleep I don't really wanna do the work today How it works Lazy loading containers monitor network traffic for ac

Dec 29, 2022

Go project to manage an ubuntu docker container

Go project to manage an ubuntu docker container

Go-docker-manager This project consist of a Go app that connects to a Docker backend, spans a Ubuntu container and shows live CPU/Memory information f

Oct 27, 2021

A docker container that can be deployed as a sidecar on any kubernetes pod to monitor PSI metrics

CgroupV2 PSI Sidecar CgroupV2 PSI Sidecar can be deployed on any kubernetes pod with access to cgroupv2 PSI metrics. About This is a docker container

Nov 23, 2021

An little docker container to send an heartbeat to uptime kuma.

Uptime Kuma Push Service This Docker image is for sending a heartbeat to an Uptime Kuma server. Here you will find a little introduction on how to use

Apr 17, 2022
oci-ccm custom build for both arm64 and amd64

OCI Cloud Controller Manager (CCM) oci-cloud-controller-manager is a Kubernetes Cloud Controller Manager implementation (or out-of-tree cloud-provider

Jan 18, 2022
k8s applications at my home (on arm64 devices e.g nvidia jet son nano)

k8s applications at my home (on arm64 devices e.g nvidia jet son nano)

Oct 9, 2022
KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes
 KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes

Kubernetes-based Event Driven Autoscaling KEDA allows for fine-grained autoscaling (including to/from zero) for event driven Kubernetes workloads. KED

Jan 7, 2023
Display (Namespace, Pod, Container, Primary PID) from a host PID, fails if the target process is running on host

Display (Namespace, Pod, Container, Primary PID) from a host PID, fails if the target process is running on host

Oct 17, 2022
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems
Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

The Moby Project Moby is an open-source project created by Docker to enable and accelerate software containerization. It provides a "Lego set" of tool

Jan 8, 2023
Boxygen is a container as code framework that allows you to build container images from code

Boxygen is a container as code framework that allows you to build container images from code, allowing integration of container image builds into other tooling such as servers or CLI tooling.

Dec 13, 2021
Amazon ECS Container Agent: a component of Amazon Elastic Container Service
Amazon ECS Container Agent: a component of Amazon Elastic Container Service

Amazon ECS Container Agent The Amazon ECS Container Agent is a component of Amazon Elastic Container Service (Amazon ECS) and is responsible for manag

Dec 28, 2021
The Container Storage Interface (CSI) Driver for Fortress Block Storage This driver allows you to use Fortress Block Storage with your container orchestrator

fortress-csi The Container Storage Interface (CSI) Driver for Fortress Block Storage This driver allows you to use Fortress Block Storage with your co

Jan 23, 2022
Kubedock is a minimal implementation of the docker api that will orchestrate containers on a Kubernetes cluster, rather than running containers locally.

Kubedock Kubedock is an minimal implementation of the docker api that will orchestrate containers on a kubernetes cluster, rather than running contain

Nov 11, 2022
Docker-compose files for running full Storj network locally

docker-compose based Storj environment storj-up is a swiss-army tool to create / customize Storj clusters with the help of docker-compose (not just st

Nov 16, 2022