summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck.cuny@gmail.com>2021-04-13 19:39:30 -0700
committerFranck Cuny <franck.cuny@gmail.com>2021-04-13 19:39:30 -0700
commit6b7486531d36719a93f739a52f814881834285dc (patch)
tree5e9a5d5c1299215ad0b56f6b4bc42d58b12d2ade
parentAdd README.md, LICENSE.txt (diff)
downloadcontainerd-to-vm-6b7486531d36719a93f739a52f814881834285dc.tar.gz
doc: update README
-rw-r--r--README.md1
-rw-r--r--README.org15
2 files changed, 15 insertions, 1 deletions
diff --git a/README.md b/README.md
deleted file mode 100644
index 962d5a9..0000000
--- a/README.md
+++ /dev/null
@@ -1 +0,0 @@
-# containerd-to-vm
\ No newline at end of file
diff --git a/README.org b/README.org
new file mode 100644
index 0000000..53cee39
--- /dev/null
+++ b/README.org
@@ -0,0 +1,15 @@
+#+TITLE: containerd-to-vm
+#+AUTHOR: franck cuny <franck@fcuny.net>
+
+* What
+A recent [[https://fly.io/blog/docker-without-docker/][article]] from the team at [[https://fly.io][fly.io]] described how they build VMs for firecracker from the docker image provided by their customers. They outline the following steps:
+
+1. Pull the matching container from the registry.
+2. Create a loop device to store the container's filesystem on.
+3. Unpack the container (in this case, using Docker's Go libraries) into the mounted loop device.
+4. Create a second block device and inject our init, kernel, configuration, and other goop into.
+5. Track down any persistent volumes attached to the application, unlock them with LUKS, and collect their unlocked block devices.
+6. Create a TAP device, configure it for our network, and attach BPF code to it.
+7. Hand all this stuff off to Firecracker and tell it to boot .
+
+As I've been interested in playing with both containerd's API and firecracker, I thought it would be a good opportunity to try to implement this.