Ignite – Micro VMs and containers combined.

5 minutes read

Ignite allows to start Virtual Machines (VM) almost similar to docker containers.

[Ignite] combines Firecracker MicroVMs with Docker / OCI images to unify containers and VMs.

https://github.com/weaveworks/ignite

This post contains some context about micro VMs and my first experiments with ignite version 0.4.2.

Micro VMs

Virtual Machines are different than containers in many ways. VM startup time is often longer than container startup time, because the VM stack contains more layers. Compared with most of the container technologies, there is more isolation in VMs.

There are some Micro VM initiaves that try to combine these advantages of both, VMs & containers e.g.:

Ignite does also combines the advantages of VMs and containers and supports the GitOps idea. That is why ignite is part of the list although it uses firecracker.

The list above is originated from the CFN list of Combatting FUD (fear, uncertainty, doubt) Around MicroVMs (CFN Testbed presentation):

Some of the projects in the list do add a sandbox like layer around containers, others like ignite focus on execution of actual VMs.

Ignite Experiments

The installation as well as all ignite commands require root permissions:

~# export VERSION=v0.4.2
~# curl -fLo ignite https://github.com/weaveworks/ignite/
releases/download/${VERSION}/ignite

...
~# chmod +x ignite
~# mv ignite /usr/local/bin
~# ignite version
Ignite version: version.Info
{Major:"0", Minor:"4", GitVersion:"v0.4.2",
GitCommit:"7df18eaecf321424b347de6795609f6b59763bb8",
GitTreeState:"clean",
BuildDate:"2019-07-16T18:21:02Z", GoVersion:"go1.12.7",
Compiler:"gc", Platform:"linux/amd64"}
Firecracker version: v0.17.0

Run the first VM as in the ignite documentation.

~# ignite run weaveworks/ignite-ubuntu --name my-vm
--cpus 2 --memory 1GB --size 6GB --ssh
INFO[0000] Starting image import…
INFO[0008] Imported OCI image "weaveworks/ignite-ubuntu:latest"....
INFO[0009] Imported OCI image "weaveworks/ignite-kernel:4.19.47"....
INFO[0011] Created VM with ID "c3a..." and name "my-vm"
INFO[0014] Started Firecracker VM "c3a..." in a container with ID ...
root@lothar-ThinkPad-X250:~# ignite ssh my-vm
Welcome to Ubuntu 18.04.2 LTS ...

Starting the VM was really quick indeed. Inside the vm:

~# free -h
total used free shared buff/cache available
Mem: 990M 32M 916M 124K 41M 867M
Swap: 0B 0B 0B
~# who am I
root pts/0 Jul 20 08:27 (172.17.0.1)
~# cat /etc/*release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"
NAME="Ubuntu"
VERSION="18.04.2 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.2 LTS"
...

#CTRL-D to leave the vm

Run a VM based on one of my docker containers:

~# ignite run lotharschulz/hellogo:build.docker-min-compress--0.2.108
-p 1234:1234 --name hellogo-vm --cpus 2 --memory 1GB --size 6GB --ssh
INFO[0000] Docker image
"lotharschulz/hellogo:build.docker-min-compress--0.2.108"
not found locally, pulling…
INFO[0006] Starting image import…
INFO[0007] Imported OCI image
"lotharschulz/hellogo:build.docker-min-compress--0.2.108"
(4.6 MB) to base image with UID "cb3..."
INFO[0008] Created VM with ID "80f..."
and name "hellogo-vm"
INFO[0010] Started Firecracker VM "80f..."
in a container with ID "363..."

Check the VM state:

~# ignite vm
VM ID IMAGE KERNEL CREATED SIZE CPUSMEMORY STATE IPS PORTS NAME
80f...
lotharschulz/hellogo:build.docker-min-compress--0.2.108
weaveworks/ignite-kernel:4.19.47
29s ago
6.0 GB
2
1024.0 MB
Stopped
0.0.0.0:1234->1234
hellogo-vm
c3a...
weaveworks/ignite-ubuntu:latest
weaveworks/ignite-kernel:4.19.47
4m23s ago
6.0 GB
2
1024.0 MB
Running 172.17.0.2
my-vm

The status is Stopped, most likely because the underlying Dockerfile uses Docker’s reserved, minimal image, scratch, as a starting point.

Run another docker image (based on alpine) as VM:

~# ignite run
lotharschulz/hellogo:build.dockerbuilder--0.2.108
-p 1234:1234 --name hellogo-vm2 --cpus 2 --memory 1GB --size 6GB --ssh

INFO[0001] Created VM with ID "285"
and name "hellogo-vm2"
INFO[0003] Started Firecracker VM "285..."
in a container with ID "5de..."

Check the state of VMs again:

~# ignite vm
VM ID IMAGE KERNEL CREATED SIZE CPUSMEMORY STATE IPS PORTS NAME
285...
lotharschulz/hellogo:build.dockerbuilder--0.2.108
weaveworks/ignite-kernel:4.19.47
22s ago
6.0 GB
2
1024.0 MB
Running
172.17.0.3
0.0.0.0:1234->1234
hellogo-vm2
80f...
lotharschulz/hellogo:build.docker-min-compress--0.2.108
weaveworks/ignite-kernel:4.19.47
2m50s ago
6.0 GB
2
1024.0 MB
Stopped
0.0.0.0:1234->1234
hellogo-vm
c3a...
weaveworks/ignite-ubuntu:latest
weaveworks/ignite-kernel:4.19.47
6m44s ago
6.0 GB
2
1024.0 MB
Running 172.17.0.2
my-vm

This time the state of VM hellogo-vm2 is running.

Lets try accessing the service:

~# curl http://localhost:1234
curl: (56) Recv failure: Connection reset by peer

Hmm … Maybe inspecting the VM provides more details.

~# ignite inspect vm hellogo-vm2
{
"kind": "VM",
"apiVersion": "ignite.weave.works/v1alpha1",
"metadata": {
"name": "hellogo-vm2",
"uid": "2855c3554cd12be8",
"created": "2019-07-20T08:32:27Z"
},
"spec": {
"image": {
"ociClaim": {
"type": "Docker",
"ref": "lotharschulz/hellogo:build.dockerbuilder--0.2.108"
}
},
"kernel": {
"ociClaim": {
"type": "Docker",
"ref": "weaveworks/ignite-kernel:4.19.47"
},
"cmdLine": "console=ttyS0 reboot=k panic=1 pci=off ip=dhcp"
},
"cpus": 2,
"memory": "1GB",
"diskSize": "6GB",
"network": {
"mode": "docker-bridge",
"ports": [
{
"hostPort": 1234,
"vmPort": 1234
}
]
},
"ssh": true
},
"status": {
"state": "Running",
"ipAddresses": [
"172.17.0.3"
],
"image": {
"id": "sha256:34f...",
"size": "11979354B",
"repoDigests": [
"lotharschulz/hellogo@sha256:214...."
]
},
"kernel": {
"id": "sha256:a18...",
"size": "51464393B",
"repoDigests": [
"weaveworks/ignite-kernel@sha256:bfa..."
]
}
}
}

Can I ssh into the VM?

~# ignite ssh hellogo-vm2
ssh: connect to host 172.17.0.3 port 22: Connection refused
WARN[0000] SSH command terminated

Hmm … Lets try other service connection attempts :

~# curl 172.17.0.3
curl: (7) Failed to connect to 172.17.0.3 port 80: Connection refused
~# curl 172.17.0.3:1234
curl: (7) Failed to connect to 172.17.0.3 port 1234: Connection refused

~# curl localhost:1234
curl: (7) Failed to connect to localhost port 1234: Connection refused

~# curl localhost
curl: (7) Failed to connect to localhost port 80: Connection refused

Removing the ignite installation:

~# rm -f $(ignite ps -aq)
~# rm -r /var/lib/firecracker
~# rm /usr/local/bin/ignite

Conclusion

Ignite is defenitly worth a try. VM startup time was great. I did not try ignite powered GitOps yet and may do that with future releases.

Lothar Schulz

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.