Bootstrap Firecracker

# Bootstrap Firecracker ## Metadata **Status**:: #x **Zettel**:: #zettel/literature **Created**:: [[2026-06-13]] **URL**:: [doitian/firecracker-bootstrap](https://github.com/doitian/firecracker-bootstrap) ## Kernel Choose a kernel from [ximuiuz](https://github.com/users/iximiuz/packages/container/labs%2Fkernelfs/versions), e.g., `6.18-fc-amd64`. Use `docker export` or Docker Manifest API to get the tarball of the kernel rootfs. ## Guest Rootfs Build the guest os create the ext4 disk file. See the example [Dockerfile](https://github.com/doitian/firecracker-bootstrap/blob/main/rootfs/bare-bones/Dockerfile) used to build a bare-bones guest system based on Alpine. Gotchas: - Add an init manager - Enable TTY It's recommended to copy the kernel rootfs to the guest as well. ## Network Set a TAP device in the host for guests ([Ref](https://github.com/firecracker-microvm/firecracker/blob/main/docs/getting-started.md)). The script [setup-host-network.sh](https://github.com/doitian/firecracker-bootstrap/blob/main/bin/setup-host-network.sh) creates the tap device, sets up routing using nft, and allow access to the tap device in ufw. In the guest, configure IP from MAC using the script [fcnet-setup.sh](https://github.com/firecracker-microvm/firecracker/blob/main/resources/rootfs/overlay/usr/local/bin/fcnet-setup.sh). Also configure the DNS for the guest. This is an example to create the script for Alpine in the guest rootfs Dockerfile: ```sh cat <<'SCRIPT' > /etc/local.d/fcnet.start #!/bin/sh set -eu devs=$(ip -o link show | sed -n 's/^[0-9]*: $[^:@]*$.*link\/ether 06:00:.*/\1/p') for dev in $devs; do mac=$(ip -o link show dev "$dev" | sed -n 's/.*link\/ether $..:..:..:..:..:..$.*/\1/p') # MAC 06:00:XX:YY:ZZ:WW encodes IP X.Y.Z.W (last 4 bytes) b2=$(printf "%.2s" "${mac#*:*:}") b3=$(printf "%.2s" "${mac#*:*:*:}") b4=$(printf "%.2s" "${mac#*:*:*:*:}") b5=$(printf "%.2s" "${mac#*:*:*:*:*:}") guest_ip="$(printf "%d.%d.%d.%d" "0x${b2}" "0x${b3}" "0x${b4}" "0x${b5}")" ip addr add "${guest_ip}/24" dev "$dev" ip link set "$dev" up ip route add default via "${guest_ip%.*}.1" dev "$dev" done echo "nameserver 1.1.1.1" > /etc/resolv.conf SCRIPT chmod +x /etc/local.d/fcnet.start ```