Attempting to replicate AWS Lambda locally for debugging purposes

[teticio]

Hi

Thank you so much for open-sourcing this. I am trying to debug an AWS Lambda function from an image but am unable to reproduce the issue locally (even setting --cpus 1 -m 1024m --read-only --tmpfs /tmp:rw,exec,size=512m --security-opt seccomp=x86_64-unknown-linux-musl.json). I figured that being able to exactly reproduce a Lambda function locally might be useful to other people.

So far I have managed to

• Export the AMI used by AWS Lambda
• Extract vmlinux.bin and create a rootfs.img from the AMI that allow me to run a shell in firecracker.
• Create a initrd.img using https://github.com/marcov/firecracker-initrd.
• Build a (Debian) rootfs.img and get firecracker-containerd working with the hello-vmlinux.bin as per the guide.

In order to boot the AWS Linux kernel used by Lambda in firecracker, I found that it was necessary to build my own initramfs.cpio (following the resources\rebuild.sh script in the firecracker repo otherwise I was gettting a

Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)  jailer=noop runtime=aws.firecracker vmID=73fbda0d-d4ef-4399-9537-3d92f892113a vmm_stream=stdout

The firecracker API allows me to set this via the initrd_path parameter, but I don't see any way to do this in firecracker-containerd and I am seeing the same kernel panic error when I try to run a container.

I have two questions:

1. Is there a way to get the root fs to mount?
2. How difficult would it be to create a rootfs.img from the Amazon Linux AMI? I have already managed to create one that works with firecracker, so I understand that I just need to install the agent and a few other bits and bobs.

[teticio]

Answering my own question (1), I managed to extract the sources for the kernel and rebuild, baking in the initramfs.cpio.

[teticio]

Managed to get it to work! Nice.