Run Gitpod on a Firecracker MicroVM

[domderen]

Is your feature request related to a problem? Please describe

This feature request is related to issue #4889 and all other issues that require a more sophisticated dev machine setup, where building it inside a docker container proves to be a real hassle and requires a lot of hacks to get it to work.

Describe the behaviour you'd like

After watching a great presentation on Firecracker made by @alexellis & @richardcase and reading up a bit more about Firecracker itself, I started wondering if this might be a better solution to running sophisticated Gitpod development environments than trying to figure out how to make them work in a Docker container running on Kubernetes.

I really liked the idea of Gitpod when I first saw it. I saw it as a super convenient tool for working on open source projects, where I wouldn't need to setup whole development machine, just to contribute back to a project. Setting up all required software can be a lot of work, and can quickly discourage people from contributing. On the other hand, clicking the Gitpod button in GitHub/Gitlab UI, and within seconds landing on a machine that is capable of building the project & running all unit tests makes it super easy to understand how the project works and lets someone contribute easily. Gitpod already achieved this for web projects. And it works like a charm!

Unfortunately, achieving the same result on more complicated projects, for example ones that require k3s as part of their development setup, is hard to achieve in Gitpod. Getting k3s to work properly in docker, while making it secure to run in managed environments like Gitpod and keeping reasonable performance seems to be a herculean task.

Instead, I'd like to propose a new type of Gitpod environment. One that runs using something like Weave Ignite and/or firecracker-containerd to create a development environment inside a Firecracker microVM. Such an environment could have all the advantages of current docker based Gitpod environments, while avoiding the inception-like problems of trying to setup k3s inside a docker container that itself is running on a kubernetes cluster.

I'm wondering if such a solution sounds feasible inside Gitpod?

Describe alternatives you've considered

The alternative is what people are trying to do in #4889 by trying to make k3s work inside current Gitpod environment. I'm sure someone will figure it out eventually, but I'm not sure if the juice is worth the squeeze...

[alexellis]

Thanks for the ping

This feature request is related to issue #4889 and all other issues that require a more sophisticated dev machine setup, where building it inside a docker container proves to be a real hassle and requires a lot of hacks to get it to work.

That's the beauty of a VM instead of a container. You can be root, safely and use the machine as per normal.

I don't know your personal affiliation to GitPod the company, but there's nothing stopping from running code-server in a Firecracker VM today. Feel free to reach out to me if you'd like to learn more.

[domderen]

Hey Alex!

Thanks for joining the conversation :) After watching your presentation I assumed it wouldn't be too hard to run GitPod's standard code-server in a Firecracker VM today. The reason I created this issue, is that I would love to see this feature become a part of GitPod.

I'm not affiliated with GitPod other than being a free user of their services. But from the first moment I saw it, I loved the simplicity of having code-servers available on demand in 30 seconds. In addition to offering a free tier, they also came up with their .gitpod.yml config files for defining all dependencies required for running a dev env for your project. Imagine new OpenFaaS contributors being able to click that GitPod button:

and landing on a virtual environment with all the tooling required to run the project, and with the binary already pre-built, and all tests already pre-executed. This is possible today... Or rather would be, if OpenFaaS wouldn't require things like k3s for a dev setup :)

I think GitPod is doing much better job than GitHub Codespaces does in this area, and weirdly they remind me of early GitHub in that spirit ^^ Their service could make it much simpler for first-timers to contribute to open source projects out there.

I personally found them, when I wanted to contribute to Argo-Dataflow. The dev env requirements there are also quite big, and it took me a significant amount of time to run the project locally on my laptop. I wanted to make it simpler for others, and create the .gitpod.yml file for the project, but I found out I can't run all the required dependencies in a GitPod.

I think a connection of GitPod's simplicity & Firecracker microVM's capabilities, could be the best thing that happened to open source since Linus invented git!

Anyways, enough drooling :) Alex, I would greatly appreciate any comments you might have on how such a connection might be possible. I didn't dig too much into GitPod's source code yet, I thought I'll first start a conversation here and see if that's even something that GitPod might be interested in. But on a high-level I assume that it would be cool to have some kind of kubernetes operator that is able to run Firecracker microVMs as CRDs while probably using something like Firecracker-Containerd to schedule those VMs on dedicated machines. Any thoughts on that?

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[jbduncan]

I think it's worth re-opening this issue. :)

[richardcase]

I think it's worth re-opening this issue. :)

Same here :+1:

[gtsiolis]

Thanks @jbduncan @richardcase! Let me reopen this and loop in @atduarte and @kylos101 from the Workspace team in case this is something we'd like to work on. 🏓

Cross-linking also relevant discussion (internal). Cc @utam0k @Furisto @aledbf

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.