feat: add init-image flag to allow specifying custom init filesystem images per VM

Author: manuschillerdev

Sources/ContainerCommands/Container/ContainerCreate.swift

@@ -82,7 +82,7 @@ extension Application {
             )
 
             let options = ContainerCreateOptions(autoRemove: managementFlags.remove)
-            let container = try await ClientContainer.create(configuration: ck.0, options: options, kernel: ck.1)
+            let container = try await ClientContainer.create(configuration: ck.0, options: options, kernel: ck.1, initImage: ck.2)
 
             if !self.managementFlags.cidfile.isEmpty {
                 let path = self.managementFlags.cidfile

Sources/ContainerCommands/Container/ContainerRun.swift

@@ -111,7 +111,8 @@ extension Application {
             let container = try await ClientContainer.create(
                 configuration: ck.0,
                 options: options,
-                kernel: ck.1
+                kernel: ck.1,
+                initImage: ck.2
             )
 
             let detach = self.managementFlags.detach

Sources/Services/ContainerAPIService/Client/ClientContainer.swift

@@ -78,7 +78,8 @@ extension ClientContainer {
     public static func create(
         configuration: ContainerConfiguration,
         options: ContainerCreateOptions = .default,
-        kernel: Kernel
+        kernel: Kernel,
+        initImage: String? = nil
     ) async throws -> ClientContainer {
         do {
             let client = Self.newXPCClient()
@@ -91,6 +92,10 @@ extension ClientContainer {
             request.set(key: .kernel, value: kdata)
             request.set(key: .containerOptions, value: odata)
 
+            if let initImage {
+                request.set(key: .initImage, value: initImage)
+            }
+
             try await xpcSend(client: client, message: request)
             return ClientContainer(configuration: configuration)
         } catch {

Sources/Services/ContainerAPIService/Client/Flags.swift

@@ -142,6 +142,12 @@ public struct Flags {
         )
         public var kernel: String?
 
+        @Option(
+            name: .long,
+            help: .init("Use a custom init image instead of the default", valueName: "image")
+        )
+        public var initImage: String?
+
         @Option(name: [.short, .customLong("label")], help: "Add a key=value label to the container")
         public var labels: [String] = []
 

Sources/Services/ContainerAPIService/Client/Utility.swift

@@ -82,7 +82,7 @@ public struct Utility {
         registry: Flags.Registry,
         imageFetch: Flags.ImageFetch,
         progressUpdate: @escaping ProgressUpdateHandler
-    ) async throws -> (ContainerConfiguration, Kernel) {
+    ) async throws -> (ContainerConfiguration, Kernel, String?) {
         var requestedPlatform = Parser.platform(os: management.os, arch: management.arch)
         // Prefer --platform
         if let platform = management.platform {
@@ -241,7 +241,7 @@ public struct Utility {
         config.ssh = management.ssh
         config.readOnly = management.readOnly
 
-        return (config, kernel)
+        return (config, kernel, management.initImage)
     }
 
     static func getAttachmentConfigurations(containerId: String, networks: [Parser.ParsedNetwork]) throws -> [AttachmentConfiguration] {

Sources/Services/ContainerAPIService/Client/XPC+.swift

@@ -106,6 +106,9 @@ public enum XPCKeys: String {
     case systemPlatform
     case kernelForce
 
+    /// Init image reference
+    case initImage
+
     /// Volume
     case volume
     case volumes

Sources/Services/ContainerAPIService/Server/Containers/ContainersHarness.swift

@@ -187,7 +187,9 @@ public struct ContainersHarness: Sendable {
         let config = try JSONDecoder().decode(ContainerConfiguration.self, from: data)
         let kernel = try JSONDecoder().decode(Kernel.self, from: kdata)
 
-        try await service.create(configuration: config, kernel: kernel, options: options)
+        let initImage = message.string(key: .initImage)
+
+        try await service.create(configuration: config, kernel: kernel, options: options, initImage: initImage)
         return message.reply()
     }
 

Sources/Services/ContainerAPIService/Server/Containers/ContainersService.swift

@@ -192,7 +192,7 @@ public actor ContainersService {
     }
 
     /// Create a new container from the provided id and configuration.
-    public func create(configuration: ContainerConfiguration, kernel: Kernel, options: ContainerCreateOptions) async throws {
+    public func create(configuration: ContainerConfiguration, kernel: Kernel, options: ContainerCreateOptions, initImage: String? = nil) async throws {
         self.log.debug("\(#function)")
 
         try await self.lock.withLock { context in
@@ -233,11 +233,14 @@ public actor ContainersService {
 
             let path = self.containerRoot.appendingPathComponent(configuration.id)
             let systemPlatform = kernel.platform
-            let initFs = try await self.getInitBlock(for: systemPlatform.ociPlatform())
+
+            // Fetch init image (custom or default)
+            self.log.info("Using init image: \(initImage ?? ClientImage.initImageRef)")
+            let initFilesystem = try await self.getInitBlock(for: systemPlatform.ociPlatform(), imageRef: initImage)
 
             let bundle = try ContainerResource.Bundle.create(
                 path: path,
-                initialFilesystem: initFs,
+                initialFilesystem: initFilesystem,
                 kernel: kernel,
                 containerConfiguration: configuration
             )
@@ -602,8 +605,9 @@ public actor ContainersService {
         return options
     }
 
-    private func getInitBlock(for platform: Platform) async throws -> Filesystem {
-        let initImage = try await ClientImage.fetch(reference: ClientImage.initImageRef, platform: platform)
+    private func getInitBlock(for platform: Platform, imageRef: String? = nil) async throws -> Filesystem {
+        let ref = imageRef ?? ClientImage.initImageRef
+        let initImage = try await ClientImage.fetch(reference: ref, platform: platform)
         var fs = try await initImage.getCreateSnapshot(platform: platform)
         fs.options = ["ro"]
         return fs