allow customizing chromium flags (#11)

* split up build and run

* allow customizing chromium flags

* Update shared/start-buildkit.sh

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Debian <admin@ip-10-0-2-186.ec2.internal>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: 3 people

containers/docker/Dockerfile

@@ -30,13 +30,7 @@ CHROME_PORT=9222  # External port mapped in Docker
 echo "Starting Chromium on internal port $INTERNAL_PORT"
 DISPLAY=:1 chromium \
   --remote-debugging-port=$INTERNAL_PORT \
-  --no-sandbox \
-  --disable-dev-shm-usage \
-  --disable-gpu \
-  --start-maximized \
-  --disable-software-rasterizer \
-  --remote-allow-origins=* \
-  --no-zygote >&2 &
+  ${CHROMIUM_FLAGS:-} >&2 &
 
 echo "Setting up ncat proxy on port $CHROME_PORT"
 ncat \

containers/docker/README.md

@@ -13,7 +13,7 @@ docker build -t onkernel/kernel-chromium:latest -f containers/docker/Dockerfile
 ## 2. Run the Container
 
 ```bash
-docker run -p 8501:8501 -p 8080:8080 -p 6080:6080 -p 9222:9222 kernel-chromium
+docker run -e CHROMIUM_FLAGS="--no-sandbox --disable-dev-shm-usage --disable-gpu --start-maximized --disable-software-rasterizer --remote-allow-origins=* --no-zygote" -p 8501:8501 -p 8080:8080 -p 6080:6080 -p 9222:9222 kernel-chromium
 ```
 
 This exposes three ports:
@@ -24,10 +24,12 @@ This exposes three ports:
 - `8501`: Streamlit interfaced used by Computer Use
 
 ## Live View Configuration
-You can set the browser width and height with the environment variables `WIDTH` and `HEIGHT` in the `docker run` command:
+You can set the browser width and height with the environment variables `WIDTH` and `HEIGHT`, and control Chromium startup flags with `CHROMIUM_FLAGS` in the `docker run` command:
 
 ```bash
-docker run -e WIDTH=1920 -e HEIGHT=1080 -p 8501:8501 -p 8080:8080 -p 6080:6080 -p 9222:9222 kernel-chromium
+docker run -e WIDTH=1920 -e HEIGHT=1080 \
+           -e CHROMIUM_FLAGS="--start-maximized --disable-gpu" \
+           -p 8501:8501 -p 8080:8080 -p 6080:6080 -p 9222:9222 kernel-chromium
 ```
 
 ## 👾 Connect via Chrome DevTools Protocol

shared/start-buildkit.sh

@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+# This script MUST be sourced (i.e. use `source start-buildkit.sh`).
+
+# Variable used by KraftKit, hence the requirement for sourcing the script
+export KRAFTKIT_BUILDKIT_HOST=docker-container://buildkit
+
+# Install container if not already installed.
+docker container inspect buildkit > /dev/null 2>&1
+if test $? -eq 0; then
+    echo "Container 'buildkit' is already installed. Nothing to do."
+else
+    echo "Installing 'buildkit' container ... "
+    docker run -d --name buildkit --privileged moby/buildkit:latest
+    return $?
+fi
+
+test "$(docker container inspect -f '{{.State.Running}}' buildkit 2> /dev/null)" = "true"
+if test $? -eq 0; then
+    echo "Container 'buidlkitd' is already running. Nothing to do."
+else
+    echo "Starting 'buildkit' container ... "
+    docker start buildkit
+    return $?
+fi

unikernels/unikraft-cu/README.md

@@ -11,8 +11,11 @@ This deploys headful Chromium on a unikernel. It also exposes a remote GUI throu
 ## 2. Add Unikraft Secret to Your CLI
 `export UKC_METRO=<region> and UKC_TOKEN=<secret>`
 
-## 3. Deploy the Implementation
-`./deploy.sh`
+## 3. Build the image
+`./build.sh`
+
+## 4. Run it
+`./run.sh`
 
 When the deployment finishes successfully, the Kraft CLI will print out something like this:
 ```

unikernels/unikraft-cu/build.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+# namespace here (onkernel) should match UKC_TOKEN's username
+image="onkernel/kernel-cu-test:latest"
+
+# fail if UKC_TOKEN and UKC_METRO are not set
+if [ -z "$UKC_TOKEN" ] || [ -z "$UKC_METRO" ]; then
+    echo "UKC_TOKEN and UKC_METRO must be set"
+    exit 1
+fi
+source ../../shared/start-buildkit.sh
+
+kraft pkg \
+  --name index.unikraft.io/$image \
+  --plat kraftcloud --arch x86_64 \
+  --strategy overwrite \
+  --push \
+  .

unikernels/unikraft-cu/deploy.sh

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+image="onkernel/kernel-cu-test:latest"
+name="kernel-cu-test"
+
+kraft cloud inst create \
+  --start 
+	-M 8192 \
+	-p 443:6080/http+tls \
+    -p 9222:9222/tls \
+	-e DISPLAY_NUM=1 \
+	-e HEIGHT=768 \
+	-e WIDTH=1024 \
+	-e HOME=/ \
+	-e CHROMIUM_FLAGS="--no-sandbox --disable-dev-shm-usage --disable-gpu --start-maximized --disable-software-rasterizer --remote-allow-origins=* --no-zygote" \
+	-n "$name" \
+    $image

unikernels/unikraft-cu/run.sh

@@ -24,13 +24,7 @@ CHROME_PORT=9222  # External port mapped to host
 echo "Starting Chromium on internal port $INTERNAL_PORT"
 DISPLAY=:1 chromium \
   --remote-debugging-port=$INTERNAL_PORT \
-  --no-sandbox \
-  --disable-dev-shm-usage \
-  --disable-gpu \
-  --start-maximized \
-  --disable-software-rasterizer \
-  --remote-allow-origins=* \
-  --no-zygote >&2 &
+  ${CHROMIUM_FLAGS:-} >&2 &
 echo "Setting up ncat proxy on port $CHROME_PORT"
 ncat \
   --sh-exec "ncat 0.0.0.0 $INTERNAL_PORT" \