Feature or enhancement request details
Hey,
I am not sure if this request is in the scope of this project or the direction of the shim.
The use case I had in mind is (if approved and matches the direction of the project) to offer an additional flag which will expose the buildkit socket directly via TCP or socket.
This will allow buildkit compatible clients to register and use this builder.
Small demo:
-
Create a custom builder container with a custom wrapper script that starts buildkitd.
For demonstration purposes I created the script on the host at ${HOME}/Library/Application Support/com.apple.container/builder which is already mounted by default:
$ ps
PID USER TIME COMMAND
1 root 0:00 /usr/local/bin/container-builder-shim --debug --vsock --buildkitd-path /var/lib/container-builder-shim/exports/buildkitd-wrapper.sh
10 root 0:00 /usr/bin/buildkitd --addr unix:///run/buildkit/buildkitd.sock --addr tcp://0.0.0.0:18088
$ cat /var/lib/container-builder-shim/exports/buildkitd-wrapper.sh
#!/bin/sh
exec /usr/bin/buildkitd --addr unix:///run/buildkit/buildkitd.sock --addr tcp://0.0.0.0:18088 "$@"
-
Register the builder and verify it is responding:
$ docker buildx create --name socktainer-remote --driver remote tcp://192.168.64.4:18088 --use
socktainer-remote
$ docker buildx inspect socktainer-remote --bootstrap
Name: socktainer-remote
Driver: remote
Last Activity: 2026-04-11 15:23:22 +0000 UTC
Nodes:
Name: socktainer-remote0
Endpoint: tcp://192.168.64.9:18088
Status: running
BuildKit version: v0.26.2
Platforms: linux/arm64
Labels:
org.mobyproject.buildkit.worker.executor: oci
org.mobyproject.buildkit.worker.hostname: buildkit
org.mobyproject.buildkit.worker.network: host
org.mobyproject.buildkit.worker.oci.process-mode: sandbox
org.mobyproject.buildkit.worker.selinux.enabled: false
org.mobyproject.buildkit.worker.snapshotter: overlayfs
GC Policy rule#0:
All: false
Filters: type==source.local,type==exec.cachemount,type==source.git.checkout
Keep Duration: 48h0m0s
Max Used Space: 488.3MiB
GC Policy rule#1:
All: false
Keep Duration: 1440h0m0s
Reserved Space: 32GiB
GC Policy rule#2:
All: false
Reserved Space: 32GiB
GC Policy rule#3:
All: true
Reserved Space: 32GiB
-
Initiate a build using docker CLI:
docker build . -t test --builder socktainer-remote --load
[+] Building 0.8s (12/12) FINISHED remote:socktainer-remote
=> [internal] load build definition from Dockerfile 0.0s
=> => transferring dockerfile: 391B 0.0s
=> [internal] load metadata for docker.io/library/alpine:3 0.2s
=> [internal] load .dockerignore 0.0s
=> => transferring context: 2B 0.0s
=> [internal] load build context 0.0s
=> => transferring context: 338B 0.0s
=> [1/6] FROM docker.io/library/alpine:3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 0.0s
=> => resolve docker.io/library/alpine:3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 0.0s
=> CACHED [2/6] COPY config/config.yaml /app/config/config.yaml 0.0s
=> CACHED [3/6] COPY build/linux/arm64/ /usr/local/bin/ 0.0s
=> CACHED [4/6] COPY entrypoint.sh /app/entrypoint.sh 0.0s
=> CACHED [5/6] RUN chmod +x /app/entrypoint.sh 0.0s
=> CACHED [6/6] WORKDIR /app 0.0s
=> exporting to docker image format 0.5s
=> => exporting layers 0.0s
=> => exporting manifest sha256:02a58a4526c76d50143b7a1c5aa030c57844b9b937d028d965c32b6cce93a105 0.0s
=> => exporting config sha256:8dd7bc2b70e64bca774f3b82fd4045f96ee57e38b6c486e71998c133dc8fb4b1 0.0s
=> => sending tarball 0.5s
=> importing to docker
-
Verify image:
$ container image ls
NAME TAG DIGEST
test latest 9f1611b0f9a4c957b98d596f...
Code of Conduct
Feature or enhancement request details
Hey,
I am not sure if this request is in the scope of this project or the direction of the shim.
The use case I had in mind is (if approved and matches the direction of the project) to offer an additional flag which will expose the buildkit socket directly via TCP or socket.
This will allow buildkit compatible clients to register and use this builder.
Small demo:
Create a custom builder container with a custom wrapper script that starts
buildkitd.For demonstration purposes I created the script on the host at
${HOME}/Library/Application Support/com.apple.container/builderwhich is already mounted by default:$ ps PID USER TIME COMMAND 1 root 0:00 /usr/local/bin/container-builder-shim --debug --vsock --buildkitd-path /var/lib/container-builder-shim/exports/buildkitd-wrapper.sh 10 root 0:00 /usr/bin/buildkitd --addr unix:///run/buildkit/buildkitd.sock --addr tcp://0.0.0.0:18088 $ cat /var/lib/container-builder-shim/exports/buildkitd-wrapper.sh #!/bin/sh exec /usr/bin/buildkitd --addr unix:///run/buildkit/buildkitd.sock --addr tcp://0.0.0.0:18088 "$@"Register the builder and verify it is responding:
Initiate a build using docker CLI:
Verify image:
$ container image ls NAME TAG DIGEST test latest 9f1611b0f9a4c957b98d596f...Code of Conduct