LinuxCommandLibrary

cs-launch

Launch compute-server processes

TLDR

Launch a specific application with arguments

$ cs launch [application_name] -- [argument1 argument2 ...]
copy

Launch a specific application version with arguments
$ cs launch [application_name]:[application_version] -- [argument1 argument2 ...]
copy

Launch a specific version of an application specifying which is the main file
$ cs launch [group_id]:[artifact_id]:[artifact_version] --main-class [path/to/main_class_file]
copy

Launch an application with specific Java options and JVM memory ones
$ cs launch --java-opt [-Doption_name1:option_value1 -Doption_name2:option_value2 ...] --java-opt [-Xjvm_option1 -Xjvm_option2 ...] [application_name]
copy

SYNOPSIS

cs-launch [OPTIONS] BUNDLEDIR [COMMAND [ARGS...]]

PARAMETERS

-b, --bundle DIR
    Path to OCI bundle directory containing config.json and rootfs.

-u, --url URL
    URL for hypervisor image or kernel (overrides bundle).

--cpu COUNT
    Number of virtual CPUs to allocate.

--memory, -m MB
    Amount of memory in MB.

-k, --kernel PATH
    Path to guest kernel image.

--initrd PATH
    Path to initrd image.

--rootless
    Enable rootless mode (user namespaces).

-d, --debug
    Enable debug logging.

-h, --help
    Show help message.

DESCRIPTION

cs-launch is a command-line tool from Intel's Clear Containers project, designed to run OCI-compliant containers inside lightweight KVM virtual machines for superior isolation. It combines container efficiency with VM security, ideal for multi-tenant environments.

Unlike software-isolated runtimes like runc, cs-launch boots a minimal guest kernel and runs the container payload in hardware-virtualized isolation, mitigating container escape risks. It integrates with containerd, CRI-O, or Docker via a compatible shim.

Key benefits include near-native performance, support for standard OCI bundles, and features like direct device passthrough. Primarily used in Clear Linux OS and enterprise cloud setups. Requires KVM support and virtualization-enabled CPU.

CAVEATS

Requires KVM module loaded and /dev/kvm access; typically needs root or CAP_SYS_ADMIN. Not compatible with all OCI features; performance overhead ~5-10%. Deprecated in favor of Kata Containers.

EXAMPLE USAGE

cs-launch -b /path/to/bundle --memory 1024 /bin/sh
Launches interactive shell in bundle with 1GB RAM.

CONFIGURATION

Edit config.json in bundle for mounts, env vars, etc. See OCI spec.

HISTORY

Developed by Intel in 2015 for Clear Linux OS as part of Clear Containers project. Reached v2.0 in 2017 with OCI support. Evolved into open-source Kata Containers in 2017-2018, but cs-launch remains in Clear Linux bundles.

SEE ALSO

runc(8), kata-runtime(8), containerd(8), lxc-start(1)

Copied to clipboard