Creator of matchlock here. You can directly use Docker/OCI compatible images (e.g. ubuntu:24.04) as the rootfs with the `--image` flag.
You can also build image with `matchlock build -f Dockerfile -t foo:bar .` - Under the hood it builds the image using buildkit inside the microvm.
Any chance you could look into potentially adding the option to use PVM (eg so a PVM mode instead of KVM) in your matchlock/firecracker implementation?
See https://blog.alexellis.io/how-to-run-firecracker-without-kvm...
Thanks for the response! How would matchlock microvms perform on a KVM VM without CPU passthrough, or is it not possible?