Building your own Edera host kernel

⚠️

Advanced guide only
Most Edera users do not need to build their own kernel images. By default, Edera provides and maintains hardened kernel images that cover nearly all hosts.

Note

While you are welcome to use our public configs and CI templates to build our own kernel images, Edera only supports images built and signed by Edera’s production signing key. Do it yourself builds are unsupported by Edera.

This guide is for specialized cases such as:

Supply chain verification - Reproducing our kernel builds yourself using our open-source repo and Github CI actions
Custom hardware/silicon - Adding out-of-tree Linux drivers you cannot share with us

If you need help or need support for official images, contact our support team.

If you’re not already comfortable building and maintaining Linux kernels, stop here.

Minimum requirements

If you already know how to build a Linux kernel, these are the essentials your kernel must have to boot an Edera host.

Virtualization stack (required)

Edera maintains base config snippets you can use as references:

Host (hypervisor) kernel config

If you are using your own kernel and would like to ensure it supports Edera, reference the Host kernel config above and ensure the XEN related config options are enabled.

Full build guide (using Edera’s tooling)

If you want to use our open-source build system (CI or local), follow these steps:

Approach 1: Build locally (for debugging/iteration)

Step 1. Clone our repo:

git clone https://github.com/edera-dev/linux-kernel-oci.git
cd linux-kernel-oci

Step 2. Edit the config.yaml:

Reduce the architectures, flavors, and versions to reduce your build time. Helpful examples can be found in the linux-kernel-oci README.

Step 3. Customize configuration in configs/: Step 4. Build the container image:

./hack/build/docker-build.sh

[Optional] Step 5. Use or push the image:

Push the container image to a registry of your choice, for example, the free and ephemeral registry ttl.sh.

docker push ttl.sh/<user>/host-kernel:6.6.15

Inspect it:

crane export ttl.sh/<user>/host-kernel:6.6.15 - --platform=linux/amd64 | tar xf - -C ./output

Approach 2: Build with GitHub Actions

Step 1. Fork the edera-dev/linux-kernel-oci repo. Step 2. Review .github/workflows/build.yaml
Step 3. Edit the config.yaml to configure your registry and other settings.
Step 4. Trigger the Build Kernels job in GitHub Actions.

For full instructions, see Building your own kernels with custom KConfig.

Example workflow input (for the Build Kernels job):

stable:flavor=zone,host

Build Kernels Example

Using your custom kernel

Your host kernel will now be ready for us once it’s in your boot partition and GRUB is configured to boot it.

Note

You may need to run update-grub (or similar) to ensure the correct menu entry is generated, then configure GRUB to boot the Xen entry with your kernel.

Summary

Most users: use Edera’s provided and supported kernel images.
Advanced users: either (1) meet the bare minimum requirements with your own build, or (2) use our tooling to reproduce/extend our builds.

Last updated on 2025-10-02

Building your own Edera zone kernel Using a scratch disk with Edera