AWS Open Source Blog

Ready for Flight: Announcing Finch 1.0 GA!

One year ago AWS announced a brand new open source project, Finch, a command line developer tool for building, running, and publishing Linux containers on macOS. The team and our growing community have been busy this year and we are excited to announce today that Finch has reached its 1.0 milestone for general availability (GA) and is ready for download at https://github.com/runfinch/finch/releases/tag/v1.0.0.  For 1.0 we focused on feature completeness, stability, performance, and ease of debug for issues that Finch users face. We want Finch to be a stable and performant runtime developer tool that makes it easy for users to accomplish their development tasks when building and running containers locally, and interacting with container registries. This 1.0 release represents our conviction that Finch is ready for production use as a container developer’s daily tool on macOS.

Finch depends on several open source projects, including Lima and nerdctl, and we’ve been actively collaborating in those projects. Lima provides the virtual machine in which a small Linux OS image runs the container runtime components. These runtime components include nerdctl, a wrapper for containerd that provides the common container lifecycle command line capabilities that developers are used to. We have added new features and capabilities by directly contributing to these upstream projects, and then are able to deliver these new features to users of Finch. Two specific features we contributed include container image signing, and support for both creating and running images using Seekable OCI (SOCI), an open source technology from AWS that enables containers to launch faster by lazily loading the container image.

Along the way we’ve solved unique challenges like environment variable passthrough to the Finch VM. Finch users expect the same commands they used with Docker to work out of the box, and solving environment variable pass-through in Finch, enhances the seamless transition of scripts and existing commands for Finch users. For AWS customers, we’ve integrated the Amazon Elastic Container Registry (Amazon ECR) credential helper. With the credential helper integration, Amazon ECR users no longer have to manually install it or periodically renew credentials from the command line, making use of Amazon ECR more seamless in Finch. We have also added AWS Cloud Development Kit (AWS CDK) integration in recent releases, allowing AWS CDK to use Finch to build container images when required. With this integration, Finch can now be used instead of Docker to build AWS CDK stacks that require image assets.

We’ve also spent time understanding how to make Finch as performant as possible to keep developers from losing productive time waiting for their developer tools. Early on, we added persistent disk support so that upgrading Finch doesn’t lose your useful work, such as your existing cache of downloaded container images. We also made improvements to the VM initialization time, cutting startup time in half for developers. Along the way, we introduced experimental support for Apple’s Virtualization Framework, providing additional performance speed-ups in the Finch VM. We created a benchmark tool that runs on every commit to validate that we preserve our existing performance metrics.

We have listened to the feedback from Finch users and the community, and addressed reported GitHub issues. We’ve improved the ability to troubleshoot issues experienced by Finch users by introducing the capability to generate support bundles, a collection of Finch-related logs and configs that will help debug issues.

We continue to provide signed, installable binaries for every release on GitHub. On macOS, the community added Homebrew support early on and for avid brew users, installing Finch is as easy as running brew install finch.

Finch now has a website with comprehensive documentation that serves as a central hub for Finch-related information, tutorials, and other resources to help developers get started with Finch. If you are new to Finch, refer to the Getting Started section on the Finch website to start using Finch for local container development.

As we announced in our initial blog post on Finch, the project is fully open source. All development and discussions take place within our GitHub repositories, and we invite anyone to contribute ideas, bug reports, and pull requests. We have held one public meeting this year to discuss the design and use cases for a Finch extensions framework. We are looking forward to more community meetings on topics of interest to community members and users of Finch in the future. Please reach out and let us know what you think would make Finch better as we move beyond this 1.0 milestone. We are available in the CNCF Slack workspace in the #finch channel to discuss any feedback or ideas, and you can also reach us via GitHub issues or discussions in our main repository.

Phil Estes

Phil Estes

Phil Estes is a Principal Engineer for Amazon Web Services (AWS), focused on core container technologies that power AWS container offerings like Fargate, EKS, and ECS. Phil is currently an active contributor and maintainer for the CNCF containerd runtime project, and participates in the Open Container Initiative (OCI) as the member of the Technical Oversight Board (TOB). Phil has also been a long-time core contributor and maintainer on the Docker/Moby engine project where he contributed key features like user namespace support and multi-platform image capabilities.