diff --git a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
index f065039c13..8df4c14740 100644
--- a/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
+++ b/tools/packaging/kata-deploy/local-build/dockerbuild/Dockerfile
@@ -9,26 +9,14 @@ ENV INSTALL_IN_GOPATH=false
 ADD install_yq.sh /usr/bin/install_yq.sh
 
 
-RUN apt-get update
-RUN apt-get install -y curl
-RUN apt-get install -y sudo
+# yq installer deps
+RUN apt update && apt-get install -y curl sudo
 
 # Install yq
 RUN install_yq.sh
 
-# Install docker-cli
-RUN sudo apt-get -y install \
-    apt-transport-https \
-    ca-certificates \
-    curl \
-    gnupg \
-    lsb-release
-RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
-RUN echo \
-  "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
-  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
-RUN apt-get update
-RUN apt-get install docker-ce-cli -y
+RUN curl -fsSL https://get.docker.com -o get-docker.sh
+RUN sh get-docker.sh
 
 ARG IMG_USER=kata-builder
 ARG UID=1000
@@ -37,11 +25,13 @@ RUN if [ ${IMG_USER} != "root" ]; then groupadd --gid=${GID} ${IMG_USER};fi
 RUN if [ ${IMG_USER} != "root" ]; then adduser ${IMG_USER} --uid=${UID} --gid=${GID};fi
 RUN sh -c "echo '${IMG_USER} ALL=NOPASSWD: ALL' >> /etc/sudoers"
 
-RUN apt install -y git
-RUN apt install -y make
-
-# kata deps
-RUN apt install -y golang
+#FIXME: gcc is required as agent is build out of a container build.
+RUN apt-get update && \
+  apt install -y \
+  gcc \
+  git \
+  make \
+  xz-utils
 
 ENV USER ${IMG_USER}
 USER ${UID}:${GID}
diff --git a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
index 508fbf7a8f..410af1173b 100755
--- a/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
+++ b/tools/packaging/kata-deploy/local-build/kata-deploy-binaries.sh
@@ -24,6 +24,7 @@ readonly firecracker_builder="${repo_root_dir}/tools/packaging/static-build/fire
 readonly kernel_builder="${repo_root_dir}/tools/packaging/static-build/kernel/build.sh"
 readonly qemu_builder="${repo_root_dir}/tools/packaging/static-build/qemu/build-static-qemu.sh"
 readonly rootfs_builder="${repo_root_dir}/tools/packaging/guest-image/build_image.sh"
+readonly shimv2_builder="${repo_root_dir}/tools/packaging/static-build/shim-v2/build.sh"
 
 workdir="${WORKDIR:-$PWD}"
 
@@ -137,21 +138,9 @@ install_clh() {
 
 #Install all components that are not assets
 install_shimv2() {
-	pushd "${repo_root_dir}/src/runtime"
-	echo "Build"
-	make \
-		PREFIX="${prefix}" \
-		QEMUCMD="qemu-system-x86_64"
-	echo "Install"
-	make PREFIX="${prefix}" \
-		DESTDIR="${destdir}" \
-		install
-	popd
-	sed -i -e '/^initrd =/d' "${destdir}/${prefix}/share/defaults/${project}/configuration-qemu.toml"
-	sed -i -e '/^initrd =/d' "${destdir}/${prefix}/share/defaults/${project}/configuration-fc.toml"
-	pushd "${destdir}/${prefix}/share/defaults/${project}"
-	ln -sf "configuration-qemu.toml" configuration.toml
-	popd
+	GO_VERSION="$(yq r ${versions_yaml} languages.golang.meta.newest-version)"
+	export GO_VERSION
+	DESTDIR="${destdir}" PREFIX="${prefix}" "${shimv2_builder}"
 }
 
 get_kata_version() {
diff --git a/tools/packaging/static-build/shim-v2/Dockerfile b/tools/packaging/static-build/shim-v2/Dockerfile
new file mode 100644
index 0000000000..5553d28d54
--- /dev/null
+++ b/tools/packaging/static-build/shim-v2/Dockerfile
@@ -0,0 +1,13 @@
+# Copyright (c) 2021 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+FROM ubuntu
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y make curl sudo gcc
+
+ADD install_go.sh /usr/bin/install_go.sh
+ARG GO_VERSION
+RUN install_go.sh "${GO_VERSION}"
+ENV PATH=/usr/local/go/bin:${PATH}
diff --git a/tools/packaging/static-build/shim-v2/build.sh b/tools/packaging/static-build/shim-v2/build.sh
new file mode 100755
index 0000000000..4d63f7f4cf
--- /dev/null
+++ b/tools/packaging/static-build/shim-v2/build.sh
@@ -0,0 +1,44 @@
+#!/bin/bash
+#
+# Copyright (c) 2021 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)"
+readonly kernel_builder="${repo_root_dir}/tools/packaging/kernel/build-kernel.sh"
+
+
+GO_VERSION=${GO_VERSION}
+
+DESTDIR=${DESTDIR:-${PWD}}
+PREFIX=${PREFIX:-/opt/kata}
+container_image="shim-v2-builder"
+
+sudo docker build  --build-arg GO_VERSION="${GO_VERSION}" -t "${container_image}" "${script_dir}"
+
+arch=$(uname -m)
+if [ ${arch} = "ppc64le" ]; then
+	arch="ppc64"
+fi
+
+sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
+	-w "${repo_root_dir}/src/runtime" \
+	"${container_image}" \
+	bash -c "make PREFIX=${PREFIX} QEMUCMD=qemu-system-${arch}"
+
+sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
+	-w "${repo_root_dir}/src/runtime" \
+	"${container_image}" \
+	bash -c "make PREFIX="${PREFIX}" DESTDIR="${DESTDIR}" install"
+
+sudo sed -i -e '/^initrd =/d' "${DESTDIR}/${PREFIX}/share/defaults/kata-containers/configuration-qemu.toml"
+sudo sed -i -e '/^initrd =/d' "${DESTDIR}/${PREFIX}/share/defaults/kata-containers/configuration-fc.toml"
+
+pushd "${DESTDIR}/${PREFIX}/share/defaults/kata-containers"
+	sudo ln -sf "configuration-qemu.toml" configuration.toml
+popd
diff --git a/tools/packaging/static-build/shim-v2/install_go.sh b/tools/packaging/static-build/shim-v2/install_go.sh
new file mode 100755
index 0000000000..653b9ad412
--- /dev/null
+++ b/tools/packaging/static-build/shim-v2/install_go.sh
@@ -0,0 +1,98 @@
+#!/bin/bash
+#
+# Copyright (c) 2018 Intel Corporation
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
+set -o errexit
+set -o nounset
+set -o pipefail
+
+tmp_dir=$(mktemp -d -t install-go-tmp.XXXXXXXXXX)
+script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+script_name="$(basename "${BASH_SOURCE[0]}")"
+force=""
+
+install_dest="/usr/local/"
+
+finish() {
+	rm -rf "$tmp_dir"
+}
+
+die() {
+	echo >&2 "ERROR: $*"
+	exit 1
+}
+
+info() {
+	echo "INFO: $*"
+}
+
+usage(){
+	exit_code="$1"
+	cat <<EOT
+Usage:
+
+${script_name} [options]
+
+Example:
+${script_name}
+
+Options
+-d <path> : destination path, path where go will be installed.
+EOT
+
+	exit "$exit_code"
+}
+
+trap finish EXIT
+
+pushd "${tmp_dir}"
+
+while getopts "d:fhp" opt
+do
+	case $opt in
+		d)	install_dest="${OPTARG}" ;;
+		f)	force="true" ;;
+		h)	usage 0 ;;
+	esac
+done
+
+shift $(( $OPTIND - 1 ))
+
+
+go_version=${1:-}
+
+if [ -z "$go_version" ];then
+	echo "Missing go"
+	usage 1
+fi
+
+if command -v go; then
+	[[ "$(go version)" == *"go${go_version}"* ]] && \
+		info "Go ${go_version} already installed" && \
+		exit
+	if [ "${force}" = "true" ]; then
+		info "removing $(go version)"
+		sudo rm -rf "${install_dest}/go"
+	else
+		die "$(go version) is installed, use -f or remove it before install go ${go_version}"
+	fi
+fi
+
+case "$(uname -m)" in
+	aarch64) goarch="arm64";;
+	ppc64le) goarch="ppc64le";;
+	x86_64) goarch="amd64";;
+	s390x) goarch="s390x";;
+	*) echo "unsupported architecture: $(uname -m)"; exit 1;;
+esac
+
+info "Download go version ${go_version}"
+kernel_name=$(uname -s)
+curl -OL "https://storage.googleapis.com/golang/go${go_version}.${kernel_name,,}-${goarch}.tar.gz"
+info "Install go"
+mkdir -p "${install_dest}"
+sudo tar -C "${install_dest}" -xzf "go${go_version}.${kernel_name,,}-${goarch}.tar.gz"
+popd