ostree native containers / CoreOS layering
Summary
Enhance the (rpm-)ostree stack to natively support OCI/Docker containers as a transport and delivery mechanism for operating system content.
This is the basis of https://github.com/coreos/enhancements/blob/main/os/coreos-layering.md
Owner
- Name: Colin Walters
- Email: walters@verbum.org
Current status
- Targeted release: Fedora Linux 36
- Last updated: 2021-11-22
- FESCo issue: <will be assigned by the Wrangler>
- Tracker bug: <will be assigned by the Wrangler>
- Release notes tracker: <will be assigned by the Wrangler>
Detailed Description
Having the Fedora ecosystem (from users to release engineering) maintain tooling that operates on all three of "container images", RPMs, and OSTree updates is a maintenance burden.
This proposes that:
- The ostree stack is enhanced to support encapsulating/unencapsulating ostree commits as OCI/Docker images (DONE)
- rpm-ostree is updated to consume this, while still supporting all its current features (e.g. per-machine package layering) (DONE)
- We ship e.g.
quay.io/fedora/coreos:stable
andquay.io/fedora/silverblue:36
etc. - We support deriving new user custom images from these images
- We enhance this tooling to support chunking
For more details, please see:
Feedback
Benefit to Fedora
- Stronger focus on Docker/OCI as transport for operating system and applications
- New ability to easily create derived operating system images "server side"
- More benefit from e.g. work on container deltas
Scope
- Proposal owners:
Lots of detailed items listed in the rpm-ostree/CoreOS docs.
- Other developers: The "other" here is vague, but certainly developing this so far has needed cooperation with e.g. the containers/ organization etc.
- Release engineering: https://pagure.io/releng/issue/10399
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives: No
Upgrade/compatibility impact
Each individual edition/spin would need to choose when and how to make a cutover to containers as a transport. The Fedora OSTree repository would continue to be maintained until that is finished.
How To Test
See the examples under https://coreos.github.io/rpm-ostree/container/
User Experience
Users of rpm-ostree systems will primarily interact with container images.
Dependencies
Release engineering.
Contingency Plan
- Contingency mechanism: Continue to ship updates via baseline OSTree
- Blocks release? No
Documentation
Already linked above to avoid duplicating it here.