On Wed, Feb 9, 2022 at 1:29 PM Peter Bergin <[email protected]> wrote: > > Hi, > > I'm exploring the world of containers combined with Yocto. I can build a > container image and bundle that one with my rootfs image. The container > image is stored in the rootfs as a tar-file of a OCI image spec with the > content blobs, index.json and oci-layout. As per the description in > classes/image-oci.bbclass the way to run the container is to unpack the > file and the create the OCI runtime bundle and start it with runc. > > I have played around with docker and tried to import OCI image directly > in to docker store but have not succeeded. Anyone that knows if it is > possible? 'docker image import <oci-image>.tar does not give any errors > and the image shows up in 'docker images' but does not import the > correct rootfs.
There's no viable way to do this on the build side, and then have it appear in the image. I've experimented several times with this, and haven't found a decent solution. Running docker on the build host is a non-starter, which rules out many options. There's more options if you use podman versus docker for the container runtime, but I also haven't had time to finish anything there yet. To get the OCI images into docker, I bounce them through a registry and use docker pull. You can see the logs of that process in several of my yocto summit presentations. > > When creating the OCI image in image-oci.bbclass the process starts with > a bundle that is packaged as an image and compressed to a tar-file. > Given the above the whole process needs to be reverted on target to > start a container from that image. It should then be possible to just > install the bundle directly on target rootfs that directly can be > started with runc. Are there any drawbacks with this? I can see that a > tar-file is easier to distribute and install afterwards but my question > related to directly integrating an OCI-image to a Yocto rootfs-image. Nope, there's no drawbacks. The tar is just a convenience for moving the bundles around. It isn't an official OCI image format, just the unbundled directory format (it is just a bit odd compared to other image formats, which tend to be single files, so I created the tar step to be similar to them). You can definitely copy the OCI image directory onto the image, and have it be immediately runnable via runc. There's no common/defacto service to start the images on boot, but that's a fairly trivial thing to do with your init system of choice. (having a service to start those images on boot is on my TODO list, but I'm still tangled up with package uprev and golang, so I haven't gotten to it yet). Bruce > > Best regards, > > /Peter > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#7057): https://lists.yoctoproject.org/g/meta-virtualization/message/7057 Mute This Topic: https://lists.yoctoproject.org/mt/89028209/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
