Offline/disconnected container images

Offline containers are containers which are stored in the operating system image, and made available to cri-o via the /etc/container/storage.conf additionalimagestores list.

What are offline container images

Offline containers are containers which are stored in the operating, or the operating system image for an ostree based system, and made available to cri-o via the /etc/container/storage.conf additionalimagestores list.

Those container images are accesible for cri-o to create containers. Those images cannot be deleted, but newer versions of those containers can be downloaded normally, which cri-o will store in the general R/W container storage of the system.

When to use offline container images

Offline containers are useful when the edge device will have restricted connectivity, or no connectivity at all. Those containers are also helpful to improve general MicroShift and application startup on first boot, since no images need to be downloaded from the network and the applications are readily available to cri-o

RPM packaging of container images

RPM packaging of container images into read-only container storage is offered via the paack tool as an experimental method to allow users to create ostree images containing the desired containers. RPM was not designed for storing files with numeric uids/gids, or containing extended attributes, although several workarounds allow this we are looking for better ways to provide this.

Offline MicroShift containers images

MicroShift uses a set of containers for the minimal components which can be installed on the operating system image, those are published here, and can also be manually built using: packaging/rpm/make-microshift-images-rpm.sh.

To install the MicroShift container images you can use:

curl -L -o /etc/yum.repos.d/microshift-containers.repo \
          https://copr.fedorainfracloud.org/coprs/g/redhat-et/microshift-containers/repo/fedora-35/group_redhat-et-microshift-containers-fedora-35.repo

rpm-ostree install microshift-containers

Or simply include this package when using image-builder.

How package your application and manifests as rpms for offline container storage

To package workload application container images we provide packaging/rpm/paack.py. This tool accepts a yaml definition, for which an example can be found here.

The tool can produce an srpm, rpm, or push a build to a copr repository.

Some example usages:

./paack.py rpm example-user-containers.yaml centos-stream-9-aarch64

The target OS is not important (centos-stream-9) but we need one os target compatible with the destination architecture.

./paack.py srpm example-user-containers.yaml

The produced srpm format contains the repository binaries and manifests for each architecture, then the build system unpacks the specific architecture for the build. The post install step of rpm configures the additionalimagestores in /etc/container/storage.conf

./paack.py copr example-user-containers.yaml mangelajo/my-app-containers
Last modified November 08, 2022 at 4:43 PM PST : Prominently link to getting started page (f5a5f19)
Last modified November 08, 2022 at 4:43 PM PST : Prominently link to getting started page (f5a5f19)