Copy directly to OCI runtime bundle format

containers / image

Work with containers' images

Apache License 2.0

859 stars 372 forks source link

Copy directly to OCI runtime bundle format #1103

Open jwendell opened 7 years ago

jwendell commented 7 years ago

Currently if we want to run runc on top of a downloaded image we must take 2 steps:

download the image with skopeo skopeo copy docker://busybox oci:busybox-oci
convert the image to a bundle format mkdir busybox-bundle oci-image-tool unpack busybox-oci busybox-bundle

What if skopeo could directly copy to a bundle format? Something like skopeo copy docker://busybox oci-bundle:busybox-bundle

Does it make sense?

runcom commented 7 years ago

Well, it does as something handy to have but we do have many tiny applications so that you can construct your flow as you wish (you can also use umoci to unpack images). That said, again, this does make sense to me if someone is willing to work on it :)

rhatdan commented 5 years ago

@jwendell @runcom @mtrmac @vrothberg Is this still something of interest or is what podman does enough to satisfy the need?

jwendell commented 5 years ago

I don't care anymore, feel free to close this :)

mtrmac commented 5 years ago

Thanks, closing.

(I would expect podman pull&podman run to be the convenient path for most users. Specialist uses of runc directly may emerge again, we can reopen then.)

DamienRobert commented 5 years ago

I would have liked this feature to test systemd-nspawn --oci-bundle=. oci-image-tool / umoci do the job, but it would be nice if this was integrated to skopeo.

DaanDeMeyer commented 4 years ago

Agreed, having to install both skopeo and umoci to get oci bundles that can be run using systemd-nspawn feels a bit overkill. Can this be reopened?

vrothberg commented 4 years ago

Sure, we can re-open. Personally, I think that skopeo+umoci do the job well together, so the use-case is covered and widely used. However, I have no objections against an oci-bundle transport.

Contributions are always welcome!

c-goes commented 3 years ago

These two tools are often used to togther, for instance LXC uses both Skopeo and Umoci to create containers from OCI (https://github.com/lxc/lxc/blob/master/templates/lxc-oci.in) However, conversion to oci-bundle in Skopeo makes sense because Podman has the --rootfs flag to run container from rootfs. You can use Skopeo/Podman to replace runc and have all the advantages of Podman without having to worry about Overlayfs. (I don't want to use Overlayfs and still want all features from Podman).

stevegt commented 3 years ago

An issue I'm running into is trying to pull from docker hub directly into a runc-compatible bundle in Go without having to shell out. Calling multiple shell commands means the thing we're distributing can't be just a single Go binary, but instead has to be multiple tools.

Being able to call something like this would be an improvement:

skopeo copy docker://busybox oci-bundle:busybox-bundle

If that were implemented, then we could go one step further and just call copy.Image() directly and not shell out at all.