Roadmap to Fedora Bootable Containers

[travier]

Notes

• This is a proposed roadmap that is subject to change and refinement
• While not complete nor matching the current Fedora bootable container images, you can already use Fedora CoreOS with container images, but we currently don't recommend that as it comes with important caveats.

Roadmap

Building and publishing Bootable Container images

• We are currently building bootable container images in our pipeline
• Those images are published to Quay.io: https://quay.io/repository/fedora/fedora-coreos?tab=tags

Switching to Bootable Container images by default

• Create container repo tags for each FCOS release: https://github.com/coreos/fedora-coreos-tracker/issues/1367
• Zincati needs to be adapted for the container update flow: https://github.com/coreos/fedora-coreos-tracker/issues/1263
• Migrate Fedora CoreOS users to update via a container image by default: issue to be created

DNF5 integration

• [X] Adding dnf5 to the images:
  • https://fedoraproject.org/wiki/Changes/DNFAndBootcInImageModeFedora
  • https://github.com/coreos/fedora-coreos-tracker/issues/1687
  • https://github.com/coreos/fedora-coreos-config/pull/2915
• Better error handling / messages in dnf (on running systems) would make this less confusing to our users
• A lot of testing needed, especially regarding alternative kernels, custom kernel modules, /var and /opt handling, etc.

bootc integration

• Integration of bootc will require integration in Zincati
• Bootc is currently root only: no unprivileged interface, no DBus interface
• Related discussions:
  • https://github.com/containers/bootc/pull/472
  • https://github.com/containers/bootc/issues/474

Local package layering

• Figure out a solution for users that want to locally layer packages
• Similar to what's needed for Fedora Atomic Desktops
• Tracked in https://gitlab.com/fedora/bootc/tracker/-/issues/4

Rebasing on Fedora Bootc manifests

• Might mean using a Git submodule or merging all manifests into a single repo
• To be investigated

Rebasing on Fedora Bootc container images

• Needs better support for container builds in the Fedora Infrastructure (via gitlab.com/fedora?)
• Support for container deltas / zstd:chunked:
  • https://github.com/ostreedev/ostree-rs-ext/issues/608
  • https://gitlab.com/fedora/bootc/tracker/-/issues/9
• Investigate if rebasing to a container based workflow for those image would bring benefits
• Investigate the new Experimental Base Images Builder: https://gitlab.com/fedora/bootc/base-images-experimental

Anaconda

• See: https://github.com/coreos/fedora-coreos-tracker/issues/1646

Documentation updates

• We will likely have to update the documentation to link to the Fedora Bootable Containers docs.

Issues that needs to be triaged / refocused

• https://github.com/coreos/fedora-coreos-tracker/issues/1151
• https://github.com/coreos/fedora-coreos-tracker/issues/1446
• https://github.com/coreos/fedora-coreos-tracker/issues/1718
• https://github.com/coreos/fedora-coreos-tracker/issues/1719

See also all the issues tagged with bootable-containers: https://github.com/coreos/fedora-coreos-tracker/issues?q=is%3Aopen+label%3Aarea%2Fbootable-containers+sort%3Aupdated-desc

References

See:

• https://fedoramagazine.org/get-involved-with-fedora-bootable-containers/
• https://fedoraproject.org/wiki/Initiatives/Fedora_bootc

See for Fedora Atomic Desktops: https://gitlab.com/fedora/ostree/sig/-/issues/26

[cgwalters]

Thanks so much for putting this together!

[cgwalters]

Any objections if we let the fedora-bootc related discussion "double up" as part of the current fcos community meeting? Basically maybe ~40 minutes for this topic which would also include e.g. things related to https://gitlab.com/fedora/ostree/sig/-/issues/26 etc?

[jlebon]

Any objections if we let the fedora-bootc related discussion "double up" as part of the current fcos community meeting?

I wonder actually if we should schedule a community video meeting to discuss this. I guess it's too late for today but could be next week's.

[travier]

What do you mean by double up? I would prefer we keep the Fedora CoreOS meeting distinct for now.

We can however include the Atomic SIG topics into the bootc one as we are not having Atomic SIG meetings right now.

[jasonbrooks]

What do you mean by double up? I would prefer we keep the Fedora CoreOS meeting distinct for now.

We can however include the Atomic SIG topics into the bootc one as we are not having Atomic SIG meetings right now.

I think @cgwalters just meant double up for next week, or something, inviting additional people to talk about bootc at the same time that FCOS folks do.