Allow to derive from multiple containers #2682
Conversation
Add support for multi inheritance to the derived_from attribute In the order of a comma seperated list of docker source URI's a base tree is created. This was possible only with one container so far and Fixes #2680 as well as jira#OBS-354
|
@rjschwei example image description for you to test <image schemaversion="7.5" name="kiwi-test-image-delta-joe">
<description type="system">
<author>Marcus Schäfer</author>
<contact>[email protected]</contact>
<specification>Delta container providing the joe editor</specification>
</description>
<preferences>
<type image="docker" derived_from="docker://registry.opensuse.org/home/marcus.schaefer/delta_containers/containers_tw/basesystem:latest,docker://registry.opensuse.org/home/marcus.schaefer/delta_containers/containers_tw/mc:latest" delta_root="true">
<containerconfig name="joe"/>
</type>
<version>1.15.4</version>
<packagemanager>zypper</packagemanager>
<rpm-excludedocs>true</rpm-excludedocs>
</preferences>
<repository type="rpm-md">
<source path="obsrepositories:/"/>
</repository>
<packages type="image">
<package name="joe"/>
</packages>
</image> |
|
I'm confused, what is this supposed to do? |
This connects to the delta container support in kiwi and the flake-pilot project as a provision tool for apps provided as containers. It is a little bit comparable to Ubuntu's snaps but we use existing standards with OCI. The delta_root feature in kiwi allows you to create a container that only includes a delta compared to a given base container. In the past you could only specify one base and with this change you can specify more than one. Of course the resulting container is on its own no longer usable, it requires a provision of the data it was derived from. This task is done by the flake-pilot project I wrote recently. At SUSE we want to use this concept to provide application containers faster and with less problems when these applications are third party, poor packaged or having dependencies the distribution does not/not yet provide. The container build in kiwi can then derive from "good" containers build from well maintained packages and only add the "evil" application and build a delta container from it. With flake-pilot you then register an application and bring things together. The application runs as an isolated instance on the system and we can offer customers an application without harming the integrity of the rest of the system. There are more use cases to flake-pilot and I wrote all that up here The idea is around for a bit, but it seems at SUSE there is now a real use case and while we are working on it some issues and missing features will be added to both projects. @rjschwei is one of the lead architects for what is called a component architecture and that's where most of the requests comes from and also the reason why I put him as a reviewer. Hope this clarifies a bit of the story. |
|
The original idea why I started flake-pilot was to run automotive applications on linux hosts in cars. I hate to say that but I did not see a single automotive application that was not a bunch of security critical software. Everybody was concerned running this thing on the OS and sometimes we even only got a binary and no sources. As I'm no longer working in automotive I was using the project to improve my rust coding 😄 but it seems there are also other use cases for which it might find its niche |
|
Ah and the above example is really not producing anything useful, it just serves the purpose for a test, hence I understand when it does not make sense for you. It's mainly for Robert to play |
|
Thanks for the quick turn around :D |
Add support for multi inheritance to the derived_from attribute In the order of a comma separated list of docker source URI's a base tree is created. This was possible only with one container so far and Fixes #2680 as well as jira#OBS-354