{"id":99631,"date":"2019-09-04T09:45:28","date_gmt":"2019-09-04T09:45:28","guid":{"rendered":"https:\/\/fedoramagazine.org\/?p=29200"},"modified":"2019-09-04T09:45:28","modified_gmt":"2019-09-04T09:45:28","slug":"how-to-build-fedora-container-images","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2019\/09\/04\/how-to-build-fedora-container-images\/","title":{"rendered":"How to build Fedora container images"},"content":{"rendered":"<p>With the rise of containers and container technology, all major Linux distributions nowadays provide a container base image. This article presents how the Fedora project builds its base image. It also shows you how to use it to create a layered image.<\/p>\n<p> <span id=\"more-29200\"><\/span> <\/p>\n<h2>Base and layered images<\/h2>\n<p>Before we look at how the Fedora container base image is built, let&#8217;s define a base image and a layered image. A simple way to define a base image is an image that has no parent layer. But what does that concretely mean? It means a base image usually contains only the root file system (<em>rootfs<\/em>) of an operating system. The base image generally provides the tools needed to install software in order to create layered images.<\/p>\n<p>A layered image adds a collections of layers on top of the base image in order to install, configure, and run an application. Layered images reference base images in a <em>Dockerfile<\/em> using the <em>FROM<\/em> instruction:<\/p>\n<pre class=\"wp-block-preformatted\">FROM fedora:latest<\/pre>\n<h2>How to build a base image<\/h2>\n<p>Fedora has a full suite of tools available to build container images. <a href=\"https:\/\/fedoramagazine.org\/running-containers-with-podman\/\">This includes <\/a><em><a href=\"https:\/\/fedoramagazine.org\/running-containers-with-podman\/\">podman<\/a><\/em>, which does not require running as the root user.<\/p>\n<h3>Building a rootfs<\/h3>\n<p>A base image comprises mainly a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Tar_(computing)\">tarball<\/a>. This tarball contains a rootfs. There are different ways to build this rootfs. The Fedora project uses the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Kickstart_(Linux)\">kickstart<\/a> installation method coupled with <a href=\"http:\/\/imgfac.org\/\">imagefactory<\/a> software to create these tarballs.<\/p>\n<p>The kickstart file used during the creation of the Fedora base image is available in Fedora&#8217;s build system <a href=\"https:\/\/koji.fedoraproject.org\/koji\/\">Koji<\/a>. The <em><a href=\"https:\/\/koji.fedoraproject.org\/koji\/packageinfo?packageID=26387\">Fedora-Container-Base<\/a><\/em> package regroups all the base image builds. If you select a build, it gives you access to all the related artifacts, including the kickstart files. Looking at an <a href=\"https:\/\/kojipkgs.fedoraproject.org\/\/packages\/Fedora-Container-Base\/30\/20190902.0\/images\/koji-f30-build-37420478-base.ks\">example<\/a>, the <em>%packages<\/em> section at the end of the file defines all the packages to install. This is how you make software available in the base image.<\/p>\n<h3>Using a rootfs to build a base image<\/h3>\n<p>Building a base image is easy, once a rootfs is available. It requires only a Dockerfile with the following instructions:<\/p>\n<pre class=\"wp-block-preformatted\">FROM scratch\nADD layer.tar \/\nCMD [\"\/bin\/bash\"]<\/pre>\n<p>The important part here is the <em>FROM scratch<\/em> instruction, which is creating an empty image. The following instructions then add the rootfs to the image, and set the default command to be executed when the image is run.<\/p>\n<p>Let&#8217;s build a base image using a Fedora rootfs built in Koji:<\/p>\n<pre class=\"wp-block-preformatted\">$ curl -o fedora-rootfs.tar.xz https:\/\/kojipkgs.fedoraproject.org\/packages\/Fedora-Container-Base\/Rawhide\/20190902.n.0\/images\/Fedora-Container-Base-Rawhide-20190902.n.0.x86_64.tar.xz\n$ tar -xJvf fedora-rootfs.tar.xz 51c14619f9dfd8bf109ab021b3113ac598aec88870219ff457ba07bc29f5e6a2\/layer.tar $ mv 51c14619f9dfd8bf109ab021b3113ac598aec88870219ff457ba07bc29f5e6a2\/layer.tar layer.tar\n$ printf \"FROM scratch\\nADD layer.tar \/\\nCMD [\\\"\/bin\/bash\\\"]\" &gt; Dockerfile\n$ podman build -t my-fedora .\n$ podman run -it --rm my-fedora cat \/etc\/os-release<\/pre>\n<p>The <em>layer.tar<\/em> file which contains the rootfs needs to be extracted from the downloaded archive. This is only needed because Fedora generates images that are ready to be consumed by a container run-time.<\/p>\n<p>So using Fedora&#8217;s generated image, it&#8217;s even easier to get a base image. Let&#8217;s see how that works:<\/p>\n<pre class=\"wp-block-preformatted\">$ curl -O https:\/\/kojipkgs.fedoraproject.org\/packages\/Fedora-Container-Base\/Rawhide\/20190902.n.0\/images\/Fedora-Container-Base-Rawhide-20190902.n.0.x86_64.tar.xz\n$ podman load --input Fedora-Container-Base-Rawhide-20190902.n.0.x86_64.tar.xz\n$ podman run -it --rm localhost\/fedora-container-base-rawhide-20190902.n.0.x86_64:latest cat \/etc\/os-release<\/pre>\n<h2>Building a layered image<\/h2>\n<p>To build a layered image that uses the Fedora base image, you only need to specify <em>fedora<\/em> in the <em>FROM<\/em> line instruction:<\/p>\n<pre class=\"wp-block-preformatted\">FROM fedora:latest<\/pre>\n<p>The <em>latest<\/em> tag references the latest active Fedora release (Fedora 30 at the time of writing). But it is possible to get other versions using the image tag. For example, <em>FROM fedora:31<\/em> will use the Fedora 31 base image.<\/p>\n<p>Fedora supports building and releasing software as containers. This means you can maintain a Dockerfile to make your software available to others. For more information about becoming a container image maintainer in Fedora, check out the <a href=\"https:\/\/docs.fedoraproject.org\/en-US\/containers\/guidelines\/guidelines\/\">Fedora Containers Guidelines<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With the rise of containers and container technology, all major Linux distributions nowadays provide a container base image. This article presents how the Fedora project builds its base image. It also shows you how to use it to create a layered image. Base and layered images Before we look at how the Fedora container base [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48],"tags":[45,61,46,47],"class_list":["post-99631","post","type-post","status-publish","format-standard","hentry","category-fedora-os","tag-fedora","tag-fedora-project-community","tag-magazine","tag-news"],"_links":{"self":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/99631","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/comments?post=99631"}],"version-history":[{"count":0,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/99631\/revisions"}],"wp:attachment":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media?parent=99631"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/categories?post=99631"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/tags?post=99631"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}