-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Roadmap to Fedora Bootable Containers #1726
Comments
Thanks so much for putting this together! |
Any objections if we let the fedora-bootc related discussion "double up" as part of the current fcos community meeting? Basically maybe ~40 minutes for this topic which would also include e.g. things related to https://gitlab.com/fedora/ostree/sig/-/issues/26 etc? |
I wonder actually if we should schedule a community video meeting to discuss this. I guess it's too late for today but could be next week's. |
What do you mean by double up? I would prefer we keep the Fedora CoreOS meeting distinct for now. We can however include the Atomic SIG topics into the bootc one as we are not having Atomic SIG meetings right now. |
I think @cgwalters just meant double up for next week, or something, inviting additional people to talk about bootc at the same time that FCOS folks do. |
As I'm working on Live ISO support for Atomic Desktops, I'm experimenting with using a container layer to include all the tools needed for the Live ISO / installer instead of including them in the base image by default: https://github.com/travier/fedora-kinoite/blob/main/fedora-kinoite-live/Containerfile Thinking about this more, we could use the same approach for Ignition and related first boot elements. We would include those in a container layer and rebuild the initrd and use this "derived" container to generate all the disk images. Systems installed this way would be pointed to the image without the first boot layer, that will thus "disappear" from the system on the first update. We would thus have two container tags for each release, once with and one without the first boot layer. Ideally we would also produce a container image that does not include an initrd, then we layer the initrd to create the "normal" base image which is delivered on updates. Same idea but for podman/moby-engine as well: #1723
|
You may encounter issues when layering packages that comes with their own SELinux policy modules in container layers. See: ostreedev/ostree-rs-ext#510 (tracked in https://gitlab.com/fedora/ostree/sig/-/issues/45 for the Atomic Desktops) |
Do we want to add a CI/CD section to the roadmap? Onboarding to Konflux might be a relevant task. WDYT? |
Notes
Roadmap
Building and publishing Bootable Container images
Switching to Bootable Container images by default
DNF5 integration
dnf5
on Fedora 41+ fedora-coreos-config#2915bootc integration
bootc status
does not report unlocked status containers/bootc#474Bootimages
bootc install to-filesystem
when building container images: Usebootc install to-filesystem
to build our bootimages #1827Local package layering
Rebasing on Fedora Bootc manifests
Rebasing on Fedora Bootc container images
Anaconda
Investigate Konflux CI/CD
See if we can build FCOS using Konflux: https://gist.github.com/ralphbean/a3644111a549e8cedb0b207f90d42dc9
Documentation updates
Issues that needs to be triaged / refocused
See also all the issues tagged with
bootable-containers
: https://github.com/coreos/fedora-coreos-tracker/issues?q=is%3Aopen+label%3Aarea%2Fbootable-containers+sort%3Aupdated-descReferences
See:
See for Fedora Atomic Desktops: https://gitlab.com/fedora/ostree/sig/-/issues/26
The text was updated successfully, but these errors were encountered: