![Page 1: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/1.jpg)
Building Open Container Initiative images based on Freedesktop SDK
Valentin David
Codethink Ltd.
foss-north 2020March 30th
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 1 / 28
![Page 2: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/2.jpg)
Table of Contents
1 Introduction
2 Very quick introduction to BuildStream
3 OCI images
4 Design your image with BuildStream
5 Conclusion
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 2 / 28
![Page 3: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/3.jpg)
What is Freedesktop SDK?
Runtime of Flatpak applications.Basic runtime and SDK to build containers for desktop applications.
Flatpak is not related to OCI.
On top of it, two Flatpak runtimes are built: KDE SDK and GNOME SDK.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 3 / 28
![Page 4: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/4.jpg)
Freedesktop SDK features
Release every year
Bug and security updates for 2 years
ABI stability
Automatic scan for CVEs
Bootstrapped
Architectures
x86-64 and i686
aarch64 and armv7
powerpc64le (experimental)
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 4 / 28
![Page 5: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/5.jpg)
What does Freedesktop SDK contain?
Basic glibc, bash, coreutils, util-linux, findutils, diffutils, gawk...Archive tar, cpio, zlib, bzip2, xz, zip...Security openssl, gnutls, gnupg, nss...
Graphics X.org (x11 and xcb), Wayland, Cairo, GTK+3, SDL2...Acceleration OpenGL, Vulkan, OpenCL dispatchers, Mesa drivers
Sound Pulseaudio, Alsa w/ pulse pluginMedia gstreamer, mpg123, ffmpeg, vorbis, theora, giflib, libpng...
Programming GCC, LLVM, gperf, flex, bison, ccache...Build make, autotools, meson, ninja, cmake...
Interpreters Perl, Python, RubyDocumentation gtk-doc, asciidoc, docbook, man-db...
Fonts DejaVu, Liberation, GNU Free, EmojiOne....Font rendering Pango, Fontconfig, HarfBuzz
Debugging Strace, GDBSpelling hunspell, aspell, LibreOffice dictionaries
Web curl, libsoupValentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 5 / 28
![Page 6: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/6.jpg)
What does Freedesktop SDK contain?
Basic glibc, bash, coreutils, util-linux, findutils, diffutils, gawk...Archive tar, cpio, zlib, bzip2, xz, zip...Security openssl, gnutls, gnupg, nss...
Graphics X.org (x11 and xcb), Wayland, Cairo, GTK+3, SDL2...Acceleration OpenGL, Vulkan, OpenCL dispatchers, Mesa drivers
Sound Pulseaudio, Alsa w/ pulse pluginMedia gstreamer, mpg123, ffmpeg, vorbis, theora, giflib, libpng...
Programming GCC, LLVM, gperf, flex, bison, ccache...Build make, autotools, meson, ninja, cmake...
Interpreters Perl, Python, RubyDocumentation gtk-doc, asciidoc, docbook, man-db...
Fonts DejaVu, Liberation, GNU Free, EmojiOne....Font rendering Pango, Fontconfig, HarfBuzz
Debugging Strace, GDBSpelling hunspell, aspell, LibreOffice dictionaries
Web curl, libsoup
The choice of technologies used by Freedesktop SDK is notan endorsement by the Freedesktop organisation.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 5 / 28
![Page 7: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/7.jpg)
BuildStream
Freedesktop SDK is built with BuildStream.
Build and integrate artifacts.
Separate sandbox per element
Reproducible build environment
Cached
Parallel builds
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 6 / 28
![Page 8: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/8.jpg)
Why building OCI images?
For our own infrastructure.
Helping existing continuous integration of applications building for Freedesktop SDK.
Some applications may have daemon and desktop frontend components.
Freedesktop SDK is the main project using entirely built with BuildStream.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 7 / 28
![Page 9: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/9.jpg)
Table of Contents
1 Introduction
2 Very quick introduction to BuildStream
3 OCI images
4 Design your image with BuildStream
5 Conclusion
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 8 / 28
![Page 10: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/10.jpg)
Example: GNU Hello
hello
project.conf
elements
freedesktop-sdk.bst
components
hello.bst
oci
hello.bst
files
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 9 / 28
![Page 11: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/11.jpg)
Example: GNU Hello
hello
project.conf
elements
freedesktop-sdk.bst
components
hello.bst
oci
hello.bst
files
This is a junction element. Itrefers to an upstream Build-Stream project.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 9 / 28
![Page 12: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/12.jpg)
Example: GNU Hello
hello
project.conf
elements
freedesktop-sdk.bst
components
hello.bst
oci
hello.bst
files
This is the main build element.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 9 / 28
![Page 13: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/13.jpg)
Anatomy of a BuildStream element
kind: a u t o t o o l sbuild -depends:
- freedesktop -sdk.bst:public -stacks/buildsystem -autotools.bst
- freedesktop -sdk.bst:components/texinfo.bst
- freedesktop -sdk.bst:components/help2man.bst
depends:
- freedesktop -sdk.bst: boo t s t r ap−impor t . b s tvariables:
autogen: |./bootstrap --no-git \
--gnulib -srcdir=gnulib \
--skip -po
sources:
- kind: git_tag
url: https://git.savannah.gnu.org/git/hello.git
track: master
ref: v2.10-0-gdc7dc56a00e48fe6f231a58f6537139fe2908fb9
The “kind” selects the plugin
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 10 / 28
![Page 14: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/14.jpg)
Anatomy of a BuildStream element
kind: a u t o t o o l sbuild -depends:
- freedesktop -sdk.bst:public -stacks/buildsystem -autotools.bst
- freedesktop -sdk.bst:components/texinfo.bst
- freedesktop -sdk.bst:components/help2man.bst
depends:
- freedesktop -sdk.bst: boo t s t r ap−impor t . b s tvariables:
autogen: |./bootstrap --no-git \
--gnulib -srcdir=gnulib \
--skip -po
sources:
- kind: git_tag
url: https://git.savannah.gnu.org/git/hello.git
track: master
ref: v2.10-0-gdc7dc56a00e48fe6f231a58f6537139fe2908fb9
List of build and runtime dependencies
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 10 / 28
![Page 15: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/15.jpg)
Anatomy of a BuildStream element
kind: a u t o t o o l sbuild -depends:
- freedesktop -sdk.bst:public -stacks/buildsystem -autotools.bst
- freedesktop -sdk.bst:components/texinfo.bst
- freedesktop -sdk.bst:components/help2man.bst
depends:
- freedesktop -sdk.bst: boo t s t r ap−impor t . b s tvariables:
autogen: |./bootstrap --no-git \
--gnulib -srcdir=gnulib \
--skip -po
sources:
- kind: git_tag
url: https://git.savannah.gnu.org/git/hello.git
track: master
ref: v2.10-0-gdc7dc56a00e48fe6f231a58f6537139fe2908fb9
Some customization for the plugin
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 10 / 28
![Page 16: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/16.jpg)
Anatomy of a BuildStream element
kind: a u t o t o o l sbuild -depends:
- freedesktop -sdk.bst:public -stacks/buildsystem -autotools.bst
- freedesktop -sdk.bst:components/texinfo.bst
- freedesktop -sdk.bst:components/help2man.bst
depends:
- freedesktop -sdk.bst: boo t s t r ap−impor t . b s tvariables:
autogen: |./bootstrap --no-git \
--gnulib -srcdir=gnulib \
--skip -po
sources:
- kind: git_tag
url: https://git.savannah.gnu.org/git/hello.git
track: master
ref: v2.10-0-gdc7dc56a00e48fe6f231a58f6537139fe2908fb9
Description of sources
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 10 / 28
![Page 17: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/17.jpg)
What to do from there?
$ b s t b u i l d components / h e l l o . b s t...
$ b s t s h e l l components / h e l l o . b s t / u s r / b i n / h e l l o...
H e l l o , w o r l d !$ b s t c h e c k o u t components / h e l l o . b s t h e l l o −r o o t f s
...$
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 11 / 28
![Page 18: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/18.jpg)
Table of Contents
1 Introduction
2 Very quick introduction to BuildStream
3 OCI images
4 Design your image with BuildStream
5 Conclusion
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 12 / 28
![Page 19: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/19.jpg)
Typical build of OCI images
A base image probably from a distribution
A Dockerfile
Eventually use package manager to add dependenciesSequentially build some other dependenciesBuild your main projectOptionally, extract runtime files to an new image to remove development files (multi-staged)Configure
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 13 / 28
![Page 20: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/20.jpg)
Hello container image w/ Dockerfile
FROM debian AS build
RUN apt−get updateRUN apt−get install −y git autoconf automake autopoint \gcc make texinfo help2man
RUN mkdir /buildWORKDIR /buildRUN g i t c l o n e h t t p s : // g i t . savannah . gnu . org / g i t / h e l l o . g i tWORKDIR /build/helloRUN git checkout dc7dc56a00e48fe6f231a58f6537139fe2908fb9
RUN . / b oo t s t r a p −−sk i p−poRUN . / configure −−prefix=/usr −−disable−dependency−trackingRUN make −j16RUN mkdir /installRUN make −j1 install DESTDIR=/install
FROM debian
COPY −−from=build /install /ENTRYPOINT /usr/bin/hello
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 14 / 28
![Page 21: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/21.jpg)
Hello container image w/ Dockerfile
FROM debian AS build
RUN apt−get updateRUN apt−get install −y git autoconf automake autopoint \gcc make texinfo help2man
RUN mkdir /buildWORKDIR /buildRUN g i t c l o n e h t t p s : // g i t . savannah . gnu . org / g i t / h e l l o . g i tWORKDIR /build/helloRUN git checkout dc7dc56a00e48fe6f231a58f6537139fe2908fb9
RUN . / b oo t s t r a p −−sk i p−poRUN . / configure −−prefix=/usr −−disable−dependency−trackingRUN make −j16RUN mkdir /installRUN make −j1 install DESTDIR=/install
FROM debian
COPY −−from=build /install /ENTRYPOINT /usr/bin/hello
Some commands may download from ex-ternal sources. They break reproducibility.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 14 / 28
![Page 22: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/22.jpg)
Dependencies and Dockerfile
What if you require libraries not shipped in distribution?
Either make a package for the used distribution
Package manager deal with more complex situations: upgrade, uninstall, services,configuration files, user and permission managementsSandbox is optionalRebuild is not automatic
Build directly as Dockerfile
No support for common build systemsNo build dependencies between Dockerfile sCached: if one command is modified, all following commands have to be run againBuild sandbox has network by default, no reproducibility
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 15 / 28
![Page 23: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/23.jpg)
OCI layering
OCI images are based on Dockefiles.
1 Dockerfile command = 1 image layer.
Download and storage can reuse common layers.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 16 / 28
![Page 24: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/24.jpg)
Table of Contents
1 Introduction
2 Very quick introduction to BuildStream
3 OCI images
4 Design your image with BuildStream
5 Conclusion
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 17 / 28
![Page 25: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/25.jpg)
Graph to layers - Non solution
Translate every element to a layer.
Topologically sort all layers.
Each image is a subsequence.
Issues:
OCI implementations index layers by stack hash (ChainID) rather then layer hash(DiffID), so no subsequence.
Some implementations or filesystem backends might not scale with hundreds of layers.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 18 / 28
![Page 26: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/26.jpg)
Our approach
Developer decides of sensible layers.
One BuildStream element per layer.
Each layer makes also an image.
Elements use dependencies to copy layers from other OCI images
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 19 / 28
![Page 27: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/27.jpg)
Freedesktop SDK full dependency graph
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 20 / 28
![Page 28: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/28.jpg)
Freedesktop SDK full dependency graph
Let’s simplify this graph a bit...
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 20 / 28
![Page 29: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/29.jpg)
OCI image layering in Freedesktop SDK
Dependency graph platform.bst
sdk.bst
bootstrap.bst
platform-oci.bst
sdk-oci.bst
bootstrap-oci.bst
flatpak.bst flatpak-oci.bst
debug-oci.bst
bootstrap
platformbootstrap
sdkplatformbootstrap
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 21 / 28
![Page 30: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/30.jpg)
OCI image layering in Freedesktop SDK
Dependency graph platform.bst
sdk.bst
bootstrap.bst
platform-oci.bst
sdk-oci.bst
bootstrap-oci.bst
flatpak.bst flatpak-oci.bst
debug-oci.bst
Each OCI element builds an image.
The dependencies between OCI elementsform the layers.
bootstrap
platformbootstrap
sdkplatformbootstrap
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 21 / 28
![Page 31: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/31.jpg)
OCI image layering in Freedesktop SDK
Dependency graph platform.bst
sdk.bst
bootstrap.bst
platform-oci.bst
sdk-oci.bst
bootstrap-oci.bst
flatpak.bst flatpak-oci.bst
debug-oci.bst
Each OCI element builds an image.
The dependencies between OCI elementsform the layers.
bootstrap
platformbootstrap
sdkplatformbootstrap
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 21 / 28
![Page 32: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/32.jpg)
The BuildStream OCI plugin
OCI or Docker 1.2 (with legacy compatibility)
Enable/disable layer compression
Configuration, annotations, history comments.
Multi-image
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 22 / 28
![Page 33: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/33.jpg)
Let’s go back to our example
hello
project.conf
elements
freedesktop-sdk.bst
components
hello.bst
oci
hello.bst
files
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 23 / 28
![Page 34: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/34.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
Select the OCI plugin
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 35: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/35.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
We need the base image one which webuild the layer.And the elements to build the currentlayer.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 36: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/36.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
Use OCI specifications
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 37: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/37.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
Architecture description
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 38: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/38.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
The base image which we build the layer on
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 39: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/39.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
The elements included in the layer
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 40: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/40.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
Comment for the history
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 41: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/41.jpg)
Layer element
kind: oci
build -depends:
- freedesktop -sdk.bst:oci/bootstrap -oci.bst
- components/hello.bst
config:
mode: o c iimages:
- os: linux
architecture: amd64parent:
element: o c i / boo t s t r ap−o c i . b s tlayer:
- components/ h e l l o . b s tcomment: "Import GNU hello"
config:
Entrypoint: [ "/usr/bin/hello" ]
Configuration of the image
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 24 / 28
![Page 42: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/42.jpg)
Building the image
$ b s t b u i l d o c i / h e l l o . b s t...
$ b s t c h e c k o u t o c i / h e l l o . b s t −−t a r h e l l o . t a r...
$ podman l o a d − i h e l l o . t a r
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 25 / 28
![Page 43: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/43.jpg)
Table of Contents
1 Introduction
2 Very quick introduction to BuildStream
3 OCI images
4 Design your image with BuildStream
5 Conclusion
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 26 / 28
![Page 44: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/44.jpg)
Conclusion
Fully build OCI images with one tool
Cached, reproducible, parallel
Customizable layers to optimize storage and network
Freedesktop SDK provides a basic SDK with the most common system dependencies
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 27 / 28
![Page 45: Building Open Container Initiative images based on ......Building Open Container Initiative images based on Freedesktop SDK Valentin David Codethink Ltd. foss-north 2020 March 30th](https://reader033.vdocument.in/reader033/viewer/2022042713/5fae332332f18336f14da067/html5/thumbnails/45.jpg)
Pointers
Freedesktop SDK https://gitlab.com/freedesktop-sdk/freedesktop-sdk
BuildStream https://buildstream.build/
OCI plugin doc https://buildstream.gitlab.io/bst-external/elements/oci.html
Docker images https://hub.docker.com/u/freedesktopsdk
This work was sponsored by Codethink.
Valentin David (Codethink) Freedesktop SDK and OCI foss-north 2020 28 / 28