Mailinglist Archive: opensuse-factory (439 mails)

< Previous Next >
Re: [opensuse-factory] Naming policy for containers inside the distro

Am Donnerstag, 11. April 2019, 15:25:24 CEST schrieb Richard Brown:
On Thu, 11 Apr 2019 at 11:19, Aleksa Sarai <asarai@xxxxxxx> wrote:

On 2019-04-11, Thorsten Kukuk <kukuk@xxxxxxx> wrote:
On Thu, Apr 11, Aleksa Sarai wrote:

tumbleweed -> base container
tumbleweed/apache -> derived container

is actually possible to do with stock Docker Distribution -- because the
"tumbleweed/" somewhat acts as a directory and I'm not sure if you can
publish an image with the same name as a repo.

Alpine is doing that on docker hub as far as I could see, but I also
would not do that to get people not confused.

"docker pull alpine" translates to "docker pull". So while it looks the same, internally it
gets translated long before it hits the registry.

We're shipping podman by default in our container focused openSUSE offerings

Yes, but the images offered are (hopefully!) not only used on openSUSE systems.

In this case Alexa has a valid concern about namespace/repo name overlap, which
is something we can't just ignore because "it works on openSUSE".
Containers are meant to work outside of a single environment after all. doesn't really validate names or anything else for that
matter, so we would need to be careful here. You can just create an image
called "föo:latest:latest" if you wanted to, but it just wouldn't work with
every client.

There we do not have dockers limitations, and can have multiple
registries, which podman will use, in order

Therefore I want a situation where

"podman pull tumbleweed" translates to and pulls the Tumbleweed base

"podman pull leap" should pull, pulling the
Leap base container

"podman pull kubic" should pull, the "Kubic base
container" (aka the Tumbleweed base container under a different name)

That's debatable - do we actually need a Kubic base container?
The current kubic-* containers are all using plain Tumbleweed as content,
so they would perfectly fit the "tumbleweed/$containername" description.
I'd say we would need it if we can answer this question appropriately:
What would be the difference between e.g. tumbleweed/cilium and kubic/cilium?
If so, the answer could be the base for a definition on what "kubic/" means.

Derived containers should be $base/$containername

eg. tumbleweed/busybox

For synergy with docker (where we do not have that luxury of being
able to practically use a trusted registry by default, nor do docker
have the support for reflecting how our distributions are delivered) I
ALSO want the following to work

"podman pull opensuse/tumbleweed" or "docker pull opensuse/tumbleweed"
should pull the Tumbleweed base container, from
in podman or docker hub in docker
"podman|docker pull opensuse/leap" for leap

Technically doable, just not supported by kiwi currently - multiple tags
are allowed (additonaltags="latest,%OS_VERSION_ID%"), but not multiple
namespace/repository names.

I think the way we've done mapping with should
work fine with that already.


Putting my suggestions all together and in other words;
I do not think there should be an 'opensuse' container, because there
is no 'opensuse' distribution

opensuse/ is just a namespace - there isn't a home base container either
just because you can pull

I'd say as long as there is a clear definition what each namespace means, it
doesn't necessarily have to be uniform to "$base/$containername".

I think derivatives should reference their base container (eg tumbleweed/$foo)
For Kubic specific containers the "kubic base container" should just
be an alias/rebuild of the tumbleweed one under that different name.

Does all of this make sense and answer your question Fabian?

Yes and yes - but let's wait for some more opinions on this topic.


To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >