Skip to content

Embedding container images in the root partition from a remote registry

Embedding container images in the root partition from a remote registry

You can download and embed containerized applications from a remote container image registry when you build an AutoSD operating system (OS) image. Doing so makes the containerized application available for use from within the AutoSD OS after the system boots.

When you use this method, OSBuild pulls a container from a remote container image registry at build time and embeds it in the AutoSD image.

Important

If you want to include containerized applications in an OS image, pulling containers from a secure remote registry is the only reliable, reproducible, and recommended method for production OS image builds. Although you can also containerize applications locally and embed them from local storage when building an OS image, doing so is not the method recommended for building the OS image and is meant only for development or experimental purposes.

Prerequisites

Procedure

This procedure explains how to create an automotive image builder manifest and build an AutoSD operating system image in the qcow2 format that you can boot in a QEMU virtual machine.

The resulting AutoSD OS image will include a containerized CentOS 10 application image pulled from the quay.io remote container image registry and installed to /usr/share/containers/storage in the AutoSD OS.

Note that you can customize the script and the manifest to pull your own containerized application images from any image registry to which you have access.

  1. Create a build manifest file named container_remote.aib.yml:

    console $ touch container_remote.aib.yml

  2. Open the container_remote.aib.yml file in a text editor, add the following YAML code, and save the file:

    yaml title="Sample manifest for embedding remote container images" --8<-- "demos/container_remote/container_remote.aib.yml:1:34"

  3. Export the value of your hardware architecture to a temporary variable:

    console $ export arch=$(arch)

  4. Run the automotive-image-builder tool to build an OS image that embeds the remote containerized application:

    console $ sudo automotive-image-builder \ --verbose \ --include=/var/lib/containers/storage/ \ build \ --distro autosd \ --target qemu \ --mode image \ --build-dir=_build \ --export qcow2 \ container_remote.aib.yml \ container_remote.$arch.qcow2

    Note

    You can customize the automotive-image-builder command to set other options for distro name, mode, target, and export format.

  5. Verify that the script has created an AutoSD image file named container_remote.<arch>.qcow2 in your present working directory.

After you have created the OS image, assuming that you have installed QEMU, you can boot the AutoSD image in a virtual machine by using the automotive-image-runner utility and verify that the containerized application is included in the built OS image:

  1. Run the image in QEMU using automotive-image-runner:

    console $ sudo automotive-image-runner container_remote.x86_64.qcow2

    If necessary, substitute the filename of your .qcow2 image file.

  2. After the image has booted in QEMU, log in with the user name root and the password password.

  3. Verify that your containerized application image is available:

    ```console

    podman image list

    ```

    Sample output:

    text REPOSITORY TAG IMAGE ID CREATED SIZE localhost/cs10 latest 054a7b912609 About an hour ago 250 MB

When you build your OS image, OSBuild copies the application container image from the remote container image registry to your OS image. As defined in the build manifest file, the containerized application is available at localhost/cs10 and can be run by using Podman. However, you must first create container configuration files and configure OSBuild to copy these files to the /etc/containers/systemd directory in your OS image. For more information about these container configuration files, see Running containers from systemd.

Next steps

Additional resources