- TechOps Examples
- Posts
- bootc: Introducing Bootable Containers
bootc: Introducing Bootable Containers
TechOps Examples
Hey β It's Govardhana MK π
New week, new beginnings - On readers' request, introducing video resources from this edition.
Along with a use case deep dive, we identify the top news, tools, videos, and articles in the TechOps industry.
Before we begin... a big thank you to today's sponsor.
Transform your business with custom data-driven tools.
Try eleks β free your team to focus on high-value tasks.
Loved by Autodesk, BNY Mellon, Aramex!
IN TODAY'S EDITION
π§ Use Case Deep Dive
bootc: Introducing Bootable Containers
π Top News
Kubernetes is removing in-tree cloud-provider integration support in v1.31, and how it can affect you ?
π½οΈ Videos
Building with FluxCD and Kubernetes - GitOps Principles Explained in Action
Never Use This Command On Linux - You Can Destroy Your System With A Single Command
ποΈ Articles
Boost your CLI skills with GitHub Copilot
A Guide To Modern Kubernetes Network Policies
π οΈ TOOL OF THE DAY
kondense - Automated resources sizing tool for containers in kubernetes
Kondense memory resize is based on Meta Transparent Memory Offloading
Kondense is active on himself by default
π§ USE CASE DEEP DIVE
bootc: Introducing Bootable Containers
Since the discussion of bootable containers at the 2024 Red Hat Summit, the concept has gained serious attention.
Bootable containers offer a modern, structured approach to deploying and managing immutable Linux systems.
They bundle not just the application but the entire OS, including the Linux kernel, bootloader, and drivers.
Updates are delivered via container images, making the OS "bootable."
Ref: Fedora Project
Bootable containers can be built using container technologies like Containerfiles (Dockerfiles) with tools such as Podman, Docker, or buildkit, and stored in registries like Quay.io, Docker Hub, GitHub Container Registry, or internal registries.
How are they different?
Bootable container images enable a fully integrated, container-native workflow from the OS to the application layer.
They use dedicated tools like bootc and bootc-image-builder to compose, build, and distribute images using common Containerfile instructions.
Key features include:
Deploy and manage immutable, image-based Linux systems
Serve as a source for building VMs/Cloud images
Install and configure servers/VMs using kickstart/Anaconda
Simplify testing across different architectures/platforms
Streamline OS updates using rpm-ostree
What is Bootc ?
Bootc is the main CLI tool for bootable containers, using systemd services and timers to manage them. It handles downloading and queuing updates and can be used by other tools to check and control the system.
For more details, see the bootc documentation.
Currently, three distributions ship bootable containers:
Fedora
CentOS Stream
Red Hat Enterprise Linux (RHEL)
Creating a bootable container is simple with a Containerfile.
Hereβs one using a CentOS Stream 9 base image:
FROM quay.io/centos-bootc/centos-bootc:stream9
RUN dnf -y update && dnf -y install tmux mkpasswd openssh-server
RUN pass=$(mkpasswd --method=SHA-512 --rounds=4096 redhat) && useradd -m -G wheel bootc-user -p $pass
RUN echo "%wheel ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/wheel-sudo
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]
Build the image using the following command:
docker build -f Containerfile.simple -t bootc-simple .
Now that the image is built, you can run it with the following command:
docker run -it --name bootc-container --hostname bootc-container -p 2022:22 bootc-simple
Note: "-p 2022:22" forwards the container's SSH port to host port 2022.
The container will start, showing a login prompt:
Log in with bootc-user/redhat and explore the container!
How to update a Bootable Container ?
The below illustration shows the lifecycle from building to deploying and updating bootc systems. After building a bootable container image, convert it to a disk image for installation in the target environment (e.g., public cloud).
You can also push the container image to your target registry.
Ref: Fedora Project
To update systems, build a new image and push it to the registry. Bootc can then pull the new image and reboot into it.
Update methods include:
Time-based updates via systemd timer (default).
Event-based updates by triggering bootc-fetch-apply-updates.service.
Manual updates using bootc-upgrade and reboot.
Bootc also supports rollbacks via bootc-rollback command.
This is one insightful way to explore bootc and create a bootable CentOS Stream 9 container, allowing you to experiment with system services.
Hope you find this use case helpful in your learning journey!
ELEKS' intelligent automation: Unmatched efficiency for market leaders
ELEKS' intelligent automation transforms your business with custom data-driven tools. We streamline processes, boost productivity, and cut costs by automating complex tasks. Our tailored approach unlocks growth opportunities, freeing your team to focus on high-value tasks.
If you're enjoying TechOps Examples please forward this email to a colleague.
It helps us keep this content free.