undocker/README.md

75 lines
2.0 KiB
Markdown
Raw Normal View History

2021-05-24 00:11:58 +03:00
Undocker
--------
2021-05-24 00:11:58 +03:00
Converts a Docker image (a bunch of layers) to a flattened "rootfs" tarball.
2021-05-24 00:11:58 +03:00
Why?
2021-05-24 00:11:58 +03:00
----
2021-05-24 00:11:58 +03:00
Docker images seems to be the lingua franca of distributing application
2021-05-24 00:11:58 +03:00
containers. These are very wide-spread. However, is Docker the best runtime
environment? Not for everyone.
2021-05-24 00:11:58 +03:00
2021-05-24 00:11:58 +03:00
Undocker bridges the gap between application images (in docker image format)
and container runtimes: now you can run a Docker image with systemd-nspawn
and/or lxc, without doing the `docker pull; docker start; docker export` dance.
2021-05-24 00:11:58 +03:00
Usage -- extract docker image
-----------------------------
Download `nginx` docker image from docker hub and convert it to a rootfs:
2021-05-24 00:11:58 +03:00
2021-05-24 00:11:58 +03:00
```
skopeo copy docker://docker.io/nginx:latest docker-archive:nginx.tar
undocker rootfs nginx.tar - | tar -xv
```
2021-05-24 00:11:58 +03:00
(the same can be done with `docker pull` and `docker save`)
2021-05-24 00:11:58 +03:00
Usage -- systemd-nspawn example
-------------------------------
2021-05-24 00:11:58 +03:00
Once the image is converted to a root file-system, it can be started using
classic utilities which expect a rootfs:
2021-05-24 00:11:58 +03:00
```
systemd-nspawn -D $PWD nginx -g 'daemon off;'
```
Usage -- lxc example
--------------------
2021-05-24 00:11:58 +03:00
Preparing the image for use with lxc:
2021-05-24 00:11:58 +03:00
```
undocker rootfs nginx.tar - | xz -T0 > nginx.tar.xz
undocker lxcconfig nginx.tar config
tar -cJf meta.tar.xz config
```
2021-05-24 00:11:58 +03:00
Import it to lxc and run it:
2021-05-24 00:11:58 +03:00
```
lxc-create -n bb -t local -- -m meta.tar.xz -f nginx.tar.xz
lxc-start -F -n bb -s lxc.net.0.type=none
lxc-start -F -n bb -s lxc.net.0.type=none -- /docker-entrypoint.sh nginx -g "daemon off;"
```
Note: automatic entrypoint does not work well with parameters with spaces; not
sure what lxc expects here to make it work.
2021-05-24 00:11:58 +03:00
About the implementation
------------------------
Extracting docker image layers may be harder than you have thought. See
`rootfs/doc.go` for more details.
2021-05-24 00:11:58 +03:00
2021-05-24 00:11:58 +03:00
The rootfs code is dependency-free (it uses Go's stdlib alone). The existing
project dependencies are convenience-only.
2021-05-24 00:11:58 +03:00
2021-05-24 00:11:58 +03:00
Contributions
-------------
2021-05-24 00:11:58 +03:00
2021-05-24 00:11:58 +03:00
I will accept pull request for code (including tests) and documentation. I am
unlikely to react to bug reports without a patch.