Embedding local containerized applications in the root partition

You can embed containerized applications from local storage when you build an AutoSD operating system (OS) image. Doing so makes the containerized application available for use from within the AutoSD OS after the system boots. This method uses the containers-storage option in the build manifest so that OSBuild pulls containers from local container image storage at build time and includes them into the OS image.

Important

Although you can containerize applications locally and embed them when building an OS image, doing so is not the recommended method of building the OS image and is meant only for development or experimental purposes. If you want to include containerized applications in an OS image, pulling containers from a secure remote container image registry is the only reliable, reproducible, and recommended method for OS image builds.

Prerequisites

• You are running a Linux-based host on your local machine.
• You have installed the following software on your local machine:
  • Podman
  • Skopeo
  • ostree
  • PyYAML for Python 3
• You have created a container image named auto-apps that contains your application built according to Building a container image for your software
• You have installed the automotive-image-builder tool. For more information, see Installing Automotive Image Builder.

Procedure

This procedure explains how to create an automotive image builder manifest and build an AutoSD operating system image in the qcow2 format that you can boot in a QEMU virtual machine.

The resulting AutoSD OS image will include a containerized auto-apps application image pulled from local storage and installed to the /usr/share/containers/storage directory in the OS.

Note that you can customize the script and the manifest to pull your own containerized application images from local storage.

1. Create a build manifest file named container_local.aib.yml:

   $ touch container_local.aib.yml
   

2. Open the container_local.aib.yml file in a text editor, add the following YAML code, and save the file:

   Sample manifest for embedding local container images

   # hosted in the local container registry on the build machine
   
   name: container_local
   
   content:
     repos:
       - id: epel
         baseurl: https://dl.fedoraproject.org/pub/epel/9/Everything/$arch/
     rpms:
       - podman
       # For testing the image only:
       - openssh-server
       - openssh-clients
   
     container_images:
       - source: "localhost/auto-apps"
         tag: latest
         name: "localhost/auto-apps"
         containers-transport: containers-storage
   
     # Required for testing the image only:
     systemd:
       enabled_services:
         # Enable ssh daemon
         - sshd.service
   
   auth:
     # "password"
     root_password: $6$xoLqEUz0cGGJRx01$H3H/bFm0myJPULNMtbSsOFd/2BnHqHkMD92Sfxd.EKM9hXTWSmELG8cf205l6dktomuTcgKGGtGDgtvHVXSWU.
     # Required for testing the image only:
     sshd_config:
       PasswordAuthentication: true
       PermitRootLogin: true
   

3. Export the value of your hardware architecture to a temporary variable:

   $ export arch=$(arch)
   

4. Run the automotive-image-builder script to build an OS image that embeds the remote containerized application:

   $ sudo automotive-image-builder \
       --verbose \
       --include=/var/lib/containers/storage/ \
       build \
       --distro autosd9 \
       --target qemu \
       --mode image \
       --build-dir=_build \
       --export qcow2 \
       container_local.aib.yml \
       container_local.$arch.qcow2
   

5. Verify that the script has created an AutoSD image file named container_local.<arch>.qcow2 in your present working directory.

After you have created the OS image, assuming that you have installed QEMU, you can boot the AutoSD image in a virtual machine by using the automotive-image-runner utility and verify that the containerized application is included in the built OS image:

1. Run the image in QEMU using automotive-image-runner:

   $ sudo automotive-image-runner container_local.x86_64.qcow2
   

   If necessary, substitute the filename of your .qcow2 image file.

2. After the image has booted in QEMU, log in with the user name root and the password password.

3. Verify that your containerized application image is available:

   # podman image list
   

   Sample output:

   REPOSITORY           TAG         IMAGE ID      CREATED            SIZE
   localhost/auto-apps  latest      054a7b912609  About an hour ago  250 MB
   

When you build your OS image, OSBuild copies the auto-apps container image to your OS image. Your containerized auto-apps application is available at localhost/auto-apps. You must also create container configuration files and configure OSBuild to copy these files to the /etc/containers/systemd directory in your OS image. For more information about these container configuration files, see Running containers from systemd.

Next steps

• Now that you have included your containerized application in your automotive image builder manifest, you can build your AutoSD image. For more information, see Building an image from a custom manifest.
• Alternatively, you can continue customizing your image. For more information, see Running containers from systemd, Configuring communication between containers in the root partition, Embedding RPM application packages in the QM partition, and Embedding containerized applications in the QM partition.

Additional resources

• Sample automotive image builder manifest