zlacker

bootc-image-builder: Build your entire OS from a Containerfile

submitted by twelve+(OP) on 2025-06-24 15:01:07 | 83 points 32 comments
[view article] [source] [go to bottom]

NOTE: showing posts with links only show all posts
1. twelve+ZU8[view] [source] 2025-06-27 23:42:18
>>twelve+(OP)
We also have a GUI for trying this out!

https://github.com/podman-desktop/extension-bootc

We’re also starting to see other projects adopt a “OS as a Container image” such as Bazzite: https://bazzite.gg/ using bootc :)

Feel free to ask any questions!

4. westur+y09[view] [source] 2025-06-28 01:12:44
>>twelve+(OP)
Does bootc-image-builder build Native Containers?

Do Native Containers work as VM images that can be stored in an OCI Image/Artifact/Package Registry?

I've been mentioning Native Containers since I realized that was how bazzite works now.

Is vagrant necessary anymore if host, vm, and container images can all be signed and stored in an OCI Image store?

From >>44137501 re: Firecracker and Microsandbox VMs :

> ostree native containers are bootable host images that can also be built and signed with a SLSA provenance attestation; https://coreos.github.io/rpm-ostree/container/

ublue-os/image-template: https://github.com/ublue-os/image-template :

> Build your own custom Universal Blue Image

ublue-os/akmods has nvidia GPU drivers, nvidia-open, zfs: https://github.com/ublue-os/akmods :

> A caching layer for pre-built Fedora akmod RPMs

> OCI images providing a set of cached kernel RPMs and extra kernel modules to Universal Blue images. Used for better hardware support and consistent build process.

nvidia-container-toolkit (CDI) is necessary for --gpus=all to do CUDA and libEGL 3D with podman. Is this also already installed in bazzite?

ublue-os/toolboxes: "quadlets and systemd service units for management", boxkit : https://github.com/ublue-os/toolboxes#images

ublue-os/devcontainer .devcontainer/devcontainer.json: https://github.com/ublue-os/devcontainer/blob/main/src/base/...

It looks like the Just Justfile 40-nvidia.just has moved due to image topology simplification? >>39364975 :

> ublue-os/config//build/ublue-os-just/40-nvidia.just defines the `ujust configure-nvidia` and `ujust toggle-nvk` commands

◧◩◪
9. yjftsj+z89[view] [source] [discussion] 2025-06-28 03:31:00
>>tayo42+I79
You'd think so:) Unfortunately the current implementation hardcodes calls to dnf: https://github.com/osbuild/bootc-image-builder/issues/869
◧◩◪
10. jchw+7c9[view] [source] [discussion] 2025-06-28 04:45:12
>>indigo+329
I don't know the answer using the built-in VM attributes (I mean I'd guess probably, but I don't know how if so) but there's always nixos-generators for making VM images. Definitely used this for deploying VMs to cloud providers, haven't tried the VMWare one yet though.

https://github.com/nix-community/nixos-generators

13. tmaier+dl9[view] [source] 2025-06-28 07:40:49
>>twelve+(OP)
Universal Blue (Bluefin etc.) has a reusable GitHub template.

https://github.com/ublue-os/image-template

17. rgovos+dp9[view] [source] 2025-06-28 08:39:01
>>twelve+(OP)
Roman Shtylman has an example of using a Dockerfile to produce a rootfs for the Jetson Nano: https://github.com/defunctzombie/jetson-nano-image-maker (2022)

I've always been hesitant to use this method over debootstrap: the Ubuntu container images ("FROM ubuntu:20.04") are created from a tarball that Ubuntu's convoluted CI system spits out and I'm not confident I understand if it's somehow suitable only for a container and not for real hardware.

◧◩◪
19. zimbat+As9[view] [source] [discussion] 2025-06-28 09:31:23
>>indigo+329
Yes, you can target VMDK, AMIs, Azure, ...

`nixos-rebuild build-image --image-variant vmware`

See https://nixos.org/manual/nixos/stable/#sec-image-nixos-rebui...

◧◩
22. deivid+gA9[view] [source] [discussion] 2025-06-28 11:15:45
>>yjftsj+8Z8
Booting Docker images is fairly straightforward, I wrote about how to do this manually some years ago: https://blog.davidv.dev/posts/docker-based-images-on-baremet...
◧◩
23. Valdik+LB9[view] [source] [discussion] 2025-06-28 11:40:07
>>rgovos+dp9
The alternative is mkosi from systemd developers

https://github.com/systemd/mkosi

However beware that they break backwards compatibility almost every 6 months. This is probably the most backwards-incompable project I know, you can't rely that the minor version update won't break your projects.

◧◩◪
28. westur+5zc[view] [source] [discussion] 2025-06-29 18:40:06
>>lothar+r29
> ostree native containers are bootable host images that can also be built and signed with a SLSA provenance attestation

From https://coreos.github.io/rpm-ostree/container/#ostree-native... :

> rpm-ostree inherits work in ostree-rs-ext to create “container native ostree” functionality. This elevates OCI/docker containers to be natively supported as a transport mechanism for bootable operating systems.

I think it means simplification of complexity and unnecessary re-duplication.

◧◩
29. eraser+lue[view] [source] [discussion] 2025-06-30 12:56:53
>>tmaier+dl9
... and it works fabulously. I have been running Bluefin (same folks as Bazzite) from one of these templates for about 6 months and it has been a near on flawless experience. I have moved from Fedora 40->41->42 without having to touch a traditional "upgrade".

https://projectbluefin.io/

[go to top]