-
Epic
-
Resolution: Done
-
Major
-
rhel-9.5
-
[RHEL EPIC] Update Container Tools Package Ecosystem for 9.5 GA
-
-
Red Hat Enterprise Linux
-
rhel-sst-container-tools
-
26
-
5
-
False
-
-
Yes
-
QE ack, Dev ack, Docs ack, PXE ack
-
Enhancement
-
-
Done
Description
SME: Jindrich Novy
This epic will be used to track the final packaging of all the container tools that are going into RHEL 9.5. It will also be used to track the final testing for the container tools before release.
Epic Overview
This feature will provide customers with easy access to the latest versions of podman, buildah, and skopeo. This will provide developers and fast moving operations teams access to the latest tools on a stable platform of RHEL.
Goals
Provide users with the latest versions of Podman/Buildah/Skopeo. Speed should be prioritized over stability. This meets the same use case that we tackled in RHEL 8. See more:
- [Blog|https://www.redhat.com/en/blog/rhel-8-enables-containers-tools-software-craftsmanship-0]
- [Presentation|https://docs.google.com/presentation/d/12erz2xtMoveXHMaWG-HL3LODCqWlBloW2nqzFI89BJ4/edit]
Requirements
A list of specific needs or objectives that a Feature must deliver to satisfy the Feature.. Some requirements will be flagged as MVP. If an MVP gets shifted, the feature shifts. If a non MVP requirement slips, it does not shift the feature.
requirement | Notes | isMvp? |
RHEL 9 GA: Release container-tools meta-package | This fast moving application stream should be the default in RHEL. In RHEL 9, this should be a meta-package instead of a module. | Yes |
RHEL 9 GA: All of these packages should be updated to match what Fedora is using: podman podman-docker podman-plugins podman-remote podman-tests buildah skopeo skopeo-tests runc crun netavark aardvark-dns conmon container-selinux slirp4netns libslirp libslipr-devel oci-systemd-hook oci-seccomp-bpf-hook oci-umount containernetworking-plugins containers-common fuse-overlayfs crit (CRIU Image Tool, Adrian Reber) toolbox (Debarshi Ray, Oliver Guttierez) udica (Lukas Vrabek) python3-criu (Adrian Reber) python-podman cockpit-podman (Martin Pitt) |
We want to rely on the user testing done in Fedora, so as much as possible we want to use the exact same versions of each of these packages. We want the exact same versions in the exact same permutation as what has been tested upstream. Small changes in versions can be made as necessary, but this should be the exception rather than the rule. | Yes |
RHEL9 GA: Write launch blog & release notes | Explain that the API to Podman/Buildha/Skopeo are targeted and tested to be the same as RHEL 8, but with a major OS upgrade below the covers, performance, security, and even lower level libraries might change. Also, we should have release notes | Yes |
RHEL 9 GA: Update docs replacing any reference to modularity | We most convert any commands which reference modularity. Focus on the use of the words Application Stream instead of Module. | Yes |
RHEL 9 GA: Updated marketing material discussing application stream. | The more I think about this, as long as we focus on discussing "the container tools application stream" this technology should be a speed bump. | Yes |
RHEL 9 GA: update support docs to determine how we will discuss the support life cycle of this application stream | Kyle Walker and Derrick Ornelas will need to be involved in determining how the support life cycle of a rolling stream like container-tools is communicated to customers, especially in the customer portal. | Yes |
RHEL 9 GA: QE will need to update any tests which use modularity to install container-tools | David Darrah, this will likely include things like:
|
Install latest container-tools:
[root@rhel-beta ~]# yum install container-tools
The user should something like below for podman, buildah, and skopeo:
[root@rhel ~]# podman version
Version: 4.0+
RemoteAPI Version: 2
...
Run the podman, buildah or skopeo:
[root@rhel ~]# podman run -it ubi9 bash
[root@0aaddfba5fb2 /]#
Background, and strategic fit
This is convenient for developers testing and building on RHEL systems, especially those moving from docker to podman. Updating container-tools every 12 weeks will give developers the confidence that RHEL can move fast, while giving operations the piece of mind they need with the stable stream (which will stay the same). This will be an update of major tools in the container-tools: fast stream.
Podman and its dependencies are delivered in two AppStreams in RHEL - one fast stream updated up to four times per year and multiple stable streams released once a year. The feature hungry user can get access to the latest tools, while the stability seeking production user can install once, and defer to Red Hat to worry about security updates:
Assumptions
- Developers will install the container-tools:latest fast moving stream
- Developers and people seeking features will trade stability for speed
Customer Considerations
Developers need access to the latest Podman features to justify moving away from Docker CE/EE will benefit from this packaging in RHEL 8+.
In the early RHEL 7 era, users had quick access to the latest versions of Docker. In the later era of RHEL 7, the docker package was basically frozen. Customers have slowly migrated to podman, but with RHEL 8 and now RHEL 9, there is a new opportunity to provide new value.
Documentation Considerations
Update the Containers Guide for RHEL 8 should be updated to include any major or moderate new features of podman, buildah and skopeo: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/index
Success looks like:
1. Docs will capture any noteworthy features from upstream (Derrick and David Darrah)
1. QE testing any noteworthy features which are documented (David Darrah)
Questions
Question | Outcome |
What version of podman, buildah, and skopeo? | Depends on what's stable in Fedora at the time of packaging |
What versions of CRIU and Udica | Determined by those respective subsystem teams |
Can the LEAP team make upgrades work with this plan? | Scott to reach out to them and ask them to look at this feature. |
Action items