Converting a Docker container to a Runc container -> Read-only file system
Philip Rhoades
phil at pricom.com.au
Fri Feb 22 03:03:45 UTC 2019
Aleksa,
On 2019-02-21 19:31, Aleksa Sarai wrote:
> On 2019-02-21, Philip Rhoades <phil at pricom.com.au> wrote:
>> People,
>>
>> I have exported an existing container with:
>
> This isn't the right list for this -- I would suggest mailing
> <dev at opencontainers.org>.
Oh, I am on that list too but I thought from the name of this list, it
would be more appropriate . .
> This is a kernel mailing list -- but I'll
> answer your question anyway.
Thanks! OK, I will check all of the stuff below later today.
Regards,
Phil.
>> mkdir rootfs
>> docker export rails_dsf | tar -C rootfs -xvf -
>> runc spec
>> runc run rails_dsf
>
> Check whether "readonly": true is in config.json, and set it to false
> if
> it is.
>
> I would recommend using skopeo and umoci for generating an OCI runtime
> bundle, since those are more modern. The equivalent to the above
> command
> would be:
>
> $ # You need an image to operate on.
> % id="$(docker commit rails_dsf rails_img)"
>
> # Convert the Docker image to an OCI image.
> % skopeo copy docker-daemon:rails_img:latest oci:rails_img:latest
>
> # Unpack the image into an OCI runtime bundle.
> % umoci unpack --image rails_img:latest bundle
>
> # Run the bundle with runc.
> % runc run -b bundle rails_dsf
>
> (The nice thing is that you can then generate new layers if you want
> using OCI -- as well as taking advantage of rootless containers if you
> use the --rootless flag to umoci.)
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: phil at pricom.com.au
More information about the Containers
mailing list