ACTION: Proposal for a new project: OCI Image Format Spec (v3)

[Brandon Philips]

TOB Members-

Please reply on-list to put in your vote on this proposal to form an OCI Image Format Project:

- Agree with this proposal
- Disagree with this proposal
- Lets discuss, I need more information

Changelog:

v3 deprecates the earlier v2 proposal which missed removing a section in the timeline referencing transport.

v2 is an updated proposal that folds changes in from Diogo's proposal and the original. The primary change is the removal of distribution via http or any other protocol as part of the project. See the FAQ item for more information on that if you haven't been following along.

Diogo's: https://groups.google.com/a/opencontainers.org/forum/#!topic/tob/A3JnmI-D-6Y
Original: https://groups.google.com/a/opencontainers.org/forum/#!topic/tob/WXk1uTgfXrs

Thank You,

Brandon

OCI Image Format Spec

New project proposal: The TOB will create a new OCI project tasked with creating a software shipping container image format spec (OCI Image Format) with security and naming as components. In addition the OCI TOB will establish a new set of maintainers for this new project with people who have expertise in image formats and package management.

Initial Recommendation: Over the last 16 months we have seen evolution of container formats towards solid technical underpinnings. When the AppC project was introduced in December 2014 its goals were to create an open specification shared between implementations while addressing concerns in the Docker v1 image format around content addressable images, signing, and a federated/delegatable namespace. Today, the Docker v2.2 image format is close to having all of the desirable traits of AppC while having widespread registry implementations in projects/products from Amazon, Google, CoreOS, Docker, Huawei, and JFrog.

This new OCI project would be recommended to start with the Docker v2.2 specification, improve any remaining technical concerns, and create an OCI project and maintainers to develop and shepherd an OCI Image Format Spec. By starting from this project we intend to standardize and improve the understood properties of a container image format. This new project will have the objectives of:

• A serialized image format (base layer)

• A process of hashing the image format for integrity and content-addressing (base layer)

• Signatures that are based on signing image content address (optional layer)

• Naming that is federated based on DNS and can be delegated (optional layer)

Initial Maintainers: to be brainstormed on the TOB list and voted on by the TOB using Condorcet Internet Voting Service. Brainstorm thread: https://groups.google.com/a/opencontainers.org/forum/#!topic/tob/OKQmg0k-9bU

Cooperation with OCI Runtime Project: The OCI Runtime Specs project is working diligently to create a specification for the lifecycle of a running container. The OCI Image Format Spec project should work with the OCI Runtime Spec project so that the image can support the UX that users have come to expect from container engines like Docker and rkt. Primarily this means ensuring the ability to run an image with no additional arguments:

  docker run example.com/org/app:v1.0.0

  rkt run example.com/org/app,version=v1.0.0

This implies that the OCI Image Format contain sufficient information to launch the application on the target platform e.g. command, arguments, environment variables, etc.

FAQ

Q: Why doesn't this project mention distribution?

A: Distribution, for example using HTTP as both Docker v2.2 and AppC do today, is not part of this project initially. This is because the OCI scope table, as it reads today, says this is out of scope. But, the TOB discussion has deemed it is necessary to add this as an optional layer in the scope table in the near future. The TOB will need to work to make this addition to the scope table. See this thread https://groups.google.com/a/opencontainers.org/d/msg/tob/A3JnmI-D-6Y/tLuptPDHAgAJ

Q: Why a new project?

A: The first OCI spec centered around defining the run side of a container. This is generally seen to be an orthogonal concern to the shipping container component. As practical examples of this separation you see many organizations separating these concerns into different teams and organizations: the Docker Distribution project and the Docker containerd project; Amazon ECS and Amazon EC2 Container Registry, etc.

Q: Why start this work now?

A: We are seeing many independent implementations of container image handling including build systems, registries, and image analysis tools. As an organization we would like to encourage this growth and bring people together to ensure a technically correct and open specification continues to evolve reflecting the OCI values.

Q: What happens to AppC or Docker Image Formats?

A: Existing formats can continue to be a proving ground for technologies, as needed. For example, in line with the OCI values, we expect mechanisms like the AppC name delegation will help inspire portions of the OCI Software Shipping Container project. The OCI Image Format project should strive to provide a dependable open specification that can be shared between different tools and be evolved for years or decades of compatibility; as the deb and rpm format have.

Proposed Roadmap

• March ?? v0.0.0

• Import Docker v2.2 format

• April 18th v0.1.0

• Spec factored for top to bottom reading with three audiences in-mind:

• Build system creators

• Image registry creators

• Container engine creators

• May 16th v0.2.0
  

• Release version of spec with improvements from two independent experimental implementations from OCI members e.g. Amazon Container Registry and rkt

• June 13th v1.0.0

• Release initial version of spec with two independent non-experimental implementations from OCI members

[Vincent Batts]

I agree with this proposal

[Brandon Philips]

I agree with this proposal.

[Jason Bouzane]

I agree with this proposal

[Greg Kroah-Hartman]

On Sun, Mar 20, 2016 at 01:41:27AM +0000, Brandon Philips wrote:
> TOB Members-
>
> Please reply on-list to put in your vote on this proposal to form an OCI Image
> Format Project:
>
> - Agree with this proposal
> - Disagree with this proposal
> - Lets discuss, I need more information

[ovzx...@gmail.com]

I agree with the proposal.

воскресенье, 20 марта 2016 г., 4:41:37 UTC+3 пользователь Brandon Philips написал:

[Chris Wright]

* Brandon Philips (brandon...@coreos.com) wrote:
> Please reply on-list to put in your vote on this proposal to form an OCI
> Image Format Project:
>
> - Agree with this proposal
> - Disagree with this proposal
> - Lets discuss, I need more information

I agree with this proposal

thanks,
-chris

[Brandon Philips]

Hello TOB-

Just a quick update on the vote. We have 6 TOB members who voted and agree to the proposal for a new OCI Project: Chris Wright, Greg KH, Jason Bouzane, Vincent Batts, Pavel Emelianov, and Brandon Philips. 

We will continue to seek additional votes.

But, with 6 of 9 TOB members agreeing with the proposal this vote has reached the two-thirds vote milestone required to approve a new OCI project.

Also, this is a reminder that we are seeking additional nominees for MAINTAINERS of this new project: https://groups.google.com/a/opencontainers.org/forum/#!topic/oci-members/hkZdzAEQ4VM

Thank You,

Brandon

[Brandon Philips]

On Tue, Mar 22, 2016 at 10:58 AM Brandon Philips <brandon...@coreos.com> wrote:

Just a quick update on the vote. We have 6 TOB members who voted and agree to the proposal for a new OCI Project: Chris Wright, Greg KH, Jason Bouzane, Vincent Batts, Pavel Emelianov, and Brandon Philips. 

We will continue to seek additional votes.

Hello Everyone-

In the interest of making the OCI Image Format project proposal a simpler read I have removed some of the immaterial historical information and specific dates. See the diff here:

https://github.com/opencontainers/tob/commit/e854685ca0f217f38a56a5614d782c28f9a105c5

If anyone who has voted so far opposes the removal of these immaterial informational sections let me know and we can discuss. If you have yet to vote please consider these updates.

Thank You,

Brandon

[Diogo Mónica]

I agree with the modified proposal (https://github.com/opencontainers/tob/blob/e854685ca0f217f38a56a5614d782c28f9a105c5/proposals/image-format/README.md)

--
You received this message because you are subscribed to the Google Groups "Technical Oversight Board" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tob+uns...@opencontainers.org.

--

Diogo Mónica

[Greg KH]

No opposition from me.

thanks,

greg k-h

[Brandon Philips]

Michael, John- Would you like to record a vote on this project proposal? Everyone else has voted.

On Tue, Mar 22, 2016 at 10:58 AM Brandon Philips <brandon...@coreos.com> wrote:

[gossma...@gmail.com]

I also approve this proposal

John Gossman
Microsoft

[michael...@docker.com]

lgtm

Michael Crosby