Today, the Open Container Initiative (OCI) announced a successful vote to start a new project called distribution-spec. This project is focused on working towards a specification for distribution of OCI container images. Red Hat has been involved with and supports this as a member of OCI, and Red Hat believes this will benefit the Linux container community at large as well as many of Red Hat’s products and projects.
Vincent Batts, OCI Technical Oversight Board (TOB) member and principal software engineer, Office of the CTO at Red Hat noted, “Now that the OCI image and runtime specifications have reached v1.0, it is time to collaborate on developing the standard for distributing those images. Building on existing industry experience and contributions from the community, we look forward to a distribution standard to complement our ability to create and launch standard OCI images."
The industry currently has a de facto standard in the form of the Docker Registry HTTP API v2, but the move to codify the standard under the umbrella of the OCI will help enable the wider industry to publish and consume container images across registries from different vendors without interoperability headaches.
What the specification entails
At the foundational level, the scope of the distribution-spec project is the layout of Universal Resource Locators (URLs) and protocols that are used to push and pull container images from a registry. Sounds simple enough, right?
Well, no. There’s actually a fair amount of work involved behind the scenes when you pull a container image or push one to a registry. For example, since container images can be made up of multiple layers, you want to know whether a registry already has a particular layer before sending it up again. Or, sometimes you lose connectivity when pulling or pushing an image, so how is that going to be handled?
These details will be worked out over time. For now, for the most part, consumers of tools like Quay, OpenShift, and others need not be concerned about the OCI distribution specification, because these tools are currently based on a de facto container distribution standard with several implementations. For the future of the container ecosystem, however, we believe a formal, open standard based on industry-wide consensus will be a better option than a de facto standard. This is what the OCI distribution-spec project aims to create.
The OCI process
So far, the OCI has had two certifications reach 1.0, both of which Red Hat participated in and uses in its projects and offerings. The Runtime Specification and Image Specification both reached v1 in July of 2017, a bit more than two years after the OCI’s inception.
So how does this impact end users? In short, it shouldn’t – not immediately. As of today, the way you find, examine, and deploy containers today does not require a change. There will likely be gradual change over time as the associated technologies evolve to improve the process. But this work is really about what should not change. With the distribution-spec project, the aim is to keep what works today working, while planning to make it easier for container-native deployments in the future.