From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 9D7E81FF183 for ; Wed, 8 Oct 2025 19:15:19 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6264AEB60; Wed, 8 Oct 2025 19:15:25 +0200 (CEST) From: Filip Schauer To: pve-devel@lists.proxmox.com Date: Wed, 8 Oct 2025 19:10:23 +0200 Message-ID: <20251008171028.196998-18-f.schauer@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20251008171028.196998-1-f.schauer@proxmox.com> References: <20251008171028.196998-1-f.schauer@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1759943661245 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.406 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_ASCII_DIVIDERS 0.8 Email that uses ascii formatting dividers and possible spam tricks KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH docs v5 17/17] ct: add OCI image docs X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Signed-off-by: Filip Schauer --- Changed since v4: * document the "Pull from OCI registry" feature Introduced in v3 pct.adoc | 44 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 36 insertions(+), 8 deletions(-) diff --git a/pct.adoc b/pct.adoc index d6146eb..8212bc9 100644 --- a/pct.adoc +++ b/pct.adoc @@ -54,15 +54,22 @@ the cluster setup, and they can use the same network and storage resources as virtual machines. You can also use the {pve} firewall, or manage containers using the HA framework. -Our primary goal is to offer an environment that provides the benefits of using a -VM, but without the additional overhead. This means that Proxmox Containers can -be categorized as ``System Containers'', rather than ``Application Containers''. +Our primary goal has traditionally been to offer an environment that provides +the benefits of using a VM, but without the additional overhead. This means that +Proxmox Containers have been primarily categorized as ``System Containers''. -NOTE: If you want to run application containers, for example, 'Docker' images, it -is recommended that you run them inside a Proxmox QEMU VM. This will give you -all the advantages of application containerization, while also providing the -benefits that VMs offer, such as strong isolation from the host and the ability -to live-migrate, which otherwise isn't possible with containers. +With the introduction of OCI (**O**pen **C**ontainer **I**nitiative) image support, +Proxmox VE now also integrates ``Application Containers''. When creating a +container from an OCI image, the image is automatically converted to the +LXC stack that Proxmox VE uses. + +This approach allows users to benefit from a wide ecosystem of pre-packaged +applications while retaining the robust management features of Proxmox VE. + +While running lightweight ``Application Containers'' directly offers significant +advantages over a full VM, for use cases demanding maximum isolation and +the ability to live-migrate, nesting containers inside a Proxmox QEMU VM remains +a recommended practice. Technology Overview @@ -256,6 +263,12 @@ Container Images Container images, sometimes also referred to as ``templates'' or ``appliances'', are `tar` archives which contain everything to run a container. +Proxmox VE can utilize two main types of images: *System Container Templates* +for creating full virtual environments, and *Application Container Images* based +on the OCI standard for running specific applications. + +System Container Templates +~~~~~~~~~~~~~~~~~~~~~~~~~~ {pve} itself provides a variety of basic templates for the xref:pct_supported_distributions[most common Linux distributions]. They can be @@ -336,6 +349,21 @@ delete that image later with: # pveam remove local:vztmpl/debian-10.0-standard_10.0-1_amd64.tar.gz ---- +Open Container Initiative (OCI) Images (technology preview) +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Proxmox VE can also use OCI images to create containers. This makes it easy to +run pre-packaged applications. A container created from an OCI image still uses +the existing LXC framework. + +Obtaining OCI Images +~~~~~~~~~~~~~~~~~~~~ + +In the web interface an OCI image can be pulled from a registry using the *Pull +from OCI registry* button on the container template view of a storage. + +Once the template is on a storage, you can create the container with +`pct create` or use the wizard in the web interface. [[pct_settings]] Container Settings -- 2.47.3 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel