Build, Share, Collaborate
Containers are a lightweight version of the user space of the Linux operating system — in fact, this is the bare minimum. Nevertheless, it is still a full-fledged operating system, and therefore the quality of this container itself is as important as a full-fledged operating system. That is why for a long time we have been offering images of Red Hat Enterprise Linux (RHEL) , so that users can have certified, modern and current enterprise-level containers. Running RHEL container images on container hosts RHEL provides compatibility and portability between environments, not to mention the fact that these are already familiar tools. There was, however, one problem. You could not just pass on such an image to someone else, even if it was a customer or partner using Red Hat Enterprise Linux.
But now everything has changed
With the release of the universal Red Hat Universal Base Image (UBI) image, you can now get the familiar reliability, security and high performance of official Red Hat container images, regardless of whether you have a subscription or not. This means that you can build a containerized application on UBI, place it in the register of containers of your choice and share it with the whole world. Red Hat Universal Base Image allows you to build, share, and collaborate on a bundled application in any environment - wherever you want.
')
Thanks to UBI, it is possible to publish and run your applications in almost any infrastructure. But if you run them on Red Hat platforms, such as Red Hat OpenShift and Red Hat Enterprise Linux, you can get additional benefits (more gold!). And while we have not moved on to a more detailed description of UBI, let us provide a short FAQ, why do we need RHEL Subscription. So, what will happen when you run a UBI image on the RHEL / OpenShift platform?
And now, when marketing is satisfied, let's talk more about UBI
What you should feel in order to understand that UBI will be useful to you:
If at least one of the scenarios suits you, then you should definitely pay attention to UBI.
UBI is less than a full-fledged OS, but UBI has three important things:
UBI was created as the basis for cloud - native and web applications being developed and delivered in containers. All content in UBI is a subset of RHEL. All packages in UBI come through RHEL channels and are supported like RHEL when launched on platforms supported by Red Hat, such as OpenShift and RHEL.
Ensuring high-quality container support requires a lot of effort from engineers, security specialists, and other additional resources. It requires not only testing basic images, but also analyzing their behavior on any supported host.
To facilitate upgrading tasks, Red Hat is actively developing and supporting UBI 7, for example, on RHEL 8 hosts and UBI 8 on RHEL 7. This provides users with the necessary flexibility, confidence and peace of mind. For example, platform updates in container images or used hosts. Now all this can be divided into two independent projects.
Minimal - designed for applications with all dependencies (Python, Node.js, .NET, etc.)
Platform - for any applications running on RHEL
Multi-Service - simplifies running multiple services in a single container
In addition to the basic images that allow you to install support for programming languages, UBIs include pre-assembled images with ready-made execution environments for a number of programming languages. Many developers can simply take an image and start working on the application that they are developing.
With the launch of UBI, Red Hat offers two sets of images - based on RHEL 7 and based on RHEL 8. They are based on, respectively, Red Hat Software Collections (RHEL 7) and Application Streams (RHEL 8). These runtimes are up to date and receive up to four updates per year as standard, so there is always the opportunity to work with the most recent and stable versions.
Here is a list of UBI 7 container images:
Here is a list of container images for UBI 8:
Using ready-made images is really very convenient. Red Hat maintains their relevance and updates them with the release of the new version of RHEL, as well as when CVE updates appear in accordance with the RHEL updates image policy so that you can take one of these images and start working on the application right away.
But sometimes when creating an application you may suddenly need some kind of additional package. Or, sometimes, to make an application work, you need to update a particular package. That is why UBI images come with a set of RPMs that are available through yum, and which are distributed through a fast and highly available content delivery network (you need a package!). When you run the yum-update on your CI / CD at that critical moment of release, you can be sure it will work.
We do not get tired of repeating that RHEL is the basis of everything. Do you know what teams in Red Hat are working on creating base images? For example, these:
Red Hat Enterprise Linux acts as a great host and container image, but for many developers it’s important to be able to work with the system in a wide variety of formats, some of which may go beyond the supported use cases for Linux. And here universal UBI images come to the rescue.
Suppose, right now, at this stage, you're just looking for a basic image to start working on a simple, containerized application. Or are you closer to the future and are moving from stand-alone containers running on a container engine to cloud-native stories using building and certifying Operators working on OpenShift. In any case, UBI will provide an excellent basis for this.
Containers include a lightweight version of the user space of the operating system in a new packaging format. The release of UBI images sets a new industry standard for containerized development, with enterprise-class containers becoming available to any users, independent software developers, open source communities. In particular, software developers can standardize their products using a single, proven foundation for all their containerized applications, including Kubernetes Operators . Developing companies using UBI also have Red Hat Container Certification and Red Hat OpenShift Operator Certification certification, and this in turn allows you to continuously verify software running on Red Hat platforms, such as OpenShift.
In short - very simple. Podman is available not only on RHEL, but also on Fedora, CentOS, and several other Linux distributions. All you need to do is unload the image from one of the following repositories, and go ahead.
For UBI 8:
For UBI 7:
Well, look at the full Universal Base Image Guide
But now everything has changed
With the release of the universal Red Hat Universal Base Image (UBI) image, you can now get the familiar reliability, security and high performance of official Red Hat container images, regardless of whether you have a subscription or not. This means that you can build a containerized application on UBI, place it in the register of containers of your choice and share it with the whole world. Red Hat Universal Base Image allows you to build, share, and collaborate on a bundled application in any environment - wherever you want.
')
Thanks to UBI, it is possible to publish and run your applications in almost any infrastructure. But if you run them on Red Hat platforms, such as Red Hat OpenShift and Red Hat Enterprise Linux, you can get additional benefits (more gold!). And while we have not moved on to a more detailed description of UBI, let us provide a short FAQ, why do we need RHEL Subscription. So, what will happen when you run a UBI image on the RHEL / OpenShift platform?
And now, when marketing is satisfied, let's talk more about UBI
Reasons to use UBI
What you should feel in order to understand that UBI will be useful to you:
- My developers want to use container images that can be distributed and run in any environment.
- My operations team wants a supported baseline image with an enterprise-level life cycle.
- My architects want to offer Kubernetes Operator to my customers / end users
- My customers do
n'twantto blowcorporate-level support for all of their Red Hat environments. - My community wants to share, launch, publish containerized applications literally everywhere
If at least one of the scenarios suits you, then you should definitely pay attention to UBI.
More than just a basic image
UBI is less than a full-fledged OS, but UBI has three important things:
- A set of three basic images (ubi, ubi-minimal, ubi-init)
- Images with ready-made runtime environments for various programming languages (nodejs, ruby, python, php, perl, etc.)
- A set of related packages in the YUM repository with the most common dependencies.
UBI was created as the basis for cloud - native and web applications being developed and delivered in containers. All content in UBI is a subset of RHEL. All packages in UBI come through RHEL channels and are supported like RHEL when launched on platforms supported by Red Hat, such as OpenShift and RHEL.
Ensuring high-quality container support requires a lot of effort from engineers, security specialists, and other additional resources. It requires not only testing basic images, but also analyzing their behavior on any supported host.
To facilitate upgrading tasks, Red Hat is actively developing and supporting UBI 7, for example, on RHEL 8 hosts and UBI 8 on RHEL 7. This provides users with the necessary flexibility, confidence and peace of mind. For example, platform updates in container images or used hosts. Now all this can be divided into two independent projects.
Three basic images
Minimal - designed for applications with all dependencies (Python, Node.js, .NET, etc.)
- The minimum set of pre-installed content
- No suid executables
- Minimum package manager toolkit (install, update, and uninstall)
Platform - for any applications running on RHEL
- OpenSSL unified cryptographic stack
- Full stack YUM
- Included useful basic OS utilities (tar, gzip, vi, etc.)
Multi-Service - simplifies running multiple services in a single container
- Configured to start systemd at startup
- Ability to enable services at the assembly stage
Container images with ready-made programming language runtimes
In addition to the basic images that allow you to install support for programming languages, UBIs include pre-assembled images with ready-made execution environments for a number of programming languages. Many developers can simply take an image and start working on the application that they are developing.
With the launch of UBI, Red Hat offers two sets of images - based on RHEL 7 and based on RHEL 8. They are based on, respectively, Red Hat Software Collections (RHEL 7) and Application Streams (RHEL 8). These runtimes are up to date and receive up to four updates per year as standard, so there is always the opportunity to work with the most recent and stable versions.
Here is a list of UBI 7 container images:
Here is a list of container images for UBI 8:
Associated packages
Using ready-made images is really very convenient. Red Hat maintains their relevance and updates them with the release of the new version of RHEL, as well as when CVE updates appear in accordance with the RHEL updates image policy so that you can take one of these images and start working on the application right away.
But sometimes when creating an application you may suddenly need some kind of additional package. Or, sometimes, to make an application work, you need to update a particular package. That is why UBI images come with a set of RPMs that are available through yum, and which are distributed through a fast and highly available content delivery network (you need a package!). When you run the yum-update on your CI / CD at that critical moment of release, you can be sure it will work.
RHEL is the foundation
We do not get tired of repeating that RHEL is the basis of everything. Do you know what teams in Red Hat are working on creating base images? For example, these:
- The engineering team responsible for ensuring that core libraries such as glibc and OpenSSL, as well as language runtimes such as Python and Ruby, provide stable performance and work reliably with workloads when used in containers.
- The product safety team is responsible for the timely correction of errors and security problems in libraries and language environments; their performance is assessed using the special Container Health Index grade index.
- A team of product managers and engineers is adding new features and providing a long product life cycle, which gives confidence in the investments that can be used as a basis.
Red Hat Enterprise Linux acts as a great host and container image, but for many developers it’s important to be able to work with the system in a wide variety of formats, some of which may go beyond the supported use cases for Linux. And here universal UBI images come to the rescue.
Suppose, right now, at this stage, you're just looking for a basic image to start working on a simple, containerized application. Or are you closer to the future and are moving from stand-alone containers running on a container engine to cloud-native stories using building and certifying Operators working on OpenShift. In any case, UBI will provide an excellent basis for this.
Containers include a lightweight version of the user space of the operating system in a new packaging format. The release of UBI images sets a new industry standard for containerized development, with enterprise-class containers becoming available to any users, independent software developers, open source communities. In particular, software developers can standardize their products using a single, proven foundation for all their containerized applications, including Kubernetes Operators . Developing companies using UBI also have Red Hat Container Certification and Red Hat OpenShift Operator Certification certification, and this in turn allows you to continuously verify software running on Red Hat platforms, such as OpenShift.
How to start working with a way
In short - very simple. Podman is available not only on RHEL, but also on Fedora, CentOS, and several other Linux distributions. All you need to do is unload the image from one of the following repositories, and go ahead.
For UBI 8:
podman pull registry.access.redhat.com/ubi8/ubi podman pull registry.access.redhat.com/ubi8/ubi-minimal podman pull registry.access.redhat.com/ubi8/ubi-init For UBI 7:
podman pull registry.access.redhat.com/ubi7/ubi podman pull registry.access.redhat.com/ubi7/ubi-minimal podman pull registry.access.redhat.com/ubi7/ubi-init Well, look at the full Universal Base Image Guide
Source: https://habr.com/ru/post/451090/
All Articles