Build, Share, Collaborate

    Containers are a lightweight version of the user space of the Linux operating system - in fact, this is a “bare" minimum. Nevertheless, it is still a full-fledged operating system, and therefore the quality of this container itself is as important as a full-fledged operating system. That is why we have been offering Red Hat Enterprise Linux (RHEL) images for a long time so that users can have certified, modern, and up-to-date enterprise-level containers. Running container images(container images) RHEL on container hosts RHEL provides compatibility and portability between environments, not to mention that these are already familiar tools. There was, however, one problem. You could not just transfer such an image to someone else, even if it was a customer or a partner using Red Hat Enterprise Linux.



    But now everything has changed

    With the release of the Red Hat Universal Base Image (UBI), you can now get the familiar reliability, security, and high performance of official Red Hat container images whether you have a subscription or not. This means that you can build a containerized application on UBI, put it in the container registry of your choice and share it with the world. Red Hat Universal Base Image allows you to build, share and collaborate on a containerized application in any environment - wherever you want.



    Thanks to UBI, it is possible to publish and run your applications on virtually any infrastructure. But if you run them on Red Hat platforms such as Red Hat OpenShift and Red Hat Enterprise Linux, you can get additional benefits (more gold!). And until we move on to a more detailed description of UBI, let me provide a short FAQ on why RHEL Subscription is needed. So, what happens when you run the UBI image on the RHEL / OpenShift platform?



    Now that we’re happy with marketing, let's talk more about UBI

    Reasons to use UBI


    What you need to feel in order to understand that UBI will be useful to you:

    • My developers want to use container images that can be distributed and run in any environment.
    • My operations team wants a supported basic image with an enterprise-level lifecycle
    • My architects want to offer Kubernetes Operator to my customers / end users
    • My customers want to not have enterprise-class support for their entire Red Hat environment.
    • My community wants to share, run, publish, hosted applications literally everywhere.

    If at least one of the scenarios suits you, then you should definitely pay attention to UBI.

    More than just a basic look


    UBI is less than a full-fledged OS, but UBI has three important things:

    1. A set of three basic images (ubi, ubi-minimal, ubi-init)
    2. Images with ready-made runtimes of various programming languages ​​(nodejs, ruby, python, php, perl, etc.)
    3. A set of related packages in the YUM repository with the most common dependencies




    UBI was created as the basis for cloud - native and web applications developed and delivered in containers. All content in UBI is a subset of RHEL. All packages in UBI go through RHEL channels and are supported like RHEL when launched on supported Red Hat platforms such as OpenShift and RHEL.



    To provide quality support for containers, a lot of efforts of engineers, security specialists and other additional resources are required. It requires not only testing basic images, but also analyzing their behavior on any supported host.

    In order to facilitate the tasks associated with the upgrade, Red Hat is actively developing development and support, so that UBI 7 can be run, for example, on RHEL 8 hosts, and UBI 8 on RHEL 7 hosts. This provides users with the necessary flexibility, confidence and peace of mind in the process , for example, platform updates in container images or used hosts. Now all this can be divided into two independent projects.

    Three basic images




    Minimal - designed for applications with all dependencies (Python, Node.js, .NET, etc.)

    • Minimum set of pre-installed content
    • No suid executables
    • Minimum package manager toolkit (install, update, and uninstall)

    Platform - for any applications running on RHEL

    • OpenSSL Unified Cryptographic Stack
    • YUM full stack
    • Useful basic OS utilities included (tar, gzip, vi, etc.)

    Multi-Service - simplifies the launch of several services in one container

    • Configured to run systemd at startup
    • The ability to enable services at the build stage

    Images of containers with ready-made runtimes of programming languages


    In addition to the basic images that allow you to install support for programming languages, UBIs include pre-built images with ready-made runtimes for a number of programming languages. Many developers can simply take an image and start working on the application that they are developing.

    With the launch of UBI, Red Hat offers two sets of images - based on RHEL 7 and based on RHEL 8. They were based on Red Hat Software Collections (RHEL 7) and Application Streams (RHEL 8), respectively. These runtimes are kept up-to-date and standardly receive up to four updates per year, so there is always the opportunity to work with the latest and most stable versions.

    Here is a list of UBI 7 container images:



    Here is a list of container images for UBI 8:



    Associated Packages


    Using ready-made images is really very convenient. Red Hat maintains their relevance and updates them along with the release of the new version of RHEL, as well as critical CVE updates in accordance with the RHEL update policy image policy so that you can take one of these images and immediately start working on the application.



    But sometimes when you create an application, you may suddenly need some additional package. Or, sometimes, to make the application work, you need to update a particular package. That is why UBI images come with a set of RPMs that are available through yum and that are distributed through a fast and highly accessible content delivery network (you pack!). When you run a yum update on your CI / CD at that critical moment of release, you can be sure that it will work.

    RHEL is the foundation


    We never tire of repeating that RHEL is the foundation of everything. Do you know which teams in Red Hat are working on creating basic images? For example, these:

    • An engineering team responsible for ensuring that core libraries such as glibc and OpenSSL, as well as language runtimes such as Python and Ruby, provide consistent performance and work reliably with workloads when used in containers.
    • The product security group is engaged in the timely correction of errors and security problems in libraries and language environments, and their performance is assessed using the special Container Health Index grade .
    • The team of product managers and engineers is adding new features and providing a long product life cycle, which gives confidence in the investment that can be used as a basis.

    Red Hat Enterprise Linux acts as a great host and image for containers, but for many developers the ability to work with the system in a variety of formats is important, some of which may go beyond the supported scenarios for using the Linux system. And here universal UBI images come to the rescue.

    Suppose, right now, at this stage, you are just looking for a basic image to start working on a simple containerized application. Or are you closer to the future and moving from stand-alone containers running on the container engine to cloud-native history using building and certifying Operators running on OpenShift. In any case, UBI will provide an excellent foundation for this.



    Containers include a lightweight version of the user space of the operating system in a new packaging format. The release of UBI images sets a new industry standard for containerized development, with enterprise-class containers becoming available to all users, independent software developers, and open source communities. In particular, software developers can standardize their products using a single, proven foundation for all of their containerized applications, including Kubernetes Operators.. Red Hat Container Certification and Red Hat OpenShift Operator Certification certification are also available to UBI-based development companies, which in turn allows continuous verification of software running on Red Hat platforms such as OpenShift.



    How to start working with an image


    In short - very simple. Podman is available not only on RHEL, but also on Fedora, CentOS, and several other Linux distributions. All you need to do is upload the image from one of the following repositories, and go.

    For UBI 8:

    podman pull registry.access.redhat.com/ubi8/ubi
    podman pull registry.access.redhat.com/ubi8/ubi-minimal
    podman pull registry.access.redhat.com/ubi8/ubi-init
    

    For UBI 7:

    podman pull registry.access.redhat.com/ubi7/ubi
    podman pull registry.access.redhat.com/ubi7/ubi-minimal
    podman pull registry.access.redhat.com/ubi7/ubi-init
    

    Well and see the full Universal Base Image Guide


    Also popular now: