Project News

Buildah Blocks - OCI Shell Game

I’ve always been fascinated by the three shells and a pea game that street hustlers have used for years to make a bit of coin. I love watching a talented person running the game, but I know better than to bet on it! However, playing the game with Buildah leads to everyone being a winner.

I had a bit of time to play, so I tried out a variant of the shell game with Open Containers Initiative (OCI) containers. I made a quick example showing how you can create an OCI image with Buildah, saved the image to a repository on Docker Hub and then used both Docker and Buildah to run that image from Docker Hub. Nothing terribly fancy, but the video does illustrate that Buildah is OCI-compliant and the images it creates can be used by other OCI-compliant technologies.

Read More »

CentOS Atomic Host 7.1712 Available for Download

The CentOS Atomic SIG has released an updated version of CentOS Atomic Host (7.1712), a lean operating system designed to run Linux containers, built from standard CentOS 7 RPMs, and tracking the component versions included in Red Hat Enterprise Linux Atomic Host.

This release includes updated kernel, linux-firmware and microcode_ctl packages to address recent security advisories, alongside other minor updates that shipped during the month of December.

Read More »

Fedora 27 Atomic Host January 4th Security Release

A new Fedora Atomic Host update is available via an OSTree commit. This update contains an important security patch.

Version: 27.47
Commit(x86_64): 397e907961adafaeff11b807ceade8da5783134072406fcdba627f1195e0db76
Commit(aarch64): 25965b64256417d7dfed37511ffe0cf842ebe64bd6adc8c57a3c603dcfd79885
Commit(ppc64le): c0d0a28a01fd363dfc317e3418935efae6d728a718320dfb3709c4282160f20f

This is a security related release of Fedora Atomic Host to address CVE-2017-5754 (Meltdown). This release does not yet handle the Spectre vulnerabilities, CVE-2017-5753 and CVE-2017-5715. Those will come in a future update. For more information see the Red Hat knowledgebase article.

kernel-4.14.11-300.fc27.x86_64 fixes BZ1530826 related to CVE-2017-5754. It also fixes some other CVEs as well. See the attached bugs to the bodhi update for more information.

Read More »

Composing custom OSTree update for Fedora 27 Atomic Host

With Fedora 27, we ship Atomic Host on multiple architectures which includes aarch64, ppc64le, and x86_64. We also provide Atomic Host updates for these arches every two weeks so that we can provide a tested, stable, and up-to-date OS. Fedora Atomic Host is built using traditional RPM packages available in the Fedora repository. For example, Fedora 27 Atomic Host is formed using packages from the Fedora 27 repository which are further composed into OSTree repository using rpm-ostree. It is possible to compose and host your own custom-built OSTree repository containing additional features. This article will further guide you on how to compose your own custom OSTree repository and update system from your own hosted OSTree repo.

Read More »