Steer OCI to Kubernetes with Artifactory and Helm 3
With the latest release of JFrog Artifactory, your Kubernetes world just got a lot bigger. Artifactory’s Docker registries are now compliant with the Open Container Initiative (OCI). Repository support for images compatible with OCI and support for the Helm 3 client mean you can run K8s with a high degree of versatility.
Once you’re no longer locked exclusively into Docker, you can run either part of your container ecosystem or all of it using any OCI-compatible client. And you can run Kubernetes with the Container Runtime Interface (CRI) that best fits your needs.
What is OCI?
The Open Container Initiative is a Linux Foundation project to design open standards for containers. These standards establish an image specification (image-spec) for container image files, as well as a runtime specification (runtime-spec) for executing those images as a container.
While Docker is a member of the project, and uses the OCI specification, Docker specifies additional requirements for image layout and different runtime behaviors.
This divergence means that while many Kubernetes ecosystems run with Docker, they can alternatively use an OCI-compatible CRI such as runc, the lightweight cri-o runtime, or the security-minded rkt.
Artifactory’s New Features
The release of Artifactory 7.11.1 includes these features to enable greater flexibility in your container and Kubernetes ecosystem:
Native OCI Image Support
Artifactory treats OCI images as equal citizens to Docker images, and you can use an OCI-compatible client to push OCI images to a Docker registry.
Your OCI images are stored in Artifactory natively — no conversion of OCI images to Docker takes place. They can be pushed to your Docker registry as-is through an OCI client such as:
- containerd – a client produced as a CNCF project
- podman – is an alternative to Docker and an OSS pod manager client maintained by the containers organization
- ORAS – a Microsoft-originated OCI Registry as Storage project
Helm 3 Support
Artifactory Helm registries now support Helm 3 clients.
Helm 3 boasts several improvements and simplifications, including its security model with the removal of Tiller, and a more comprehensive upgrade strategy for merge-patches.
The Helm 3 chart format is also simplified by consolidating the requirements.yaml
specification of dependencies into the main chart.yaml
file.
Get Started
If you’re already using Artifactory for your Docker and Helm registries, you’ll find it easy to upgrade Artifactory and expand your use to include OCI images and Helm 3 charts with the universal repository manager you already know.
If you haven’t tried Artifactory yet, it’s easy to get started with a free cloud account, and explore your container management choices.