Open Container Initiative (OCI)


runc - reference implementation of runtime spec

Founded in 2015 by leaders in the container industry

Version 1.0 was release in 2020

Currently 29 members

Technical oversight commitee from 8 companies

Scope of this talk

Overview of OCI specs w.r.t. image distribution

How does an OCI registry work

Image storage


What does the future hold

Generic artifacts

Relationships between artifacts

How registries work

Typical workflow interacting with a container registry

How registries work internally

Media types

OCI defines new media types

Widespread adoption of OCI media types

What OCI Docker
Image Index vnd.oci.image.index.v1+json vnd.docker.distribution.manifest.list.v2+json
Image Manifest vnd.oci.image.manifest.v1+json vnd.docker.distribution.manifest.v2+json
Image Config vnd.oci.image.config.v1+json vnd.docker.container.image.v1+json
Image Layer vnd.oci.image.layer.v1.tar+gzip vnd.docker.image.rootfs.diff.tar.gzip

Accept header

Tell registry which content to return

Manifests can only be image index or image manifest

Single Accept header

Content type must be known beforehand

Multiple Accept headers

Content types will be checked in order


Control which media type is returned

How it started

What if we used new media types?!

OCI Registries as Storage (ORaS)

Initial project to store artifacts in OCI registries

Very low-level

Official guidance for artifacts


Upload generic artifacts to OCI registry

How it’s going

Existing implementations (excerpt)

Docker App (archived)

Cloud Native Application Bundles (CNAB)

SBOM for container images

Container signatures using sigstore’s cosign

Helm charts

OPA policies

Generic artifacts in OCI registries

OCI 1.0 already supports artifacts with custom media types

OCI 1.1 addresses generic artifacts…

…as well as linking them

OCI 1.1 is not released yet

Artifacts must include subject field in manifest mentioning the parent

New referrers API manages links to parent artifact


Initial implementation in distribution by ORaS

Client tools: oras, trivy, trivy-plugin-referrer, regclient


Push image

Sign image, push signature and refer to image

Create SBOM, push it and refer to image

Sign SBOM, push signature and refer to image

Create sarif report, push it and refer to SBOM

Sign sarif report, push signature and refer to sarif report

Adaption of OCI 1.1

Data as of 2023-01-05 using OCI v1.1.0-rc.1 (diff to v1.1.0-rc.3) updated 2023-11-15 with research

Registry State Remarks
Distribution oras-project/distribution#59
Docker Hub  
AWS ECR looks like it
Azure ACR announcement
GitHub GCR  
Google GAR  
Harbor since v2.9.0
Jfrog Artifactory  
Quay since v3.8.6
zot since v1.3.4

Legend: unknown, underway, supported, unsupported

Backwards compatibility

OCI 1.1 accomodates for slow adoption

Artifacts are stored…

Find linked artifacts:

  1. Enumerate all tags sha256-*
  2. Read subject from manifest


Referrers work even without support for OCI 1.1