As SystemImager developper, I'd like to mange images using docker (instead of using a simple directory on the image server). On the image server I would have docker running and I could start container to update content (yum update, change configs, ...) and keep track of changes and be able to revert changes.
When deploying a physical image on a node, I PXE boot a specific initramfs with deployment code. Right now, it uses rsync, or scp or ssh tunnel with rsync or nfs with rsync to retreive and install image from image server.
The problem of this method is that a directory is not versioned and I cannot revert back to previous image in case of wrong image change.
I'd like to use (withing the initramfs) an equivalent of: docker --server imageserver --image mynodeimage:1.0 save | tar x -C /sysroot
The problem is that it requires secure tls cnx, but I can't rebuild imager initramfs to include it and having a unsecured docker daemon is not a good solution either.(I succesfully tested the solution with an unsecured dockerd, but that complext to setup and not compatible with prod environment)
Then, is there a way to setup a public docker hub on my image server (where dockerd runs) where images could be downloaded on the fly (tarball to stdout) from an initramfs that doesn't have a dockerd running and that doesn't have twice the space to do a docker pull + docker save |tar x -C ...
I've seen method with curl, but I need to store blobs locally and then reassemble the result. This is not possible as it requires twice the space (one for storing the blobs and one for extracting the result). Maybe there is a solution to extract blobs one after another in correct order?
Or: are there any alternative technologies to docker that would permit to maintain images in containers (with versioning) on an image server and retreive them from an initramfs minimalist environment without using staging dir?