Skip to main content Link Menu Expand (external link) Document Search Copy Copied


This project’s toplevel goal is to maintain default definitions for base bootable container images, locked with Fedora ELN and CentOS Stream 9.


This is an in-development project not intended for production use yet.

Container images

The primary output of this project is container images. The current main development targets are Fedora ELN and CentOS Stream 9.

Distribution locked images

These images are intended to exactly match the content of the underlying distribution.


Layered images

There are also layered images; for more information on these, see the centos-bootc-layered repository.

Development images

Some components of this project move quickly, and it’s often useful to see things as they appear in git main instead of waiting for package releases.

The following images track git main of selected components:


For more information, see the dev repository.

Trying it out


Understanding “tiers”

There is a “tier-0” image, but it is not yet being automatically built. The “tier-0” contains:

  • kernel
  • systemd
  • bootc
  • selinux-policy-targeted

The tier-1 is a reasonably large system:

  • NetworkManager, chrony
  • openssh-server
  • dnf (for installing packages in container builds)
  • rpm-ostree (A lot of tooling uses this too)

The content set for these images is subject to change.


Here’s an example command:

sudo rpm-ostree compose image --authfile ~/.config/containers/myquay.json --cachedir=cache -i --format=ociarchive centos-tier-0-stream9.yaml centos-tier-0-stream9.ociarchive

In some situations, copying to a local .ociarchive file is convenient. You can also push to a registry with --format=registry.

More information at


Badge Description Service
Renovate Dependencies Renovate
Pre-commit Static quality gates pre-commit