We are pleased to announce that going forward we have removed foreign layers from our Windows Container images. This move aligns our technology with the licensing change that we announced in October 2022, as well as with the Open Container initiative (OCI) which governs container image formats.
Why the change?
We are implementing this change based on feedback from our customers, who expressed a need to distribute a complete containerized application directly to their customers. Removing the foreign layer will improve image locality by allowing the customers’ registries to be closer to their cluster location. Also, this will reduce dependency on a connection to Microsoft once the image has been pulled into a registry.
Air-gapped environments are networks isolated from public networks, found commonly in private and government clouds or financial institutions. This change will allow air-gapped users to pull the entire image from MCR (Microsoft Container Registry) and build on top of those images inside of air-gapped environments.
Prior to this change customers were able to work around many of these scenarios however, those work arounds were lengthy and reduced many benefits that containers offered.
This change was also made with the advice of the OCI community, through this link you will be able to read a few interactions with the community (discussion and a conversation). This change will allow for greater flexibility while using Windows Container base images, as well as aligning Windows Containers with the ecosystem.
What is the change?
With this change, like with Linux based container images, when pushing a container image to a container repository all layers of the image will be pushed. Prior to this change, when a customer used one of the base images, it only carried a foreign layer link that directed to the base layer on Microsoft Container Registry (MCR). After this change when utilizing a base image, it will now carry the load of the base image instead of the link.
The change will affect:
Microsoft Artifact Registry (Nano Server, Server Core, Server, Windows)
- WS 2016 images, Tag: 10.0.14393.5989, 1607-KB5027219
- WS 2019 images, Tag: 10.0.17763.4499, 1809-KB5027222
- WS 2022 images, Tag: 10.0. 20348.1787, ltsc2022-KB5027225
Potential Changes
For most users, we do not anticipate any impactful changes — however you may notice and need to account for:
- The first time the image is pulled, the pull time will increase as part of the re-baseline.
- When pushing a Windows based container image, it will take longer and consume additional storage.
- If you are close to the next storage bracket, you could be pushed into the next bracket price range.
These concerns should be lessened by the recent image size reduction work released.
Closing
We appreciate your feedback as we continually strive to make the best modernization journey for our customers.
