One of the great innovations of container images was their standard packaging and distribution. Except there's more than one standard. There's the [Docker specific variant][docker], and there's the [OCI standard][oci].
Building an image up from basics, there are the image layers: filesystems archived and compressed into a single file. These contain the bulk of content in an image.
OCI:
application/vnd.oci.image.layer.v1.tar: "Layer", as a tar archiveapplication/vnd.oci.image.layer.v1.tar+gzip: "Layer", as a tar archive compressed with gzipapplication/vnd.oci.image.layer.v1.tar+zstd: "Layer", as a tar archive compressed with zstdDocker:
application/vnd.docker.image.rootfs.diff.tar.gzip: “Layer”, as a gzipped tarapplication/vnd.docker.image.rootfs.foreign.diff.tar.gzip: “Layer”, as a gzipped tar that should never be pushedLayers by themselves don't do much, you need some extra config, like environment variables, entrypoint, working directory, how to arrange the layers. and maybe some history/metadata. This comes as its own config manifets type:
OCI:
application/vnd.oci.image.config.v1+json: Image configDocker:
application/vnd.docker.container.image.v1+json: Container config JSONNext is the distribution manifest that binds the config and layers together. Most tags will point to one of these
OCI:
application/vnd.oci.image.manifest.v1+json: Image manifestDcoker:
application/vnd.docker.distribution.manifest.v2+json: New image manifest format (schemaVersion = 2)But an image refers to a specifc filesystem, maybe with platform specific artifacts (eg code compiled for arm64). This is where the optional list/index comes in, allowing you to specify platforms and their respective image manifests.
OCI:
application/vnd.oci.image.manifest.v1+json: Image manifestDocker:
application/vnd.docker.distribution.manifest.list.v2+json: Manifest list, aka “fat manifest”apko publish: creates application/vnd.oci.image.index.v1+jsonbuildctl build: creates application/vnd.docker.distribution.manifest.v2+jsonbuildctl build --opt platform=: creates application/vnd.docker.distribution.manifest.list.v2+json
only when multiple platforms setdocker build: creates application/vnd.docker.distribution.manifest.v2+jsondocker buildx build: creates application/vnd.oci.image.manifest.v1+jsondocker buildx build --platform: creates application/vnd.oci.image.index.v1+jsonkaniko: creates application/vnd.docker.distribution.manifest.v2+jsonko build: creates application/vnd.oci.image.manifest.v1+jsonko build --platform: creates application/vnd.oci.image.index.v1+json
only when multiple platforms set