Setting Up Container Images

Batch runs workloads inside Docker containers. You must prepare and store container images in Oracle Cloud Infrastructure Registry (OCI Registry), and configure access so Batch can pull those images when jobs are run.

Build the container image:
- Use a tool such as Docker to create container images.
- Create a Dockerfile that installs required software and includes all dependencies.
- Add default environment variables that tasks need.
- Specify the user that runs the commands in the container.
- Test your image locally to confirm all components are available.
Note

Any image that you run with Batch must specify a non-root user. Batch fails any process that runs as root. If you don't specify a user, the image runs as root by default and the job fails.
Push the image to (OCI Registry):
- Tag the image according to OCI Registry repository requirements.
- Push the image to each OCI Registry region where you plan to use the Batch service.
For more information, see OCI Registry.

Note

Batch can only pull container images from the same region in which the job is run. Push the image to each region you intend to use.

Enable Batch to pull images:

Ensure the following IAM policies are in place so Batch can read from the OCI Registry repository.

Allow any-user to read repos in tenancy where ALL { request.principal.type = 'batchcontextinfrastructure' }
Allow any-user to read object-family in tenancy where ALL { request.principal.type = 'batchcontextinfrastructure' }

Oracle Cloud Infrastructure Documentation

Setting Up Container Images