Jump to content
documentation.suse.com / Getting started with SLE Base Container Images

Getting started with SLE Base Container Images

Publication Date: 13 Oct 2022

1 Environment

This document applies to the following products and product versions:

  • SUSE Linux Enterprise Server 15 SP4

2 Decision card


SLE Base Container Images specifics you should know about


Because you want to understand what makes SLE Base Container Images special




It only takes 15 minutes of reading time


Understand SLE Base Container Images specific features and capabilities

3 Introduction

If you have a working knowledge of containers, you will not have any difficulties using SLE Base Container Images. However, there are certain features that set SLE Base Container Images apart from similar offerings, like images based on Debian or Alpine Linux. And understanding the specifics can help you get the most out of SLE Base Container Images in the shortest time possible.

4 Language stack SLE BCIs

Language stack SLE BCIs are built on top of BCI-Base. Below is an overview of the available language stack SLE BCIs.

  • URL: registry.suse.com/bci/node

  • Tags: 12, 14, 16

  • Comes with nodejs version from the tag, npm and git. The yarn package manager can be installed with the npm install -g yarn command.

  • URL: registry.suse.com/bci/openjdk-devel

  • Tags: 11, 17

  • Includes the development part of OpenJDK in addition to the OpenJDK runtime. Instead of Bash, the default entry point is the jshell shell.

  • URL: registry.suse.com/bci/ruby

  • Tags: 2.5

  • A standard development environment based on Ruby 2.5, featuring ruby, gem and bundler as well as git and curl.


5 Package manager

The default package manager in SUSE Linux Enterprise is Zypper. Similar to APT in Debian and APK in Alpine Linux, Zypper offers a command-line interface for all package management tasks. Below is a brief overview of commonly used container-related Zypper commands.

Install packages

zypper --non-interactive install PACKAGE_NAME

Add a repository

zypper --non-interactive addrepo REPOSITORY_URL; zypper --non-interactive refresh

Update all packages

zypper --non-interactive update

Remove a package

zypper --non-interactive remove --clean-deps PACKAGE_NAME (the --clean-deps flag ensures that no longer required dependencies are removed as well)

Clean up temporary files

zypper clean

For more information on using Zypper, refer to https://documentation.suse.com/sles-15/html/SLES-all/cha-sw-cl.html#sec-zypper.

All the described commands use the --non-interactive flag to skip confirmations, since you cannot approve these manually during container builds. Keep in mind that you must use the flag with any command that modifies the system. Also note that --non-interactive is not a "yes to all" flag. Instead, --non-interactive confirms what is considered to be the intention of the user. For example, an installation command with the --non-interactive option fails if it needs to import new repository signing keys, as that is something that the user should verify themselves.

6 Common patterns

Here are a few examples that can give you an idea of how to accomplish certain tasks in SLE BCI compared to Debian.

Remove orphaned packages
  • Debian: apt-get autoremove -y

  • SLE BCI: Not required as long as you remove installed packages using the zypper --non-interactive remove --clean-deps PACKAGE_NAME

Obtain container's architecture
  • Debian: dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"

  • SLE BCI: arch="$(uname -p|sed 's/x86_64/amd64/')"

Install packages required for compilation
  • Debian: apt-get install -y build-essential

  • SLE BCI: zypper -n in gcc gcc-c++ make

Verify GnuPG signatures
  • Debian: gpg --batch --verify SIGNATURE_URL FILE_TO_VERIFY

  • SLE BCI: zypper -n in dirmngr; gpg --batch --verify SIGNATURE_URL FILE_TO_VERIFY; zypper -n remove --clean-deps dirmngr; zypper -n clean

7 Package naming conventions

SUSE Linux Enterprise package naming conventions differ from Debian, Ubuntu, and Alpine, and they are closer to those of Red Hat Enterprise Linux. The main difference is that development packages of libraries (that is, packages containing headers and build description files) are named PACKAGE-devel in SUSE Linux Enterprise, as opposed to PACKAGE-dev as they are in Debian and Ubuntu. When in doubt, search for the package directly using the following command: docker run --rm registry.suse.com/bci/bci-base:OS_VERSION zypper search PACKAGE_NAME (replace OS_VERSION with the appropriate service version number, for example: 15.3 or 15.4).

8 Adding GPG signing keys

Adding external repositories to a container or container image normally requires importing the GPG key used for signing the packages. This can be done with the rpm --import KEY_URL command. This adds the key to the RPM database, and all packages from the repository can be installed afterwards.