What is the OCI

The Open Container Initiative (OCI) is a set of industry standards that define how container images are formatted, how container runtimes behave, and how images are distributed. Founded in 2015 by Docker and CoreOS under the Linux Foundation, it ensures that images and runtimes are interoperable across vendors.

How it works

The OCI defines three specifications:

Image Specification — defines the format of a container image: a manifest (JSON listing layers and config), a config (JSON with metadata, entrypoint, environment), and layer tarballs (compressed filesystem diffs). Content-addressable by SHA256 digest.

Runtime Specification — defines how a container runtime creates and runs a container from an OCI bundle (a rootfs directory plus a config.json). Specifies namespace creation, cgroup setup, mount points, and process execution. runc is the reference implementation.

Distribution Specification — defines the HTTP API for pushing and pulling images to and from registries. This is why the same docker push workflow works against Docker Hub, GitHub Container Registry, Amazon ECR, and any OCI-compliant registry.

Why it matters

Before OCI, Docker's image format and runtime behavior were proprietary. OCI standardization means images built with Docker work with Podman, containerd, CRI-O, and Kubernetes without modification. Runtimes are swappable. Registries are interoperable. The entire container ecosystem depends on these standards.

See How Container Images Work for the OCI image format in detail.