How Edera Uses OCI images

How is OCI used throughout Edera?

Edera is built on the philosophy that infrastructure should be composed the same way you compose your workloads. The Open Container Initiative (OCI) defines industry standards for container image formats and runtimes, enabling consistent packaging and execution across tools and platforms. That infrastructure should be composed in the same way you compose your workloads.

To that end, Edera is distributed via OCI images, and each zone consumes OCI images as its inputs for the Linux kernel, driver zones, and system extensions. Zones can then run dynamic sets of OCI containers—known as workloads.

Edera implements a tiny OCI runtime called Styrolite, written in Rust. Unlike traditional stacks (like Kata Containers, which use containerd and runc as separate processes), Styrolite is embedded within the zone itself.

• No additional container runtime processes
• The zone’s init system directly spawns and manages containers
• Optimized for secure, lightweight execution

This design avoids unnecessary complexity and attack surface introduced by conventional container runtimes. It keeps the execution path short and tightly controlled, aligning with Edera’s overall goal of secure-by-design system isolation.