If you're looking to build Open Container Initiative (OCI) container images without a full container runtime or daemon installed, Buildah is the perfect solution. Now, Buildah is an open-source, Linux-based tool that can build Docker- and Kubernetes-compatible images, and is easy to incorporate into scripts and build pipelines. In addition, Buildah has overlap functionality with Podman, Skopeo, and CRI-O.
Buildah has the ability to create a working container from scratch, but also from a pre-existing Dockerfile. Plus, with it not needing a daemon, you'll never have to worry about Docker daemon issues when building container images.
Let's explore some practical examples to demonstrate how simple it is to get started with Buildah, and how easily a container image can be created.
Installing Buildah
If you're running Red Hat Enterprise Linux 9 (RHEL 9), follow the steps below. For Fedora users, be sure to replace yum with dnf:
$ yum -y install buildah
For other distributions of Linux, follow these docs.
Basic commands
To get to know Buildah, let's play around with some basic commands. The command buildah --version will output the current version of our Buildah install, and buildah --help will help if you get stuck.
For example, in order to pull a container image from a repository, use the from variable. For example, if your favorite Linux distribution is CentOS:
$ buildah from centos
After pulling the image and storing it on the host, list our current images by running buildah images. This behavior is similar to Podman and Docker, as many commands are cross-compatible. To get a list of our container images, which are ready as soon as the image pull is completed, use buildah containers.
Figure 1: Listing our stored container images
Finally, since we've pulled and displayed a container, let's clean up and remove our running containers with buildah rm -all. Be sure to exercise caution, however, as Buildah has the ability to remove a running container while Docker does not.
Building a container
Time to get hands-on with Buildah and build an Apache web server that will run inside a container. To get things started, let's pull a CentOS base image and start working:
$ buildah from centos
You'll see the default image name as output in the console like centos-working-container, giving us the ability to run commands within the specified container. For our case, we'll be installing an httpd package, which can be done using the following command:
$ buildah run centos-working-container yum install httpd -y
Once we've installed httpd, we can focus on creating a main page to be directed to on our web server, commonly known as an index.html file. To create a simple file without having to worry about formatting, use the echo command below:
$ echo "Hello from Red Hat" > index.html
In addition, after creating this new file, let's copy it into our current working container with the Buildah copy function. The default location for publicly accessible files is also included:
$ buildah copy centos-working-container index.html /var/www/html/index.html
To start this container, we must configure an entry point for a container, which is used to start httpd as the container begins and keep it in the foreground:
$ buildah config --entrypoint "/usr/sbin/httpd -DFOREGROUND" centos-working-container
Finally, let's commit our changes to the container, and prepare it to be pushed to any container registry you'd like (ex. Docker and Quay.io):
$ buildah commit centos-working-container redhat-website
Your redhat-website image is ready to run with Podman, or pushed to your registry of choice.
Building with a Dockerfile
Another significant part of Buildah is the ability to build images using a Dockerfile, and the build-using-dockerfile, or bud command can do just that. Let's take an example Dockerfile as input, and output an OCI image:
# CoreOS Base FROM fedora:latest # Install httpd RUN echo "Installing httpd"; yum -y install httpd # Expose the default httpd port 80 EXPOSE 80 # Run httpd CMD ["/usr/sbin/httpd", "-DFOREGROUND"]
Once we save this file as Dockerfile in our local directory, we can use the bud command to build the image:
$ buildah bud -t fedora-httpd
To double-check our progress, let's run buildah images and ensure we can see our new fedora-httpd image resting in our localhost repository. Now, feel free to again run the image with Podman, or push it to your favorite registry.
Conclusion
Great job! We've gone through building a container from scratch, as well as from a predefined Dockerfile. Buildah is a lightweight and flexible way to create container images without the need for a runtime or daemon installed.
You can continue to experiment with Buildah, which offers you an interactive environment right in your browser.
If you need container orchestration, you can use Buildah with Kubernetes or Red Hat OpenShift. To get started with these platforms, see kubernetesbyexample.com and learn.openshift.com.
Resources
Learn more about Buildah:
- Podman and Buildah for Docker users (William Henry)
- Best practices for running Buildah in a container (Daniel Walsh)
- Build and run Buildah inside a Podman container (Tom Sweeney)
