If you're looking to build Open Container Initiative (OCI) container images without a full container runtime or daemon installed, Buildah is the perfect solution. Now, Buildah is an open source, Linux-based tool that can build Docker- and Kubernetes-compatible images, and is easy to incorporate into scripts and build pipelines. In addition, Buildah has overlap functionality with Podman, Skopeo, and CRI-O.
Buildah has the ability to create a working container from scratch, but also from a pre-existing Dockerfile. Plus, with it not needing a daemon, you'll never have to worry about Docker daemon issues when building container images.
Let's cover some real-world examples to show how easy it is to get started with Buildah, and how easy it is to create a container image.
If you're running Red Hat Enterprise Linux (RHEL) 8, follow the steps below. For Fedora users, be sure to replace
$ yum -y install buildah
However, if you don't have Linux available, you can use Buildah.
To get to know Buildah, let's play around with some basic commands. The command
buildah --version will output the current version of our Buildah install, and
buildah --help will help if you get stuck.
For example, in order to pull a container image from a repository, use the
from variable. For example, if your favorite Linux distribution is CentOS:
$ buildah from centos
After pulling the image and storing it on the host, list our current images by running
buildah images. This behavior is similar to Podman and Docker, as many commands are cross-compatible. To get a list of our running containers, which are provisioned as soon as the image pull is completed, use
buildah containers. For an example, see Figure 1.
Finally, since we've pulled and displayed a container, let's clean up and remove our running containers with
buildah rm -all. Be sure to exercise caution, however, as Buildah has the ability to remove a running container while Docker does not.
Building a container
Time to get hands-on with Buildah and build an Apache web server that will run inside a container. To get things started, let's pull a CentOS base image and start working:
$ buildah from centos
You'll see the default image name as output in the console like
centos-working-container, giving us the ability to run commands within the specified container. For our case, we'll be installing an httpd package, which can be done using the following command:
$ buildah run centos-working-container yum install httpd -y
Once we've installed
httpd, we can take our attention to creating a main page to be directed to on our web server, commonly known as an
index.html file. To create a simple file without having to worry about formatting, use the
echo command below:
$ echo "Hello from Red Hat" > index.html
In addition, after creating this new file, let's copy it into our current working container with the Buildah
copy function. The default location for publicly accessible files is also included:
$ buildah copy centos-working-container index.html /var/www/html/index.html
To start this container, we must configure an entry point for a container, which is used to start
httpd as the container begins and keep it in the foreground:
$ buildah config --entrypoint "/usr/sbin/httpd -DFOREGROUND" centos-working-container
commit our changes to the container, and prepare it to be pushed to any container registry you'd like (ex. Docker and Quay.io):
$ buildah commit centos-working-container redhat-website
redhat-website image is ready to run with Podman, or push to your registry of choice.
Building with a Dockerfile
Another significant part of Buildah is the ability to build images using a Dockerfile, and the
bud command can do just that. Let's take an example Dockerfile as input, and output an OCI image:
# CoreOS Base FROM fedora:latest # Install httpd RUN echo "Installing httpd"; yum -y install httpd # Expose the default httpd port 80 EXPOSE 80 # Run httpd CMD ["/usr/sbin/httpd", "-DFOREGROUND"]
Once we save this file as
Dockerfile in our local directory, we can use the
bud command to build the image:
$ buildah bud -t fedora-httpd
To double-check our progress, let's run
buildah images and ensure we can see our new
fedora-httpd image resting in our localhost repository. Now, feel free to again run the image with Podman, or push it to your favorite registry.
Great job! We've gone through building a container from scratch, as well as from a predefined Dockerfile. Buildah is a lightweight and flexible way to create container images without the need for a runtime or daemon installed.
You can continue to experiment with Buildah, which offers you an interactive environment right in your browser.
If you need container orchestration, you can use Buildah with Kubernetes or Red Hat OpenShift. To get started with these platforms, see kubernetesbyexample.com and learn.openshift.com.
Learn more about Buildah:
- Podman and Buildah for Docker users (William Henry)
- Best practices for running Buildah in a container (Daniel Walsh)
- Build and run Buildah inside a Podman container (Tom Sweeney)