Image mode for Red Hat Enterprise Linux (RHEL) with Podman

Learning path | 8 resources | 1 hr and 15 mins | Published on September 23, 2025

Learn how to create, update, and manage a custom, bootable Red Hat Enterprise Linux (RHEL) container image with Podman. 

No-cost RHEL for Developers subscription

  1. Overview: Image mode for Red Hat Enterprise Linux (RHEL) with Podman
  2. Workstation preparation Page | 15 mins
  3. Create the container image definition and user files Page | 10 mins
  4. Build the custom image Page | 15 mins
  5. Build a disk image Page | 5 mins
  6. Deploy and verify the disk image Page | 10 mins
  7. Update hosts running image mode for RHEL Page | 10 mins
  8. Perform a system rollback Page | 10 mins

Page

Build a disk image

September 23, 2025
Sean Merrow
Related topics:
ContainersDeveloper ToolsLinux
Related products:
Red Hat Enterprise Linux
Featured image for Red Hat Enterprise Linux.

Now, let’s build a bootable disk image from the container image that's suitable for the environment in which it will run.

In this lesson, you will:

  • Build a bootable disk image from your container image for your specific environment.

Create a bootable disk image

In order to create a bootable disk image from the bootc container image just built, use the bootc-image-builder tool. This is done by running the podman commands below and specifying the image type, config.toml, and the image to use. Notice that we must run the commands in privileged mode, and use sudo for both of the podman commands. For this reason, you’ll want to first push the custom image to your repository, then pull it using sudo so it is available to the root user.

 # Push the image to the registry
podman push quay.io/seanmerrow/rhel9-httpd:v3

With the SSH server included in the image, you also need a file with user configuration during the process to convert the image to a bootable disk image in a later step. The following is an example config.toml file that will create a user and add the user’s public SSH key to the image for secure access. The user is also added to the wheel group to provide the ability to use sudo for privileged commands. Copy the file displayed below into a text file, and name the file config.toml

Note

You will need to change the user name appropriately and use the user’s full SSH key.

Configuration file defining the user access to the image: config.toml.

[[customizations.user]]
name = "smerrow"
password = "redhat123"
key = "ssh-ed25519 AAAAC3Nza...zseIJ9zs smerrow@fedora"
groups = ["wheel"]

In this example, we’re creating a QCOW2 image that can be used to boot a virtual machine instance. If the image will be booted to a bare-metal server, you may choose a disk type of ISO. 

# Use sudo to pull the image you want to make bootable
sudo podman pull quay.io/seanmerrow/rhel9-httpd:v3

# Create a directory for the qcow2 image
mkdir output

# Build the bootable disk image
sudo podman run \
    --rm \
    -it \
    --privileged \
    --pull=newer \
    --security-opt label=type:unconfined_t \
    -v ./config.toml:/config.toml:ro \
    -v ./output:/output \
    -v /var/lib/containers/storage:/var/lib/containers/storage \
    registry.redhat.io/rhel9/bootc-image-builder:latest \
    --type qcow2 \
	--use-librepo=True \
    quay.io/seanmerrow/rhel9-httpd:v3

The QCOW2 file should now show up on the host machine in the output/qcow2 folder.

$ tree output
output
├── manifest-qcow2.json
└── qcow2
    └── disk.qcow2

You should now be able to boot that QCOW2 file to instantiate a virtual machine. 

Previous resource
Build the custom image
Next resource
Deploy and verify the disk image