What is Buildah?
Buildah is a command-line tool for creating Open Container Initiatives (OCI) or traditional Docker images. And then building working containers from those images is up to you. It allows the containers to be mounted and modified. You can also save images based on the updated containers. Buildah works daemon-less as well as rootless. It is one of the essential building blocks of the Red Hat container ecosystem, an alternative to Docker’s monolithic architecture. Before moving to its relationship with Podman, I would like to emphasize that Buildah is very much a Linux tool.
Buildah and Podman Relationship
Buildah plays very nicely with Podman. There is some overlap in functionality between Buildah and Podman. But, the split-up of core responsibilities is clear. Podman itself can also build images. It actually uses Buildah on the backend while creating them. For instance, podman build calls the buildah bud command.
On the contrary, buildah bud provides the build-using-dockerfile (bud) command that mimic docker build. Buildah is an efficient way to build OCI images. Whereas, Podman enables similar CLI commands to manage and maintain those images and containers in a production environment. Together they form a pretty strong foundation to support your OCI container needs
What are the major differences with Docker Build?
Docker is a monolithic tool that tries to do everything at once. However, we can functionally break down what Docker does into various components. Put simply, assume Podman as the equivalent of Docker’s container engine function, and Skopeo as solid alternatives to Docker in managing container images and registries. It is worth noting that these two applications have advantages over Docker.
When it comes to image building, Buildah rises against Docker. It already supports Dockerfiles. You can easily use Buildah’s bud command (short for “build-using-dockerfile”) and build your images from any Dockerfiles. Buildah gives you better control over image layers. It enables several changes in one layer as opposed to the one layer per step created in Docker. But, Buildah can do much more than just a third-party tool that handles Dockerfiles.
Buildah can create OCI compliant images from scratch step by step. This process helps you in testing images and clean up temporary files before committing and finalizing them. Thus, Buildah provides better flexibility than Docker. Another critical difference between Buildah and Docker is that the images created by Buildah are user-specific. So, you can only list images that you have created yourself by buildah images
How to install and use Buildah?
Install
Installation is very straightforward. Just take your Linux package manager and install the Buildah. For Centos, use:
yum install -y buildahTo check if the buildah is installed, try:
buildah versionContainerize Existing Dockerfile
Instead of the docker build command we are used to, we run the buildah command below.
[mgonen@mgonen containermen]$ buildah bud -t mustafagonen/contandcont contandcont STEP 1: FROM scratch STEP 2: LABEL maintainer="Mustafa Gonen" STEP 3: COPY contandcont / STEP 4: EXPOSE 8080 STEP 5: ENTRYPOINT [ "/contandcont" ] STEP 6: COMMIT containers-storage:[vfs@/home/mgonen/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]localhost/mustafagonen/contandcont:latest Getting image source signatures Copying blob sha256:258da81a6b2aba1003628a44cec752cf44067f74a299abe1c636acd25d8654c5 3.30 MiB / 3.30 MiB [======================================================] 0s Copying config sha256:9d82e14463d8eec0c408a5245435f3fd74ca0055243a96c2cb76d49d49ff93ce 438 B / 438 B [============================================================] 0s Writing manifest to image destination Storing signatures --> 9d82e14463d8eec0c408a5245435f3fd74ca0055243a96c2cb76d49d49ff93ce [mgonen@mgonen containermen]$ buildah images IMAGE NAME IMAGE TAG IMAGE ID SIZE localhost/mustafagonen/contandcont latest 9d82e14463d8 6.87 MB
Buildah beyond Dockerfiles
Buildah can build an image or container without a dockerfile. Let’s use buildah from command to start building our image. This command has basically two options.
- Build a container from scratch with
buildah from scratch - Build a container from an existing image with
buildah from --pull <image>You can also specify the URL of the repository from where we want to pull.
First we initiate a working container using the scratch image.
[mgonen@mgonen containermen]$ buildah from scratch working-container [mgonen@mgonen containermen]$ buildah containers CONTAINER ID BUILDER IMAGE ID IMAGE NAME CONTAINER NAME 41b2e348f98a * scratch working-contain
So we have our container instance named working-container. Now, let’s create the maintainer label, commit the change, and compose another intermediate container. Finally, we remove the first working container.
[mgonen@mgonen containermen]$ buildah config --label "maintainer=Musafa Gonen" working-container [mgonen@mgonen containermen]$ buildah commit working-container tm-intermediate-1 Getting image source signatures Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 32 B / 32 B [==============================================================] 0s Copying config sha256:4786863027c87a85710f432101cc04157fccbe51aee9bf9de3695bf87623f7c3 302 B / 302 B [============================================================] 0s Writing manifest to image destination Storing signatures 4786863027c87a85710f432101cc04157fccbe51aee9bf9de3695bf87623f7c3 [mgonen@mgonen containermen]$ buildah from tm-intermediate-1 tm-intermediate-1-working-container [mgonen@mgonen containermen]$ buildah containers CONTAINER ID BUILDER IMAGE ID IMAGE NAME CONTAINER NAME 41b2e348f98a * scratch working-container fb6c8f1f72c7 * 4786863027c8 localhost/tm-intermediate-1:latest tm-intermediate-1-working-container [mgonen@mgonen containermen]$ buildah rm working-container 41b2e348f98a859821095787804d97b1d80332e7af36717e92fe7b44b4041bd
When it comes to crafting container images with enhanced tools, buildah can give you more flexibility and also capability.
Please find other commands and extra information at https://github.com/containers/buildah
