Toolbox allows you to sort and manage your development environments in containers without requiring root privileges or manually attaching volumes. It creates a container where you can install your own CLI tools, without installing them on the base system itself. You can also utilize it when you do not have root access or cannot install programs directly. This article gives you an introduction to toolbox and what it does.
Installing Toolbox
Silverblue includes Toolbox by default. For the Workstation and Server editions, you can grab it from the default repositories using dnf install toolbox.
Creating Toolboxes
Open your terminal and run toolbox enter. The utility will automatically request permission to download the latest image, create your first container, and place your shell inside this container.
$ toolbox enter No toolbox containers found. Create now? [y/N] y Image required to create toolbox container. Download registry.fedoraproject.org/f30/fedora-toolbox:30 (500MB)? [y/N]: y
Currently there is no difference between the toolbox and your base system. Your filesystems and packages appear unchanged. Here is an example using a repository that contains documentation source for a resume under a ~/src/resume folder. The resume is built using the pandoc tool.
$ pwd /home/rwaltr $ cd src/resume/ $ head -n 5 Makefile all: pdf html rtf text docx pdf: init pandoc -s -o BUILDS/resume.pdf markdown/* $ make pdf bash: make: command not found $ pandoc -v bash: pandoc: command not found
This toolbox does not have the programs required to build the resume. You can remedy this by installing the tools with dnf. You will not be prompted for the root password, because you are running in a container.
$ sudo dnf groupinstall "Authoring and Publishing" -y && sudo dnf install pandoc make -y ... $ make all #Successful builds mkdir -p BUILDS pandoc -s -o BUILDS/resume.pdf markdown/* pandoc -s -o BUILDS/resume.html markdown/* pandoc -s -o BUILDS/resume.rtf markdown/* pandoc -s -o BUILDS/resume.txt markdown/* pandoc -s -o BUILDS/resume.docx markdown/* $ ls BUILDS/ resume.docx resume.html resume.pdf resume.rtf resume.txt
Run exit at any time to exit the toolbox.
$ cd BUILDS/ $ pandoc --version || ls pandoc 2.2.1 Compiled with pandoc-types 1.17.5.4, texmath 0.11.1.2, skylighting 0.7.5 ... for a particular purpose. resume.docx resume.html resume.pdf resume.rtf resume.txt $ exit logout $ pandoc --version || ls bash: pandoc: command not found... resume.docx resume.html resume.pdf resume.rtf resume.txt
You retain the files created by your toolbox in your home directory. None of the programs installed in your toolbox will be available outside of it.
Tips and tricks
This introduction to toolbox only scratches the surface. Here are some additional tips, but you can also check out the official documentation.
- Toolbox –help will show you the man page for Toolbox
- You can have multiple toolboxes at once. Use toolbox create -c Toolboxname and toolbox enter -c Toolboxname
- Toolbox uses Podman to do the heavy lifting. Use toolbox list to find the IDs of the containers Toolbox creates. Podman can use these IDs to perform actions such as rm and stop. (You can also read more about Podman in this Magazine article.)
Photo courtesy of Florian Richter from Flickr.
Martin Ueding
That’s a bad Makefile, it will always re-build everything because the targets are not the files that are generated.
Ryan Walter
Thank you for pointing that out, I learned something new!
Ryan Walter
Thank you for mentioning that! Learned something new today!
Maciej
Toolbox is the tool that I thought docker is when I didn’t knew anything about docker. 🙂
Ryan Walter
Interesting that you say that. I’ve never thought of docker in that way, but I can completely see where you are coming from. Especialy if you don’t have the filesystem sandbox concepts of docker understood yet.
Ryan Walter
Interesting that you say that, I can definitely see what you are talking about, especially if you do not have the filesystem sandboxing fully understood.
Maciej
My thinking was Docker = Containers = Much better “chroot”
When I installed docker for the first time I was thinking that I’m installing some sort of tool for isolating stuff easily. Than came confusion about the difference between image and container, and OMG where are my all changes after container stopped, and what do you mean I should run only one service in one container? Maybe I still have physical server and I want to run couple of services in one place and just move one big blob around? Moreover why you (docker) insist so much on running this stuff that other people made? Why I can’t just point you too my own rootfs and run that? It was painful and I don’t think I like docker that much. Yes I know it’s for running stuff in the clouds, but still…
Gr
The same view of all that Dockers!
Still confused of using Docker and cant move of virtual machine, old-school nice little virtual machines.
Do anybody have a raw howto to explain why “docker vs vms” is winnig?
Maciej
I really don’t like compering these technologies. Containers are only able to isolate and run many different “userlands”, so no different kernels and no different OSs. You can use docker and you will probably not even know that there is still some VM underneath.
Guus Bonnema
I do have a question: how does toolbox and the files I can maintain using toolbox relate to backup programs? I.e. If I want to backup my files and I have say 5 toolbox instances, how does that work? Could you add that to the article?
Ryan Walter
For the files (Such as the ones under /home/rwaltr/src/resume In the above example. ) you can use any tool that can handle file level replication such as Rsync, SCP, Restic, etc. Toolbox does not separate your home directory from your base system, So any backups you are running on the base system would also pick up on any changes that were performed in Toolbox.
The Toolbox containers themselves are actually ran by Podman, You can find where your podman containers are stored with “grep graphroot $HOME/.config/containers/storage.conf ” I suppose you could run the backups directly in the container, But I am unsure of the use case for that.
Alex
There just seem layer after layer coming up in the containers space, hard to track what’s going on, and how everything works… I pretty much use Singularity (https://sylabs.io/docs/) for purposes explained in this article, but that’s because it came first, and has an excellent support for parallel execution on clusters and supercomputers. Would love to see more detailed comparison between various container solutions for developers.
Danie
How do I make new instances of non-default images?
I thought it would be:
toolbox create –release=32
Ryan Walter
I was able to use
the options are -r and –release, Not -release=
Ed Nicholson
Do Toolbox containers run on Docker in Windows10
I hate to ask, but work…
Ryan Walter
I am unable to test, But I wouldn’t see why not, need to check that the right volumes are being passed though,