How to build container images with Buildah

Project Atomic, through their efforts on the Open Container Initiative (OCI), have created a great tool called Buildah. Buildah helps with  creating, building and updating container images supporting Docker formatted images as well as OCI compliant images.

Buildah handles building container images without the need to have a full container runtime or daemon installed. This particularly shines for setting up a continuous integration and continuous delivery pipeline for building containers.

Buildah makes the container’s filesystem directly available to the build host. Meaning that the build tooling is available on the host and not needed in the container image, keeping the build faster and the image smaller and safer. There are Buildah packages for CentOS, Fedora, and Debian.

Installing Buildah

Since Fedora 26 Buildah can be installed using dnf.

$ sudo dnf install buildah -y

The current version of buildah is 0.16, which can be displayed by the following command.

$ buildah --version

Basic commands

The first step needed to build a container image is to get a base image, this is done by the FROM statement in a Dockerfile. Buildah does handle this in a similar way.

$ sudo buildah from fedora

This command pulls the Fedora based image and stores it on the host. It is possible to inspect the images available on the host, by running the following.

$ sudo buildah images
IMAGE ID             IMAGE NAME                                               CREATED AT             SIZE
9110ae7f579f         docker.io/library/fedora:latest                          Mar 7, 2018 20:51      234.7 MB

After pulling the base image, a running container instance of this image is available, this is a “working-container”.

The following command displays the running containers.

$ sudo buildah containers 
CONTAINER ID BUILDER IMAGE ID IMAGE NAME 
CONTAINER NAME
6112db586ab9 * 9110ae7f579f docker.io/library/fedora:latest fedora-working-container

Buildah also provides a very useful command to stop and remove all the containers that are currently running.

$ sudo buildah rm --all

The full list of command is available using the –help option.

$ buildah --help

Building an Apache web server container image

Let’s see how to use Buildah to install an  Apache web server on a Fedora base image, then copy a custom index.html to be served by the server.

First let’s create the custom index.html.

$ echo "Hello Fedora Magazine !!!" > index.html

Then install the httpd package inside the running container.

$ sudo buildah from fedora
$ sudo buildah run fedora-working-container dnf install httpd -y

Let’s copy index.html to /var/www/html/.

$ sudo buildah copy fedora-working-container index.html /var/www/html/index.html

Then configure the container entrypoint to start httpd.

$ sudo buildah config --entrypoint "/usr/sbin/httpd -DFOREGROUND" fedora-working-container

Now to make the “working-container” available, the commit command saves the container to an image.

$ sudo buildah commit fedora-working-container hello-fedora-magazine

The hello-fedora-magazine image is now available, and can be pushed to a registry to be used.

$ sudo buildah images
IMAGE ID IMAGE NAME CREATED 
AT SIZE
9110ae7f579f docker.io/library/fedora:latest 
Mar 7, 2018 22:51 234.7 MB
49bd5ec5be71 docker.io/library/hello-fedora-magazine:latest 
Apr 27, 2018 11:01 427.7 MB

It is also possible to use Buildah to test this image by running the following steps.

$ sudo buildah from --name=hello-magazine docker.io/library/hello-fedora-magazine

$ sudo buildah run hello-magazine

Accessing http://localhost  will display “Hello Fedora Magazine !!!

For Developers Using Software

15 Comments

  1. pixdrift

    You may have issues with Buildah executing entrypoint as this is not the expected behaviour from Buildah. Your final command to ‘buildah run hello-magazine’ should use ‘podman run’ if you want it to use the configured container entrypoint.

  2. Hushen Beg

    It is very nice Ashutosh sir. I am also working on Aws,Docker,Swarm ,Ec2 etc .Now a days buildah is very useful for updating and building the container images.

  3. prafful chavan

    nice sir….👍
    Is that same way to install in redhat as well or not ?

  4. Erik

    Being in New England, gotta love the name! (It is how Builder would be pronounced with a local accent).

    • @Erik: That’s exactly how it got its name — a tribute to the very pronounced accent of Dan Walsh, who works on container technologies.

    • FeRDNYC

      I’m a little disappointed, though, because at no point does anyone ever point out that Buildah is “a wicked good tool for maintaining yah containahs”. #MissedOpportunity

  5. Madhusudan Upadhyay

    “Buildah makes the container’s filesystem directly available to the build host”
    That is good news. Perhaps, utilities from container host can be leveraged as a part of the build now and that would in turn enhance the overall performance of the build process.
    Impressive and quite self-explanatory article Ashutosh Sir. Good work.

  6. umesh

    It is very nice Ashutosh sir. I am also working on docker .Now a days buildah is very useful for updating and building the container images.
    It is easy to use.

  7. Akshay Wani

    Very helpful article to start with Buildah . People currently working on Docker should definately try out Buildah.

  8. Keecheril Jobin Varghese

    Perfectly explained. Thank you for making it easier to understand!

  9. clime

    Personally, I don’t understand the ‘sudos’ in every single command. Do they really need to be there? I would like to see a tool that is able to create a container image from host without having to use a privileged user.

  10. Athavan Kanapuli

    Does buildah allows more than one process to run inside a single container? Taking back the httpd example in the article, I need redis server to run in the same container along with httpd. Does builah has an init system to manage multiple services?

Leave a Reply

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions

%d bloggers like this: