What is Buildah? Build, manage and modify your images

Buildah builds images and working containers.
Buildah builds images and working containers.

What is Buildah?

Buildah is a command-line tool for creating Open Container Initiatives (OCI) or traditional Docker images. And then building working containers from those images is up to you. It allows the containers to be mounted and modified. You can also save images based on the updated containers. Buildah works daemon-less as well as rootless. It is one of the essential building blocks of the Red Hat container ecosystem, an alternative to Docker’s monolithic architecture. Before moving to its relationship with Podman, I would like to emphasize that Buildah is very much a Linux tool.

Buildah and Podman Relationship

Buildah plays very nicely with Podman. There is some overlap in functionality between Buildah and Podman. But, the split-up of core responsibilities is clear. Podman itself can also build images. It actually uses Buildah on the backend while creating them. For instance, podman build calls the buildah bud command.

On the contrary, buildah bud provides the build-using-dockerfile (bud) command that mimic docker build. Buildah is an efficient way to build OCI images. Whereas, Podman enables similar CLI commands to manage and maintain those images and containers in a production environment. Together they form a pretty strong foundation to support your OCI container needs

What are the major differences with Docker Build?

Docker is a monolithic tool that tries to do everything at once. However, we can functionally break down what Docker does into various components. Put simply, assume Podman as the equivalent of Docker’s container engine function, and Skopeo as solid alternatives to Docker in managing container images and registries. It is worth noting that these two applications have advantages over Docker.

Docker vs. Buildah
Docker vs. Buildah

When it comes to image building, Buildah rises against Docker. It already supports Dockerfiles. You can easily use Buildah’s bud command (short for “build-using-dockerfile”) and build your images from any Dockerfiles. Buildah gives you better control over image layers. It enables several changes in one layer as opposed to the one layer per step created in Docker. But, Buildah can do much more than just a third-party tool that handles Dockerfiles.

Buildah can create OCI compliant images from scratch step by step. This process helps you in testing images and clean up temporary files before committing and finalizing them. Thus, Buildah provides better flexibility than Docker. Another critical difference between Buildah and Docker is that the images created by Buildah are user-specific. So, you can only list images that you have created yourself by buildah images

How to install and use Buildah?


Installation is very straightforward. Just take your Linux package manager and install the Buildah. For Centos, use:

yum install -y buildah

To check if the buildah is installed, try:

buildah version

Containerize Existing Dockerfile

Instead of the docker build command we are used to, we run the buildah command below.

[mgonen@mgonen containermen]$ buildah bud -t mustafagonen/contandcont contandcont
STEP 1: FROM scratch
STEP 2: LABEL maintainer="Mustafa Gonen"
STEP 3: COPY contandcont /
STEP 5: ENTRYPOINT [ "/contandcont" ]
STEP 6: COMMIT containers-storage:[vfs@/home/mgonen/.local/share/containers/storage+/run/user/1000:overlay.mount_program=/usr/bin/fuse-overlayfs]localhost/mustafagonen/contandcont:latest
Getting image source signatures
Copying blob sha256:258da81a6b2aba1003628a44cec752cf44067f74a299abe1c636acd25d8654c5
3.30 MiB / 3.30 MiB [======================================================] 0s
Copying config sha256:9d82e14463d8eec0c408a5245435f3fd74ca0055243a96c2cb76d49d49ff93ce
438 B / 438 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
--> 9d82e14463d8eec0c408a5245435f3fd74ca0055243a96c2cb76d49d49ff93ce
[mgonen@mgonen containermen]$ buildah images
localhost/mustafagonen/contandcont latest 9d82e14463d8 6.87 MB

Buildah beyond Dockerfiles

Buildah can build an image or container without a dockerfile. Let’s use buildah from command to start building our image. This command has basically two options.

  • Build a container from scratch with buildah from scratch 
  • Build a container from an existing image with buildah from --pull <image>  You can also specify the URL of the repository from where we want to pull.

First we initiate a working container using the scratch image.

[mgonen@mgonen containermen]$ buildah from scratch
[mgonen@mgonen containermen]$ buildah containers
41b2e348f98a * scratch working-contain

So we have our container instance named working-container. Now, let’s create the maintainer label, commit the change, and compose another intermediate container. Finally, we remove the first working container.

[mgonen@mgonen containermen]$ buildah config --label "maintainer=Musafa Gonen" working-container
[mgonen@mgonen containermen]$ buildah commit working-container tm-intermediate-1
Getting image source signatures
Copying blob sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1
32 B / 32 B [==============================================================] 0s
Copying config sha256:4786863027c87a85710f432101cc04157fccbe51aee9bf9de3695bf87623f7c3
302 B / 302 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
[mgonen@mgonen containermen]$ buildah from tm-intermediate-1
[mgonen@mgonen containermen]$ buildah containers
41b2e348f98a * scratch working-container
fb6c8f1f72c7 * 4786863027c8 localhost/tm-intermediate-1:latest tm-intermediate-1-working-container
[mgonen@mgonen containermen]$ buildah rm working-container

When it comes to crafting container images with enhanced tools, buildah can give you more flexibility and also capability.

Please find other commands and extra information at https://github.com/containers/buildah

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.