{{announcement.body}}
{{announcement.title}}

Everything You Need to Know About Buildah

DZone 's Guide to

Everything You Need to Know About Buildah

Use Buildah to package a web application as a container, starting from an existing image, and then run your application with Podman and Docker.

· DevOps Zone ·
Free Resource

Buildah is a tool for building OCI-compatible images through a lower-level coreutils interface. Similar to Podman, Buildah doesn't depend on a daemon, such as Docker or CRI-O, and it doesn't require root privileges. Buildah provides a command-line tool that replicates all the commands found in a Dockerfile. This allows you to issue Buildah commands from a scripting language, such as Bash.

This tutorial shows you how to:

  • Use Buildah to package a web application as a container, starting from an existing image, and then run your application with Podman and Docker.
  • Use Buildah to package a web application as a container starting from scratch.
  • Use Buildah to package a web application as a container starting from a Dockerfile.
  • Use Buildah to modify an existing container image.
  • Push images to a public repository.

Prerequisites

In this tutorial, we assume basic familiarity with Docker or Podman. To learn about Podman, see our Podman for Docker Users tutorial.

Use the buildah --version command to verify if Buildah is installed:
buildah --version

The following example output shows that Buildah is installed on your computer:

buildah version 1.11.6 (image-spec 1.0.1-dev, runtime-spec 1.0.1-dev)

If Buildah is not installed, follow the instructions from the Buildah Install page.

Then, enter the following command to check if Podman is installed on your system:
podman version

The following example output shows that Podman is installed on your computer:

Version:            1.6.4 
RemoteAPI Version:  1 
Go Version:         go1.12.12 
OS/Arch:            linux/amd64

Refer to the Podman Installation Instructions page for details on how to install Podman.

Then, use the following command to see if Docker is installed on your system:

docker --version


The following example output shows that Docker is installed on your computer:

Docker version 18.06.3-ce, build d7080c1

For details about installing Docker, refer to the Install Docker page.

Package a Web-Based Application as a Container Starting From an Existing Image

In this section, you'll use Buildah to package a web-based application as a container, starting from the Alpine Linux image. Then, you'll run your container image with Podman and Docker.

Alpine Linux is only 5 MB in size, and it lacks several prerequisites that are required to run ExpressJS. Thus, you'll use apk to install these prerequisites.

Enter the following command to create a new container image based on the alpine image, and store the name of your new image in an environment variable named container:
container=$(buildah from alpine)

Getting image source signatures 
Copying blob c9b1b535fdd9 skipped: already exists 
Copying config e7d92cdc71 done 
Writing manifest to image destination 
Storing signatures


☞ Note that, by default, Buildah constructs the name of the container by appending -working-container to the name:

echo $container

alpine-working-container

You can override the default behavior by specifying the --name flag with the name of the working container. The following example creates a container image called example-container:

example_container=$(buildah from --name "example-container" alpine)

echo $example_container

example-container

The Alpine Linux image you just pulled is only 5 MB in size, and it lacks the basic utilities, such as Bash. Run the following command to verify your new container image:

buildah run $container bash

The following output shows that the container image has been created, but bash is not yet installed:

Plain Text
 




x


 
1
ERRO[0000] container_linux.go:346: starting container process caused "exec: \"bash\": executable file not found in $PATH" 
2
container_linux.go:346: starting container process caused "exec: \"bash\": executable file not found in $PATH" error running container: error creating container for [bash]: : exit status 1 
3
ERRO exit status 1



To install Bash, enter the buildah run command and specify:

  • The name of the container ($container).
  • Two dashes. The commands after -- are passed directly to the container.
  • The command you want to execute inside the container (apk add bash).
buildah run $container -- apk add bash

Plain Text
 




xxxxxxxxxx
1
10


 
1
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz 
2
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz 
3
(1/5) Installing ncurses-terminfo-base (6.1_p20191130-r0) 
4
(2/5) Installing ncurses-terminfo (6.1_p20191130-r0) 
5
(3/5) Installing ncurses-libs (6.1_p20191130-r0) 
6
(4/5) Installing readline (8.0.1-r0) 
7
(5/5) Installing bash (5.0.11-r1) 
8
Executing bash-5.0.11-r1.post-install 
9
Executing busybox-1.31.1-r9.trigger 
10
OK: 15 MiB in 19 packages



Similarly to how you've installed bash, run the buildah run command to install node and npm:

buildah run $container -- apk add --update nodejs nodejs-npm

Plain Text
 




xxxxxxxxxx
1
13


 
1
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/main/x86_64/APKINDEX.tar.gz 
2
fetch http://dl-cdn.alpinelinux.org/alpine/v3.11/community/x86_64/APKINDEX.tar.gz 
3
(1/8) Installing ca-certificates (20191127-r1) 
4
(2/8) Installing c-ares (1.15.0-r0) 
5
(3/8) Installing libgcc (9.2.0-r3) 
6
(4/8) Installing nghttp2-libs (1.40.0-r0) 
7
(5/8) Installing libstdc++ (9.2.0-r3) 
8
(6/8) Installing libuv (1.34.0-r0) 
9
(7/8) Installing nodejs (12.15.0-r1) 
10
(8/8) Installing npm (12.15.0-r1) 
11
Executing busybox-1.31.1-r9.trigger 
12
Executing ca-certificates-20191127-r1.trigger 
13
OK: 73 MiB in 27 packages



You can use the the buildah config command to set the image configuration values. The following command sets the working directory to /usr/src/app/:

buildah config --workingdir /usr/src/app/ $container

To initialize a new JavaScript project, run the npm init -y command inside the container:

buildah run $container -- npm init -y

JavaScript
 




x
19


 
1
Wrote to /package.json: 
2
 
             
3
{  
4
  "name": "",  
5
  "version": "1.0.0",  
6
  "description": "",  
7
  "main": "index.js",  
8
  "directories": {    
9
  "lib": "lib"  
10
  },  
11
  "dependencies": {},  
12
  "devDependencies": {},  
13
  "scripts": {    
14
    "test": "echo \"Error: no test specified\" && exit 1"  
15
  },  
16
  "keywords": [],  
17
  "author": "",  
18
  "license": "ISC" 
19
}



Issue the following command to install Express.JS:

buildah run $container -- npm install express --save

Plain Text
 




xxxxxxxxxx
1


 
1
npm WARN @1.0.0 No description 
2
npm WARN @1.0.0 No repository field. 
3
 
             
4
+ express@4.17.1 
5
added 1 package from 8 contributors and audited 126 packages in 1.553s 
6
found 0 vulnerabilities



Create a file named HelloWorld.js and copy in the following JavaScript source code:

JavaScript
 




xxxxxxxxxx
1


 
1
const express = require('express') 
2
const app = express() 
3
const port = 3000 
4
 
             
5
app.get('/', (req, res) => res.send('Hello World!')) 
6
 
             
7
app.listen(port, () => console.log(`Example app listening on port ${port}!`))



To copy the HelloWorld.js file to your container's working directory, enter the buildah copy command specifying:

  • The name of the container ($container)
  • The name of the file you want to copy (HelloWorld.js)
buildah copy $container HelloWorld.js

c26df5d060c589bda460c34d40c3e8f47f1e401cdf41b379247d23eca24b1c1d

☞ You can copy a file to a different container by passing the name of the destination directory as an argument. The following example command copies the HelloWorld.js to the /temp directory:

buildah copy $container HelloWorld.js /temp

To set the entry point for your container, enter the buildah config command with the --entrypoint argument:

buildah config --entrypoint "node HelloWorld.js" $container

At this point, you're ready to write the new image using the buildah commit command. It takes two parameters:

  • The  name of the container image ($container)
  • The name of the new image (buildah-hello-world)
buildah commit $container buildah-hello-world

Getting image source signatures 
Copying blob 5216338b40a7 skipped: already exists 
Copying blob 821cca548ffe done 
Copying config 0d9f23545e done 
Writing manifest to image destination 
Storing signatures 
0d9f23545ed69ace9be47ed081c98b4ae182801b7fe5b7ef00a49168d65cf4e5


☞ If the provided image name doesn't begin with a registry name, Buildah defaults to adding localhost to the name of the image.

The following command lists your Buildah images:

buildah images

Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                              TAG         IMAGE ID       CREATED          SIZE 
2
localhost/buildah-hello-world           latest      0d9f23545ed6   56 seconds ago   71.3 MB
3
 
             



Running Your Buildah Image With Podman

To run your image with Podman, you must first make sure your image is visible in Podman:

podman images

The following example output shows the container image created in the previous steps:

Java
 




xxxxxxxxxx
1


 
1
REPOSITORY                              TAG         IMAGE ID       CREATED              SIZE 
2
localhost/buildah-hello-world           latest      0d9f23545ed6   About a minute ago   71.3 MB



Run the buildah-hello-world image by entering the podman run command with the following arguments:

  • dt to specify that the container should be run in the background, and that Podman should allocate a pseudo-TTY for it.
  • -p with the port on host (3000) that'll be forwarded to the container port (3000), separated by :.
  • The name of your image (buildah-hello-world)
podman run -dt -p 3000:3000 buildah-hello-world

332d060fc0009a8088349aba672be3601b76553e5df7643d4788c917528cbd8e


Use the podman ps command to see the list of running containers:

podman ps

Plain Text
 




xxxxxxxxxx
1


 
1
CONTAINER ID  IMAGE                                 COMMAND  CREATED        STATUS              PORTS            NAMES 
2
332d060fc000  localhost/buildah-hello-world:latest  /bin/sh  23 seconds ago  Up 21 seconds ago  0.0.0.0:3000->3000/tcp  cool_ritchie



To see the running application, point your browser to http://localhost:3000. The application should look as shown in the following screenshot:

Hello, world application

Now that the functionality of the application has been validated, you can stop the running container:

podman kill 332d060fc000

332d060fc000

Running Your Buildah Image With Docker

The container image you've built in previous sections is compatible with Docker. In this section, we'll walk you through the steps required to run the buildah-hello-world image with Docker.

  1. First, you must push the image to Docker. Enter the buildah push command specifying:
  • The name of the container
  • The destination which uses the following format <TRANSPORT>:<DETAILS>.

The following example command uses the docker-daemon transport to push the buildah-hello-world image to Docker:

buildah push buildah-hello-world docker-daemon:buildah-hello-world:latest

Plain Text
 




xxxxxxxxxx
1


 
1
Getting image source signatures 
2
Copying blob 5216338b40a7 done 
3
Copying blob 821cca548ffe done 
4
Copying config 0d9f23545e done 
5
Writing manifest to image destination 
6
Storing signatures



List the Docker images stored on your local machine:

docker images

Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY            TAG                 IMAGE ID            CREATED             SIZE 
2
buildah-hello-world   latest              0d9f23545ed6        16 minutes ago      64.5MB



Run the buildah-hello-world container image with Docker:

docker run -dt -p 3000:3000 buildah-hello-world 
b0f29ff964cd84bf204b3f30f615581c4bb67c4a880aa871ce9c89db48e68720


After a few seconds, enter the docker ps image to display the list of running containers:

Plain Text
 




xxxxxxxxxx
1


 
1
CONTAINER ID        IMAGE                 COMMAND                  CREATED             STATUS            PORTS                        NAMES 
2
b0f29ff964cd        buildah-hello-world   "/bin/sh -c 'node He…"   16 seconds ago      Up 13 seconds       0.0.0.0:3000->3000/tcp   goofy_chandrasekhar



To see the running application, point your browser to http://localhost:3000. The application should look as shown in the following screenshot:

Hello world application

Stop the running container with:

Shell
 




xxxxxxxxxx
1


 
1
docker kill b0f29ff964cd


Package a Web-application as a Container Starting from Scratch

With Buildah, you can start from an image that's basically an empty shell, except for some container metadata. Once you create such an image, you can then add more packages to it. This is useful when you want to create small containers, with a minimum number of packages installed. In this section, you'll build the HelloWorld application starting from scratch.

An empty container image doesn't have bash, yum, or any other tools installed. Thus, to install Node and Express.JS on it, you'll mount the container's file-system to a directory on the host, and then use the host's package management system to install the required packages.

If you're running Buildah as an unprivileged user, mounting the container's file-system will fail unless you enter the user namespace with the following command:

Shell
 




xxxxxxxxxx
1


 
1
buildah unshare



To start building from an empty container image, enter the buildah from command, and specify scratch as an argument:

Shell
 




xxxxxxxxxx
1


 
1
container=$(buildah from scratch)



☞ Note that the above command stores the name of your container image in the container environment variable:

Shell
 




xxxxxxxxxx
1


 
1
echo $container


Plain Text
 




xxxxxxxxxx
1


 
1
working-container-1



Issue the following buildah mount command to mount the container filesystem to a directory on the host, and store the path of the directory in the mnt environment variable:

Shell
 




xxxxxxxxxx
1


 
1
mnt=$(buildah mount $container)



Use the echo command to see the name of the directory where the container filesystem is mounted:

Shell
 




xxxxxxxxxx
1


1
echo $mnt


Plain Text
 




xxxxxxxxxx
1


 
1
/home/vagrant/.local/share/containers/storage/overlay/e1df4ce46bb88907af45e4edb7379fac8781928ac0cafe0c1a6fc799f4f7a48b/merged



You can check that the container filesystem is empty with:

Shell
 




xxxxxxxxxx
1


 
1
ls $mnt


Plain Text
 




xxxxxxxxxx
1


1
[root@localhost ~]#



Use the hosts' package manager to install software into the container. Enter the yum install command specifying the following arguments:

  • --installroot to configure the alternative install root directory (mnt). The packages will be installed relative to this directory.
  • --releasever to indicate the version you want to install the packages for. Our example uses centos-release-8.
  • The name of the packages you want to install (bash and coreutils).
  • The -y flag to automatically answer yes to all questions.
Shell
 




xxxxxxxxxx
1


 
1
yum install --releasever=centos-release-8 --installroot $mnt bash coreutils  -y


Plain Text
 




xxxxxxxxxx
1
14


 
1
shadow-utils-2:4.6-8.el8.x86_64 
2
systemd-239-18.el8_1.2.x86_64 
3
systemd-libs-239-18.el8_1.2.x86_64 
4
systemd-pam-239-18.el8_1.2.x86_64 
5
systemd-udev-239-18.el8_1.2.x86_64 
6
trousers-lib-0.3.14-4.el8.x86_64 
7
tzdata-2019c-1.el8.noarch 
8
util-linux-2.32.1-17.el8.x86_64 
9
which-2.21-10.el8.x86_64 
10
xz-5.2.4-3.el8.x86_64 
11
xz-libs-5.2.4-3.el8.x86_64 
12
zlib-1.2.11-10.el8.x86_64 
13
 
             
14
Complete!



Note that the above output was truncated for brevity.

Clean up the temporary files that yum created as follows:

Shell
 




xxxxxxxxxx
1


1
yum clean --installroot $mnt all


Plain Text
 




xxxxxxxxxx
1


1
24 files removed



Validate the functionality of your container image. Enter the following buildah run command to run bash inside of the container:

Shell
 




xxxxxxxxxx
1


 
1
buildah run $container bash


Plain Text
 




xxxxxxxxxx
1


1
bash-4.4#



You can issue a few commands to make sure everything works as expected. Once you're done, enter the exit command to terminate the bash session.

Enter the following commands to move into the directory where you mounted the container's filesystem, and then download the Node.JS installer:

Shell
 




xxxxxxxxxx
1


 
1
cd $mnt && wget https://nodejs.org/dist/v12.16.1/node-v12.16.1-linux-x64.tar.xz


Plain Text
 




xxxxxxxxxx
1
11


 
1
--2020-02-24 13:50:07--  https://nodejs.org/dist/v12.16.1/node-v12.16.1-linux-x64.tar.xz 
2
Resolving nodejs.org (nodejs.org)... 104.20.22.46, 104.20.23.46, 2606:4700:10::6814:162e, ... 
3
Connecting to nodejs.org (nodejs.org)|104.20.22.46|:443... connected. 
4
HTTP request sent, awaiting response... 200 OK 
5
Length: 14591852 (14M) [application/x-xz] 
6
Saving to: 'node-v12.16.1-linux-x64.tar.xz' 
7
 
             
8
node-v12.16.1-linux-x 100%[=======================>]  13.92M  7.25MB/s    in 1.9s 
9
 
             
10
2020-02-24 13:50:09 (7.25 MB/s) - 'node-v12.16.1-linux-x64.tar.xz' saved [14591852/14591852]
11
 
             



To extract the files from the archive file and remove the first component from the file names, run the tar xf command with --strip-commponents=1:

Shell
 




xxxxxxxxxx
1


1
tar xf node-v12.16.1-linux-x64.tar.xz --strip-components=1



Delete the archive:

Shell
 




xxxxxxxxxx
1


 
1
rm -f node-v12.16.1-linux-x64.tar.xz



To make sure everything works as expected, use the buildah run command to run node inside of the container:

Shell
 




xxxxxxxxxx
1


 
1
buildah run $container node


Plain Text
 




xxxxxxxxxx
1


 
1
Welcome to Node.js v12.16.1. 
2
Type ".help" for more information. 
3
>



Type .exit to exit the Node.JS interactive shell.

Now that everything is set up, you can install Express.JS and create the HelloWorld project. Follow the steps from 4 to 9 from the "Build an Express.JS based Image from an Existing Image" section.

Once you've finished the above steps, unmount the container filesystem:

Shell
 




xxxxxxxxxx
1


 
1
buildah unmount $container



Execute the buildah commit command to create a new image called buildah-demo-from-scratch:

Shell
 




xxxxxxxxxx
1


 
1
buildah commit $container buildah-demo-from-scratch


Plain Text
 




xxxxxxxxxx
1


 
1
Getting image source signatures 
2
Copying blob a9a2ac73e013 done 
3
Copying config ec14304d59 done 
4
Writing manifest to image destination 
5
Storing signatures 
6
ec14304d5906c7b8fb9a485ff959e4a6c337115245a827858bf6ba808f5f4e0e



To see the list of your Buildah images, run the buildah images command:

Shell
 




xxxxxxxxxx
1


 
1
buildah images


Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                            TAG      IMAGE ID       CREATED          SIZE 
2
localhost/buildah-demo-from-scratch   latest   ec14304d5906   3 minutes ago    582 MB



You can use the buildah inspect command to retrieve more details about the buildah-demo-from-scratch container image:

Shell
 




xxxxxxxxxx
1


1
buildah inspect $container


JSON
 




xxxxxxxxxx
1
154


 
1
{    
2
  "Type": "buildah 0.0.1",  
3
  "FromImage": "",    
4
  "FromImageID": "",    
5
  "FromImageDigest": "",    
6
  "Config": "",    
7
  "Manifest": "",    
8
  "Container": "working-container",    
9
  "ContainerID": "f974b8b06921a57edddb5735ee7fc0c7176051ff1b76d0523bf2879d7865afba",    
10
  "MountPoint": "",    
11
  "ProcessLabel": "system_u:system_r:container_t:s0:c435,c738",    
12
  "MountLabel": "system_u:object_r:container_file_t:s0:c435,c738",    
13
  "ImageAnnotations": null,    
14
  "ImageCreatedBy": "",    
15
  "OCIv1": {        
16
        "created": "2020-02-27T14:46:38.379626079Z",
17
        "architecture": "amd64",
18
        "os": "linux",
19
        "config": {
20
            "Entrypoint": [
21
                "/bin/sh",
22
                "-c",
23
                "node HelloWorld.js"
24
            ],
25
            "WorkingDir": "/usr/src/app/"
26
        },
27
        "rootfs": {
28
            "type": "",
29
            "diff_ids": null
30
        }
31
    },
32
    "Docker": {
33
        "created": "2020-02-27T14:46:38.379626079Z",
34
        "container_config": {
35
            "Hostname": "",
36
            "Domainname": "",
37
            "User": "",
38
            "AttachStdin": false,
39
            "AttachStdout": false,
40
            "AttachStderr": false,
41
            "Tty": false,
42
            "OpenStdin": false,
43
            "StdinOnce": false,
44
            "Env": null,
45
            "Cmd": null,
46
            "Image": "",
47
            "Volumes": null,
48
            "WorkingDir": "/usr/src/app/",
49
            "Entrypoint": [
50
                "/bin/sh",
51
                "-c",
52
                "node HelloWorld.js"
53
            ],
54
            "OnBuild": [],
55
            "Labels": null
56
        },
57
        "config": {
58
            "Hostname": "",
59
            "Domainname": "",
60
            "User": "",
61
            "AttachStdin": false,
62
            "AttachStdout": false,
63
            "AttachStderr": false,
64
            "Tty": false,
65
            "OpenStdin": false,
66
            "StdinOnce": false,
67
            "Env": null,
68
            "Cmd": null,
69
            "Image": "",
70
            "Volumes": null,
71
            "WorkingDir": "/usr/src/app/",
72
            "Entrypoint": [
73
                "/bin/sh",
74
                "-c",
75
                "node HelloWorld.js"
76
            ],
77
            "OnBuild": [],
78
            "Labels": null
79
        },
80
        "architecture": "amd64",
81
        "os": "linux"
82
    },
83
    "DefaultMountsFilePath": "",
84
    "Isolation": "IsolationOCIRootless",
85
    "NamespaceOptions": [
86
        {
87
            "Name": "cgroup",
88
            "Host": true,
89
            "Path": ""
90
        },
91
        {
92
            "Name": "ipc",
93
            "Host": false,
94
            "Path": ""
95
        },
96
        {
97
            "Name": "mount",
98
            "Host": false,
99
            "Path": ""
100
        },
101
        {
102
            "Name": "network",
103
            "Host": true,
104
            "Path": ""
105
        },
106
        {
107
            "Name": "pid",
108
            "Host": false,
109
            "Path": ""
110
        },
111
        {
112
            "Name": "user",
113
            "Host": true,
114
            "Path": ""
115
        },
116
        {
117
            "Name": "uts",
118
            "Host": false,
119
            "Path": ""
120
        }
121
    ],
122
    "ConfigureNetwork": "NetworkDefault",
123
    "CNIPluginPath": "/usr/libexec/cni:/opt/cni/bin",
124
    "CNIConfigDir": "/etc/cni/net.d",
125
    "IDMappingOptions": {
126
        "HostUIDMapping": true,
127
        "HostGIDMapping": true,
128
        "UIDMap": [],
129
        "GIDMap": []
130
    },
131
    "DefaultCapabilities": [
132
        "CAP_AUDIT_WRITE",
133
        "CAP_CHOWN",
134
        "CAP_DAC_OVERRIDE",
135
        "CAP_FOWNER",
136
        "CAP_FSETID",
137
        "CAP_KILL",
138
        "CAP_MKNOD",
139
        "CAP_NET_BIND_SERVICE",
140
        "CAP_SETFCAP",
141
        "CAP_SETGID",
142
        "CAP_SETPCAP",
143
        "CAP_SETUID",
144
        "CAP_SYS_CHROOT"
145
    ],
146
    "AddCapabilities": [],
147
    "DropCapabilities": [],
148
    "History": [
149
        {
150
            "created": "2020-02-27T14:56:04.319174231Z"
151
        }
152
    ],
153
    "Devices": []
154
 }



The steps for running the image are similar to the ones from the "Running your Buildah Image with Podman". For the sake of brevity, those steps are not repeated here.

Package a Web-application as a Container Starting from a Dockerfile

Create a directory called from-dockerfile and then move into it:

Shell
 




xxxxxxxxxx
1


 
1
mkdir from-dockerfile && cd from-dockerfile/



Use a plain-text editor to create a file called Dockerfile, and copy in the following snippet:

Dockerfile
 




xxxxxxxxxx
1


 
1
FROM node:10 
2
WORKDIR /usr/src/app 
3
RUN npm init -y 
4
RUN npm install express --save 
5
COPY HelloWorld.js . 
6
CMD [ "node", "HelloWorld.js" ]



Create a file named HelloWorld.js with the following content:

JavaScript
 




xxxxxxxxxx
1


 
1
const express = require('express')
2
const app = express() const port = 3000 
3
 
             
4
app.get('/', (req, res) => res.send('Hello World!'))
5
 
6
app.listen(port, () => console.log(`Example app listening on port ${port}!`))



Build the container image. Enter the buildah bud command specifying the -t flag with the name Buildah should apply to the built image, and the build context directory (.):

Shell
 




xxxxxxxxxx
1


1
buildah bud -t buildah-from-dockerfile .


Dockerfile
 




xxxxxxxxxx
1
44


 
1
STEP 1: FROM node:10 
2
STEP 2: WORKDIR /usr/src/app 
3
STEP 3: RUN npm init -y 
4
Wrote to /usr/src/app/package.json: 
5
{
6
  "name": "app",
7
  "version": "1.0.0",
8
  "description": "",
9
  "main": "index.js",
10
  "scripts": {
11
    "test": "echo \"Error: no test specified\" && exit 1"
12
  },
13
  "keywords": [],
14
  "author": "",
15
  "license": "ISC"
16
 }
17
 
18
STEP 4: RUN npm install express --save 
19
npm notice created a lockfile as package-lock.json. You should commit this file. 
20
npm WARN app@1.0.0 No description 
21
npm WARN app@1.0.0 No repository field. 
22
 
             
23
+ express@4.17.1 
24
added 50 packages from 37 contributors and audited 126 packages in 4.989s 
25
found 0 vulnerabilities 
26
 
             
27
STEP 5: COPY HelloWorld.js . 
28
STEP 6: CMD [ "node", "HelloWorld.js" ] 
29
STEP 7: COMMIT buildah-from-dockerfile 
30
Getting image source signatures Copying blob 7948c3e5790c skipped: already exists 
31
Copying blob 4d1ab3827f6b skipped: already exists 
32
Copying blob 69dfa7bd7a92 skipped: already exists 
33
Copying blob 01727b1a72df skipped: already exists 
34
Copying blob 1d7382716a27 skipped: already exists 
35
Copying blob 03dc1830d2d5 skipped: already exists 
36
Copying blob 1e1795dd2c10 skipped: already exists 
37
Copying blob c8a8d3d42bc1 skipped: already exists 
38
Copying blob 072dcfd76a1e skipped: already exists 
39
Copying blob fc67e152fd86 done 
40
Copying config 7619bf0e33 done 
41
Writing manifest to image destination 
42
Storing signatures 
43
7619bf0e33165f5c3dc6da00cb101f2195484bff3e59f4c6f57a41c07647d407 
44
7619bf0e33165f5c3dc6da00cb101f2195484bff3e59f4c6f57a41c07647d407



The following command lists your Buildah images:

Shell
 




xxxxxxxxxx
1


 
1
buildah images


Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                          TAG      IMAGE ID       CREATED             SIZE 
2
localhost/buildah-from-dockerfile   latest   7619bf0e3316   52 seconds ago      944 MB



Enter the podman run command to run un the buildah-from-dockerfile image:

Shell
 




xxxxxxxxxx
1


1
podman run -dt -p 3000:3000 buildah-from-dockerfile


Plain Text
 




xxxxxxxxxx
1


1
dbbae173dca0ca5b602c0b9a70055886381cb7df5ae25fbb4bd81c75a4bcb50d
2
[vagrant@localhost buildah-hello-world]$ podman ps 
3
CONTAINER ID  IMAGE                                     COMMAND               CREATED        STATUS            PORTS                   NAMES 
4
dbbae173dca0  localhost/buildah-from-dockerfile:latest  node HelloWorld.j...  4 seconds ago  Up 3 seconds ago  0.0.0.0:3000->3000/tcp  priceless_cartwright



Point your browser to http://localhost:3000, and you should see something similar to the following screenshot:

Hello world screenshot

Stop the container by entering the podman kill command followed by the identifier of the buildah-from-dockerfile container (dbbae173dca0):

Shell
 




xxxxxxxxxx
1


 
1
podman kill dbbae173dca0


Plain Text
 




xxxxxxxxxx
1


1
dbbae173dca0ca5b602c0b9a70055886381cb7df5ae25fbb4bd81c75a4bcb50d


Use Buildah to Modify a Container Image

With Buidah, you can modify a container in the following ways:

  • Mount the container and copy files to it
  • Using the buildah config command
  • Using the buildah copy command

Mount the Container and Copy Files to It

Run the following command to create a new container using the buildah-from-dockerfile image as a starting point.

The above command prints the name of your new container:

Plain Text
 




xxxxxxxxxx
1


 
1
buildah-from-dockerfile-working-container



Use the buildah list command to see the list of your working containers:

Shell
 




xxxxxxxxxx
1


 
1
buildah containers


Plain Text
 




xxxxxxxxxx
1


 
1
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME 
2
78c4225c8c37     *     7619bf0e3316 localhost/buildah-from-docker... buildah-from-dockerfile-working-container



If you're running Buildah as an unprivileged user, enter the user namespace with:

Shell
 




xxxxxxxxxx
1


 
1
buildah unshare



Mount the container filesystem to a directory on the host, and save the name of that directory in an environment variable called mount by entering the following command:

Shell
 




xxxxxxxxxx
1


 
1
mount=$(buildah mount buildah-from-dockerfile-working-container)



You can use the echo command to print the path of the folder where the container filesystem is mounted:

Shell
 




xxxxxxxxxx
1


 
1
echo $mount


Plain Text
 




xxxxxxxxxx
1


 
1
/home/vagrant/.local/share/containers/storage/overlay/83b2d731b920653a569795cf75f4902a1e148dab61f4cb41bcc37bae0f5d6655/merged



Move into the /usr/src/app folder:

Shell
 




xxxxxxxxxx
1


 
1
cd $mount/usr/src/app/



Open the HelloWorld.js file in a plain-text editor, and edit the line that prints the Hello World! message to:

JavaScript
 




xxxxxxxxxx
1


1
app.get('/', (req, res) => res.send('Hello World (modified with Buildah)!'))



Your HelloWorld.js file should look similar to the listing below:

JavaScript
 




xxxxxxxxxx
1


 
1
cat HelloWorld.js 
2
const express = require('express') 
3
const app = express() const port = 3000 
4
 
             
5
app.get('/', (req, res) => res.send('Hello World (modified with Buildah)!')) 
6
 
             
7
app.listen(port, () => console.log(`Example app listening on port ${port}!`))



Save the changes to a new container image called modified-container:

Shell
 




xxxxxxxxxx
1


 
1
buildah commit buildah-from-dockerfile-working-container modified-container


Plain Text
 




xxxxxxxxxx
1
16


 
1
Getting image source signatures 
2
Copying blob 7948c3e5790c skipped: already exists 
3
Copying blob 4d1ab3827f6b skipped: already exists 
4
Copying blob 69dfa7bd7a92 skipped: already exists 
5
Copying blob 01727b1a72df skipped: already exists 
6
Copying blob 1d7382716a27 skipped: already exists 
7
Copying blob 03dc1830d2d5 skipped: already exists 
8
Copying blob 1e1795dd2c10 skipped: already exists 
9
Copying blob c8a8d3d42bc1 skipped: already exists 
10
Copying blob 072dcfd76a1e skipped: already exists 
11
Copying blob fc67e152fd86 skipped: already exists 
12
Copying blob a546faf200ff done 
13
Copying config d3ac43ac8d done 
14
Writing manifest to image destination 
15
Storing signatures 
16
d3ac43ac8da20aef987367353e56e22a1a2330176c08e255c72670b3b08c1e14



If you run the buildah images command, you should see both images:

Shell
 




xxxxxxxxxx
1


 
1
buildah images


Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                          TAG      IMAGE ID       CREATED             SIZE 
2
localhost/modified-container        latest   d3ac43ac8da2   46 seconds ago      944 MB 
3
localhost/buildah-from-dockerfile   latest   7619bf0e3316   14 minutes ago      944 MB



Unmount the root filesystem of your container by entering the following buildah unmount command:

Shell
 




xxxxxxxxxx
1


 
1
buildah unmount buildah-from-dockerfile-working-container


Plain Text
 




xxxxxxxxxx
1


 
1
78c4225c8c377d8a018583586e2f76932204f20b4f3621fedb1ab3d41f8a3240



Run the modified-container image with Podman:

Shell
 




xxxxxxxxxx
1


 
1
podman run -dt -p 3000:3000 modified-container


Plain Text
 




xxxxxxxxxx
1


 
1
70105ac094b672c98f56290d25fa5406a7c51bf401cff586c7a356b4f19f1320



Enter the podman ps command to print the list of running containers:

Shell
 




xxxxxxxxxx
1


1
podman ps


Plain Text
 




xxxxxxxxxx
1


 
1
CONTAINER ID  IMAGE                                COMMAND               CREATED        STATUS           PORTS                   NAMES 
2
70105ac094b6  localhost/modified-container:latest  node HelloWorld.j...  4 seconds ago  Up 4 seconds ago  0.0.0.0:3000->3000/tcp  pedantic_rhodes



To see the modified application in action, point your browser to http://localhost:3000:

Hello world app modified with Buildah

Modify a Container with the buildah config Command

To see the list of your local container images, use the buildah images command:

Shell
 




xxxxxxxxxx
1


1
buildah containers


Plain Text
 




xxxxxxxxxx
1


 
1
CONTAINER ID  BUILDER  IMAGE ID     IMAGE NAME                       CONTAINER NAME 
2
305591a5116c     *     7619bf0e3316 localhost/buildah-from-docker... buildah-from-dockerfile-working-container



In this example, you'll modify the configuration value for the author field. Run the buildah config command specifying the following parameters:

  • --author with the name of the author.
  • The identifier of the container (305591a5116c)
Shell
 




xxxxxxxxxx
1


1
buildah config --author='Andrei Popescu' 305591a5116c



Enter the buildah inspect command to display detailed information about your container:

Shell
 




xxxxxxxxxx
1


 
1
buildah inspect 305591a5116c


JSON
 




xxxxxxxxxx
1
60


 
1
{
2
        "Docker": {
3
        "created": "2020-02-24T14:41:01.41295511Z",
4
        "container_config": {
5
            "Hostname": "",
6
            "Domainname": "",
7
            "User": "",
8
            "AttachStdin": false,
9
            "AttachStdout": false,
10
            "AttachStderr": false,
11
            "Tty": false,
12
            "OpenStdin": false,
13
            "StdinOnce": false,
14
            "Env": [
15
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
16
                "NODE_VERSION=10.19.0",
17
                "YARN_VERSION=1.21.1"
18
            ],
19
            "Cmd": [
20
                "node",
21
                "HelloWorld.js"
22
            ],
23
            "Image": "",
24
            "Volumes": null,
25
            "WorkingDir": "/usr/src/app",
26
            "Entrypoint": [
27
                "docker-entrypoint.sh"
28
            ],
29
            "OnBuild": [],
30
            "Labels": null
31
        },
32
        "author": "Andrei Popescu",
33
        "config": {
34
            "Hostname": "",
35
            "Domainname": "",
36
            "User": "",
37
            "AttachStdin": false,
38
            "AttachStdout": false,
39
            "AttachStderr": false,
40
            "Tty": false,
41
            "OpenStdin": false,
42
            "StdinOnce": false,
43
            "Env": [
44
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
45
                "NODE_VERSION=10.19.0",
46
                "YARN_VERSION=1.21.1"
47
            ],
48
            "Cmd": [
49
                "node",
50
                "HelloWorld.js"
51
            ],
52
            "Image": "",
53
            "Volumes": null,
54
            "WorkingDir": "/usr/src/app",
55
            "Entrypoint": [
56
                "docker-entrypoint.sh"
57
            ],
58
            "OnBuild": [],
59
            "Labels": null
60
        },



Note that that the above output was truncated for brevity.

As you can see, the author field has been updated:

JSON
 




xxxxxxxxxx
1


1
"author": "Andrei Popescu",



Modifying a Container With the buildah copy Command

List your Buildah images with:

PowerShell
 




xxxxxxxxxx
1


 
1
buildah images


Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                          TAG      IMAGE ID       CREATED          SIZE 
2
localhost/buildah-from-dockerfile   latest   4c4c1019785e   19 seconds ago   944 MB 
3
docker.io/library/node              10       aa6432763c11   5 days ago       940 MB



Create a new working container using buildah-from-dockerfile as the starting image:

Shell
 




xxxxxxxxxx
1


 
1
container=$(buildah from buildah-from-dockerfile)



The above command saves the name of your new working container into an environment variable called container. Use the echo command to see the name of your new container:

Shell
 




xxxxxxxxxx
1


 
1
echo $container


Plain Text
 




xxxxxxxxxx
1


1
buildah-from-dockerfile-working-container



Use a plain-text editor to open the HelloWorld.js. Next, modify the line of code that prints the Hello World! message to the following:

JavaScript
 




xxxxxxxxxx
1


 
1
app.get('/', (req, res) => res.send('Hello World (modified with the buildah copy command)!')) 



Your HelloWorld.js file should look similar to the following listing:

JavaScript
 




xxxxxxxxxx
1


 
1
const express = require('express') 
2
const app = express() const port = 3000 
3
 
             
4
app.get('/', (req, res) => res.send('Hello World (modified with the buildah copy command)!')) 
5
 
             
6
app.listen(port, () => console.log(`Example app listening on port ${port}!`))



Enter the following buildah copy command to copy the content of the HelloWorld.js file into the container's /usr/src/app/ directory:

Shell
 




xxxxxxxxxx
1


1
buildah copy buildah-from-dockerfile-working-container HelloWorld.js /usr/src/app/


Plain Text
 




xxxxxxxxxx
1


1
bf36dd7b6ba5d3f520835f5e850e4303bd830bd0934d1cb8a11c4c45cf3ebcb8



The buildah run is different from the podman run command. Since Buildah is a tool aimed at building images, you can't use buildah run to map ports or mount volumes. You can think of it as similar to the RUN command from a Dockerfile. Thus, to test the changes before saving them to a new image, you must run a shell inside of the container:

Shell
 




xxxxxxxxxx
1


 
1
buildah run $container -- bash



Use the cat command to list the contents of the HelloWorld.js file:

Shell
 




xxxxxxxxxx
1


1
cat HelloWorld.js


JavaScript
 




xxxxxxxxxx
1


 
1
const express = require('express') 
2
const app = express() 
3
const port = 3000 
4
 
             
5
app.get('/', (req, res) => res.send('Hello World (modified with the buildah copy command)!')) 
6
 
             
7
app.listen(port, () => console.log(`Example app listening on port ${port}!`)) 



Type exit to return to the host.

Save your changes to a new container image named modified-with-copy. Enter the buildah commit command passing it the following parameters:

  • The name of your working container ($container)
  • The name of your new container (modified-with-copy)
Shell
 




xxxxxxxxxx
1


1
buildah commit $container modified-with-copy


Shell
 




xxxxxxxxxx
1
16


 
1
Getting image source signatures 
2
Copying blob 2c995a2087c1 skipped: already exists 
3
Copying blob 00adafc8e77b skipped: already exists 
4
Copying blob d040e6423b7a skipped: already exists 
5
Copying blob 162804eaaa1e skipped: already exists 
6
Copying blob 91daf9fc6311 skipped: already exists 
7
Copying blob 236d3097407d skipped: already exists 
8
Copying blob 92086f81cd8d skipped: already exists 
9
Copying blob 90aa9e20811b skipped: already exists 
10
Copying blob cea8dd7dcda1 skipped: already exists 
11
Copying blob 490adad7924f skipped: already exists 
12
Copying blob fc29e33720c1 done 
13
Copying config c6df996bc7 done 
14
Writing manifest to image destination 
15
Storing signatures 
16
c6df996bc740c9670c87470f65124f8a8a3b74ecde3dc38038530a98209e5148



Enter the podman images command to list the images available on your system:

Shell
 




xxxxxxxxxx
1


 
1
podman images


Plain Text
 




xxxxxxxxxx
1


 
1
podman images 
2
REPOSITORY                          TAG      IMAGE ID       CREATED              SIZE 
3
localhost/modified-with-copy        latest   c6df996bc740   About a minute ago   944 MB 
4
localhost/buildah-from-dockerfile   latest   efd9caedf198   24 minutes ago       944 MB 
5
docker.io/library/node              10       aa6432763c11   5 days ago           940 MB



Run the modified image with Podman:

Shell
 




xxxxxxxxxx
1


1
podman run -dt -p 3000:3000 modified-with-copy


Plain Text
 




xxxxxxxxxx
1


 
1
f2bf06e4d6010adab6acf92db063a4c11f821fb96c2912266ac9900752f53bc4



Make sure that the modified container works as expected by pointing your browser to http://localhost:3000:

Hello world modified with Buildah

Use Buildah to Push an Image to a Public Repository

In this section, we'll show how you can push a Buildah image to Quay.io. Then, you'll use Docker to pull and run it on your system.

Login to Quay.io with the following command:

Shell
 




xxxxxxxxxx
1


 
1
buildah login quay.io



Buildah will prompt you to enter your username and password:

Plain Text
 




xxxxxxxxxx
1


1
Username: Password: Login Succeeded!



Use the buildah images command to see the list of Buildah images available on your system:

Plain Text
 




xxxxxxxxxx
1


 
1
buildah images 
2
REPOSITORY                          TAG      IMAGE ID       CREATED          SIZE 
3
localhost/modified-with-copy        latest   c6df996bc740   31 minutes ago   944 MB 
4
localhost/buildah-from-dockerfile   latest   efd9caedf198   54 minutes ago   944 MB 
5
docker.io/library/node              10       aa6432763c11   5 days ago       940 MB



To push an image to Quay.io, enter the buildah push command specifying:

  • The source.
  • The destination. This uses the following format <transport>:<destination>.

The following example command pushes the modified-with-copy to the andreipope/modified-with-copy repository:

Shell
 




xxxxxxxxxx
1


1
buildah push modified-with-copy docker://quay.io/andreipope/modified-with-copy:latest


Plain Text
 




xxxxxxxxxx
1
18


 
1
Getting image source signatures 
2
Copying blob d040e6423b7a done 
3
Copying blob 236d3097407d done 
4
Copying blob 2c995a2087c1 done 
5
Copying blob 00adafc8e77b skipped: already exists 
6
Copying blob 91daf9fc6311 done 
7
Copying blob 162804eaaa1e done 
8
Copying blob 92086f81cd8d skipped: already exists 
9
Copying blob 90aa9e20811b skipped: already exists 
10
Copying blob cea8dd7dcda1 skipped: already exists 
11
Copying blob 490adad7924f skipped: already exists 
12
Copying blob fc29e33720c1 skipped: already exists 
13
Copying config c6df996bc7 done 
14
Writing manifest to image destination 
15
Copying config c6df996bc7 done 
16
Writing manifest to image destination 
17
Writing manifest to image destination 
18
Storing signatures



Pull the image from Quay.io using the docker pull command:

Shell
 




xxxxxxxxxx
1


1
docker pull quay.io/andreipope/modified-with-copy:latest


Plain Text
 




xxxxxxxxxx
1
14


 
1
latest: Pulling from andreipope/modified-with-copy 
2
571444490ac9: Pull complete 
3
a8c44c6007c2: Pull complete 
4
78082700aa2c: Pull complete 
5
c3a1a87b600e: Pull complete 
6
307b97780b43: Pull complete 
7
e6bc907e1abd: Pull complete 
8
f7d60f9c5e35: Pull complete 
9
6d95f9b81e1b: Pull complete 
10
3fc72998ebc8: Pull complete 
11
632905c48be3: Pull complete 
12
29b4e1262307: Pull complete 
13
Digest: sha256:a57849f1f639b5f4e01af33fdf4b86238dead6ddaf8f95b4e658863dfcf22700 
14
Status: Downloaded newer image for quay.io/andreipope/modified-with-copy:latest



List your Docker images:

Shell
 




xxxxxxxxxx
1


1
docker images


Plain Text
 




xxxxxxxxxx
1


 
1
REPOSITORY                              TAG                 IMAGE ID            CREATED             SIZE 
2
quay.io/andreipope/modified-with-copy   latest              05b3081ac594        About an hour ago   914MB



Issue the following docker run command to run the modified-with-copy image:

Shell
 




xxxxxxxxxx
1


1
docker run -dt -p 3000:3000 quay.io/andreipope/modified-with-copy


Plain Text
 




xxxxxxxxxx
1


 
1
6394d8a8b60106125a062504d3764fcd0034b06947cfe303f9be0e87b82fee88



Point your browser to http://localhost:3000 and you should see something similar to the screenshot below:


In this tutorial, you learned how to:

  • Use Buildah to build an image from an existing image
  • Build an image from Scratch
  • Build an image from a Dockerfile
  • Use Buildah to modify an existing container
  • Run your Buildah images with Podman and Docker
  • Push images to a public repository

We hope this blog post has been helpful and that now you know how to build container images with Buildah.

Thanks for reading!

Topics:
buildah, ci/cd, cloud native, devops, docker, kubernetes, serverless

Published at DZone with permission of Sudip Sengupta . See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}