How to use Buildah to build your own container on Linux

Containers run in the cloud because container technology allows websites and Web applications to produce new copies as demand increases. They are the reason why hundreds of millions of people can use popular websites without causing them to collapse under the pressure of global traffic.

Containers are a kind of Linux technology, which means that they rely on the code unique to cgroups Linux kernel (especially namespace), so when you run containers, you are running Linux, using the code from quay IO and dockerhub IO and other sites, most people build new containers specific to their applications or use cases.

But this makes some people wonder: if my containers come from one developer and build on another developer's containers, where are these?

Where did the container come from?

You can build containers from scratch, and there is a great open source tool Buildah that can help you do it.

Container specification

Containers come from projects such as Linux containers (LXC) and Docker. The open container Initiative (OCI) maintains the formal specification of containers. Correctly assembled containers that meet the definition of OCI can run on any container engine that meets OCI, such as Podman, Docker, CRI-O, etc.

Install Buildah

On Fedora and CentOS, you may already have Buildah installed. If not, you can install it using package manager:

$ sudo dnf install buildah

On Debian and Debian based systems:

$ sudo apt install buildah

Configure Buildah

Because Buildah creates a container, configuring the environment for it is the same as configuring podman. Whether you use podman or not, configure your system to "rootless" podman before continuing.

Building containers from scratch

To build a new container, based on anyone's previous work, you use the special name scratch to tell Buildah that you want to create an empty container. The scratch name is not an image name. This is an exemption from using existing images as a basis for your work.

$ buildah from scratch

This new container named working container by default contains a small amount of metadata and almost nothing else. Now it runs secretly in the background. You can view it using the containers subcommand:

$ buildah containers
CONTAINER ID  BUILDER  ID  IMAGE NAME   CONTAINER NAME
dafc77921c0c     *         scratch      working-container

To run the container, you must first use the unshare subcommand (unless you run Buildah as root):

$ buildah unshare

Verify that your work container does not have any functionality (in which case the expected response fails):

$ buildah run working-container sh
ERRO[0000] container_linux.go:349: starting container process caused "exec: \"sh\": executable file not found in $PATH"

Add to your container

To add a command to your container, you must mount it first. ~ / local by default, container images are stored in your directory:

$ buildah mount working-container
~/.local/share/containers/storage/overlay/b76940e6fe4efad7a0adca3b5399ee12055ddd733bbe273120dcae36a2e6c12f/merged

Install the container to your ~ / After the local directory (or / var/lib/containers / runs as root), you can add packages using the package manager The releaser must match the distribution you are running when building the container.

[ Fedora ] $ sudo dnf install --installroot \
~ / .local / share / containers / storage / overlay / b76940e6fe4efad7a0adca3b5399ee12055ddd733bbe273120dcae36a2e6c12f / merged\
--releasever 33 \
bash coreutils\
--setopt install_weak_deps = false -y

The exact way to add a package depends on your distribution and the package manager it uses. For example, on my Slackware desktop, I use installpkg:

[Slack]$ installpkg --root ~/.local/share/containers/storage/overlay/b76940e6fe4efad7a0adca3b5399ee12055ddd733bbe273120dcae36a2e6c12f/merged \
/tmp/bash-5.0.17-x86_64-1_SMi.txz

Now you can run the container and try some simple things, such as starting a shell:

$ buildah run working-container bash
# bash --version
GNU bash, version 5.0.17(1)-release (x86_64-redhat-linux-gnu)
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>

This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Configure your container

The buildah config subcommand gives you access to common properties, such as the default command you want the container to run at startup, setting environment variables, setting the default shell, defining author, schema, host name, and so on. For example, suppose you add a package called MOTD. Com that contains a shell script named SH, and you want it to run when the container starts:

$ buildah config --author "Seth Kenlon" \
--os "Slackware" --shell /bin/bash \
--cmd /usr/bin/motd.sh working-container

Distribute your containers

After building the container, you can use the commit subcommand to save it as an image.

$ buildah commit working-container my_image

Build it with Buildah

Containers sometimes look magical, but they are not. They are built from scratch and flexible enough that once the image exists, others can use it to build new containers and container images to fill different niches. There's no need to start from scratch, but if you're curious about how images start, or if you want to try to create an image specific to your requirements, Buildah is a tool you can use.

Keywords: Linux Docker Container

Added by mgrphp on Mon, 07 Feb 2022 20:50:22 +0200