Buildah is a container image builder tool, that produces OCI-compliant images. It is distributed as a single binary and is written in Go. Buildah is available as a package in most of modern Linux distributions, just follow official installation instructions.
Buildah can only be used to manipulate images. It's job is to build container images and push them to registries. There is no daemon involved. Neither does Buildah require root privileges to build images. This makes Buildah especially handy as part of a CI/CD pipeline -- you can easily run Buildah inside a container without granting this container any root rights.
To run Buildah on Red Hat Enterprise Linux or CentOS, version 7.4 or higher is required. On other Linux distributions Buildah requires a kernel version that supports the OverlayFS and/or fuse-overlayfs filesystem -- you'll need to consult your distribution's documentation to determine a minimum version number.
Buildah uses runc to run commands when buildah run is used, or when buildah build
encounters a RUN instruction, so you'll also need to build and install a compatible version of
runc for Buildah to call for those cases. If Buildah is installed
via a package manager such as yum, dnf or apt-get, runc will be installed as part of that process.
When Buildah uses runc to run commands, it defaults to running those commands
in the host's network namespace. If the command is being run in a separate
user namespace, though, for example when ID mapping is used, then the command
will also be run in a separate network namespace.
A newly-created network namespace starts with no network interfaces, so commands which are run in that namespace are effectively disconnected from the network unless additional setup is done. Buildah relies on the CNI library and plugins to set up interfaces and routing for network namespaces.
Notes: If Buildah is installed via a package manager such as yum, dnf or apt-get, a
package containing CNI plugins may be available (in Fedora, the package is
named containernetworking-cni). If not, they will need to be installed,
for example using:
git clone https://github.com/containernetworking/plugins
( cd ./plugins; ./build_linux.sh )
sudo mkdir -p /opt/cni/bin
sudo install -v ./plugins/bin/* /opt/cni/bin
The CNI library needs to be configured so that it will know which plugins to
call to set up namespaces. Usually, this configuration takes the form of one
or more configuration files in the /etc/cni/net.d directory. A set of example
configuration files is included in the
docs/cni-examples
directory of this source tree.
# ubuntu
sudo apt-get update -y && \
apt-get install -y buildah runc
# archlinux
sudo pacman -Syu buildah runcsudo buildah bud -t <IMAGE_TAG> -f <DOCKERFILE PATH> .sudo buildah tag <ORIGINAL IMAGE> <NEW IMAGE>buildah login -u <USERNAME> <REMOTE REGISTRY>sudo buildah push <IMAGE_NAME>:<IMAGE_TAG> docker://<REMOTE REGISTRY>/<USERNAME>/<IMAGE NAME>:<IMAGE TAG>optional: pass credentials without login
sudo buildah push --creds=<USERNAME>:<PASSWORD> <IMAGE_NAME>:<IMAGE_TAG> docker://<REMOTE REGISTRY>/<USERNAME>/<IMAGE NAME>:<IMAGE TAG>