Buildah and Skopeo – Podman’s friends with benefits 2 – Lions, Tigers, and Containers – Oh My! Podman and Friends
Note
At the time of writing, there appears to be a bug in Buildah that populates the cmd value unless we explicitly give it an empty value first. This can lead to unexpected behavior of the resulting image. According to the documentation for Buildah, setting entrypoint without defining a value for cmd should clear out any assigned value for cmd, but that was not the case in my testing of Buildah version 1.29.1. To circumvent this, I found it best to explicitly set cmd to an empty value before defining the entry point for the image.
In order to create a new image from this working container, all we need to do is run the buildah commit command. In this example, we’re going to name it ol-repo-sync-buildah so we can compare it with the image built from the aforementioned Containerfile:
buildah commit –rm oraclelinux-working-container ol-repo-sync-buildah
Now that we’ve created the image using Buildah, we can run podman inspect against both ol-repo-sync and ol-repo-sync-buildah and we’ll see that the two are more or less identical. Also, take note of the size of the two images. We can check that by using the buildah images command:
$ buildah images
The output will look something like this:
Figure 11.10 – Listing of Buildah images
This time around, we can see that the size is a bit smaller because we leveraged the DNF package manager from the host system to install packages in the container via the buildah mount command. This is obviously not a huge difference in size, but it begins to show the benefits that Buildah brings to the table with containers.
As you can see, Buildah grants us fine-tuned control of our container images and it can be a very powerful ally because it allows us to temporarily mount files and packages from the host system in the container to perform actions without ever actually installing said files and packages in the container. Ultimately, you’re able to achieve a leaner container image. Furthermore, Buildah provides the ability to script out your container image builds as it’s all done from the command line. This can prove to be very powerful when combined with things such as automation and/or CI/CD pipelines. It may take some time to get the hang of building your container images with Buildah, but the results can be rewarding if you stick with it.
