# Buildah Essential Commands Guide Buildah is a command-line tool for building OCI-compatible container images. Unlike other container build tools, Buildah doesn't require a daemon to be running and allows for granular control over the container building process. ## Creating Containers = BUILD STEP ### buildah from Creates a new working container, either from scratch or using a specified image. ```bash # Create a container from an image buildah from [options] # Create a container from scratch buildah from scratch # Examples buildah from fedora:latest buildah from docker://ubuntu:22.04 buildah from --name my-container alpine:latest ``` Important options: - `--name `: Set a name for the container - `--pull`: Pull image policy (missing, always, never, newer) - `--authfile `: Path to authentication file - `--creds `: Registry credentials ## Working with Containers ### buildah run Runs a command inside of the container. ```bash # Basic syntax buildah run [options] # Examples buildah run my-container yum install -y httpd buildah run my-container -- sh -c "echo 'Hello World' > /etc/motd" buildah run --hostname myhost my-container ps -auxw ``` Important options: - `--tty`, `-t`: Allocate a pseudo-TTY - `--env`, `-e `: Set environment variables - `--volume`, `-v `: Mount a volume - `--workingdir `: Set the working directory ### buildah copy Copy files from the host into the container. ```bash # Basic syntax buildah copy [options] # Examples buildah copy my-container ./app /app buildah copy my-container config.json /etc/myapp/ ``` ### buildah add Add content from a file, URL, or directory to the container. ```bash # Basic syntax buildah add [options] # Examples buildah add my-container https://example.com/archive.tar.gz /tmp/ buildah add my-container ./local/dir /app/ ``` ## Configuring Containers ### buildah config Updates container configuration settings. ```bash # Basic syntax buildah config [options] # Examples buildah config --author="John Doe" my-container buildah config --port 8080 my-container buildah config --env PATH=$PATH my-container buildah config --label version=1.0 my-container buildah config --entrypoint "/entrypoint.sh" my-container ``` Important options: - `--author `: Set the author - `--cmd `: Set the default command - `--entrypoint `: Set the entry point - `--env`, `-e `: Set environment variables - `--label`, `-l `: Add image labels - `--port`, `-p `: Expose ports - `--user`, `-u `: Set the default user - `--workingdir `: Set the working directory - `--volume`, `-v `: Add a volume ## Building Images ### buildah commit Create an image from a working container. ```bash # Basic syntax buildah commit [options] [] # Examples buildah commit my-container new-image:latest buildah commit --format docker my-container docker.io/username/image:tag buildah commit --rm my-container localhost/myimage:v1.0 ``` Important options: - `--format`, `-f`: Output format (oci or docker) - `--rm`: Remove the container after committing - `--quiet`, `-q`: Suppress output - `--squash`: Squash all layers into a single layer ### buildah build Build an image using instructions from Containerfiles or Dockerfiles. ```bash # Basic syntax buildah build [options] # Examples buildah build . buildah build -t myimage:latest . buildah build -f Containerfile.custom . buildah build --layers --format docker -t username/myapp:1.0 . ``` Important options: - `--file`, `-f `: Path to Containerfile/Dockerfile - `--tag`, `-t `: Tag to apply to the built image - `--layers`: Cache intermediate layers during build - `--pull`: Force pull of newer base images - `--no-cache`: Do not use cache during build - `--build-arg `: Set build-time variables - `--format`: Output format (oci or docker) ## Managing Images ### buildah images List images in local storage. ```bash buildah images [options] ``` ### buildah rmi Remove one or more images. ```bash buildah rmi [options] ``` ### buildah push Push an image to a registry. ```bash # Basic syntax buildah push [options] [destination] # Examples buildah push myimage:latest docker://registry.example.com/myimage:latest buildah push --tls-verify=false localhost/myimage docker://localhost:5000/myimage ``` Important options: - `--authfile `: Path to authentication file - `--creds `: Registry credentials - `--tls-verify `: Require HTTPS and verify certificates ### buildah tag Add an additional name to a local image. ```bash # Basic syntax buildah tag # Example buildah tag localhost/myimage:latest myimage:v1.0 ``` ### buildah pull Pull an image from a registry. ```bash # Basic syntax buildah pull [options] # Examples buildah pull docker.io/library/ubuntu:latest buildah pull --tls-verify=false registry.example.com/myimage:latest ``` Important options: - `--authfile `: Path to authentication file - `--creds `: Registry credentials - `--tls-verify `: Require HTTPS and verify certificates ## Typical Workflow Example ```bash # Create a container from an existing image container=$(buildah from fedora:latest) # Run a command to install software buildah run $container dnf install -y nginx # Copy local configuration files to the container buildah copy $container ./nginx.conf /etc/nginx/nginx.conf # Configure container metadata buildah config --port 80 $container buildah config --label maintainer="example@example.com" $container buildah config --entrypoint "/usr/sbin/nginx" $container # Commit the container to create a new image buildah commit --rm $container my-nginx:latest # Or build using a Containerfile buildah build -t my-nginx:latest . # Push the image to a registry buildah push my-nginx:latest docker://docker.io/username/my-nginx:latest ```