Difference between revisions of "Buildah"
From John Freier
| Line 12: | Line 12: | ||
--security-opt seccomp=unconfined \ | --security-opt seccomp=unconfined \ | ||
--security-opt apparmor=unconfined \ | --security-opt apparmor=unconfined \ | ||
| + | --device /dev/fuse \ | ||
--entrypoint "/bin/bash" \ | --entrypoint "/bin/bash" \ | ||
quay.io/buildah/stable | quay.io/buildah/stable | ||
| Line 18: | Line 19: | ||
--security-opt seccomp=unconfined | --security-opt seccomp=unconfined | ||
--security-opt apparmor=unconfined | --security-opt apparmor=unconfined | ||
| + | --device /dev/fuse | ||
seccomp - Docker restricts using unshare system call inside a containers. | seccomp - Docker restricts using unshare system call inside a containers. | ||
apparmor - This flag is required. | apparmor - This flag is required. | ||
| + | |||
| + | /dev/fuse - This is needed to use the fuse-overlay program inside the container rather then using the host kernel overlay. | ||
Revision as of 08:18, 5 April 2022
This tool is used to build images.
Build an image
buildah bud -t {image}:{tag}
List all images
buildah images
To run buildah using docker
docker run -it \ --security-opt seccomp=unconfined \ --security-opt apparmor=unconfined \ --device /dev/fuse \ --entrypoint "/bin/bash" \ quay.io/buildah/stable
You need to have the following flags
--security-opt seccomp=unconfined --security-opt apparmor=unconfined --device /dev/fuse
seccomp - Docker restricts using unshare system call inside a containers.
apparmor - This flag is required.
/dev/fuse - This is needed to use the fuse-overlay program inside the container rather then using the host kernel overlay.
