Sunday, May 10, 2020

Containers without daemons: Podman and Buildah available in RHEL 7.6 and RHEL 8

When to use Buildah and when to use Podman

Buildah and Podman are two complementary open-source projects that  reside on GitHub: Buildah (containers/buildah) and Podman (containers/libpod). Both Buildah and Podman are command line tools that work on OCI images and containers. The two projects are related, but differ in their specialization.
Buildah specializes in building OCI images. Buildah’s commands replicate all of the commands that are found in a Dockerfile. Buildah’s goal is also to provide a lower level coreutils interface to build container images, allowing people to build containers without requiring a Dockerfile. Buildah’s other goal is to allow you to use other scripting languages to build container images without requiring a daemon.
Podman specializes in all of the commands and functions that help you to maintain and modify those OCI container images, such as pulling and tagging. It also allows you to create, run, and maintain those containers. If you can do a command in the Docker CLI, you can do the same command in the Podman CLI. In fact you can just alias podman for docker on your machine and you can then build, create and maintain container images and containers without a daemon being present, just as you always have.
Although Podman uses Buildah’s build functionality under the covers to create a container image, the two projects have differences. The major difference between Podman and Buildah is their concept of a container. Podman allows users to create traditional containers and the intent of these containers is to be controlled through the entirety of a container life cycle (pause, checkpoint/restore, etc). While Buildah containers are really created just to allow content to be added to the container image. Each project has a separate internal representation of a container that is not shared. Because of this you cannot see Podman containers from within Buildah or vice versa. However the internal representation of a container image is the same between Buildah and Podman. Given this, any container image that has been created, pulled or modified by one can be seen and used by the other.
Some of the commands between the two projects overlap significantly but in some cases have slightly different behaviors. The following table illustrates the commands with some overlap between the projects.


Additional Resources

No comments:

Post a Comment