Building Images in Docker Executor without Remote Docker

Building Images in Docker Executor without Remote Docker

Due to recent advances in container tooling, there are several alternative methods for building images outside of docker build. In this article, we’ll discuss making use of podman to build an image and then push that image to DockerHub without the use of Remote Docker.

Requirements

  1. You will want to run this on a Docker Executor
  2. In our example, we’ll be running inside a container from the CircleCI convenience image cimg/base:stable. If you are making use of a different image, you may need to adjust how dependencies are installed.

Install podman

As the cimg/base:stable image is currently on Ubuntu 18.04, we’ll need to add an additional repository to install podman

echo 'deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_18.04/ /' | sudo tee -a /etc/apt/sources.list.d/podman.list
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_18.04/Release.key | sudo apt-key add -
sudo apt-get update && sudo apt-get install -y podman

Apply settings

We’ll need to specify the “vfs” storage driver as opposed to the default “overlay” driver as well has change the “events_logger” to either “file” or “none”.

cat \<< EOF | sudo tee /etc/containers/registries.conf.d/docker.conf
  unqualified-search-registries = ["docker.io"]
EOF

cat \<< EOF | sudo tee /etc/containers/containers.conf
  [engine]
  cgroup_manager = "cgroupfs"
  storage_driver = "vfs"
  events_logger = "file"
EOF

cat \<< EOF | sudo tee /etc/containers/storage.conf
  [storage]
  driver = "vfs"
EOF

Build Image

From here we can build, login, and push via podman in the same way we would via the docker cli. The difference in this case is that we do not need to make use of Remote Docker and can build our image directly in the Docker Executor container.

sudo podman build . -t example/test-podman-build:latest 
echo $DOCKER_PASSWORD | sudo podman login -u $DOCKER_USERNAME --password-stdin docker.io
sudo podman push example/test-podman-build:latest docker://example/test-podman-build:latest

Full example configuration

version: 2.1

jobs:
  build-and-push:
    docker:
      - image: cimg/base:stable
    steps:
      - checkout

      - run:
          name: Install podman
          command: |
            echo 'deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_18.04/ /' | sudo tee -a /etc/apt/sources.list.d/podman.list
            curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_18.04/Release.key | sudo apt-key add -
            sudo apt-get update && sudo apt-get install -y podman
      - run:
          name: Apply settings for podman
          command: |
            cat \<< EOF | sudo tee /etc/containers/registries.conf.d/docker.conf
              unqualified-search-registries = ["docker.io"]
            EOF

            cat \<< EOF | sudo tee /etc/containers/containers.conf
              [engine]
              cgroup_manager = "cgroupfs"
              storage_driver = "vfs"
              events_logger = "file"
            EOF

            cat \<< EOF | sudo tee /etc/containers/storage.conf
              [storage]
              driver = "vfs"
            EOF
      - run:
          name: Build image
          command: |
            sudo podman build . -t example/test-podman-build:latest
      - run:
          name: Push image to Docker Hub
          command: |
            echo $DOCKER_PASSWORD | sudo podman login -u $DOCKER_USERNAME --password-stdin docker.io
            sudo podman push example/test-podman-build:latest docker://example/test-podman-build:lastest

workflows:
  build-and-push:
    jobs:
      - build-and-push

Resources

The official site of podman podman.io

3 Likes

I would rather just use kaniko