Este contenido no está disponible en el idioma seleccionado.
Chapter 6. Custom image builds with Buildah
With OpenShift Container Platform 4.14, a docker socket will not be present on the host nodes. This means the mount docker socket option of a custom build is not guaranteed to provide an accessible docker socket for use within a custom build image.
If you require this capability in order to build and push images, add the Buildah tool your custom build image and use it to build and push the image within your custom build logic. The following is an example of how to run custom builds with Buildah.
Using the custom build strategy requires permissions that normal users do not have by default because it allows the user to execute arbitrary code inside a privileged container running on the cluster. This level of access can be used to compromise the cluster and therefore should be granted only to users who are trusted with administrative privileges on the cluster.
6.1. Prerequisites
- Review how to grant custom build permissions.
6.2. Creating custom build artifacts
You must create the image you want to use as your custom build image.
Procedure
- Starting with an empty directory, create a file named - Dockerfilewith the following content:- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- In the same directory, create a file named - dockerfile.sample. This file is included in the custom build image and defines the image that is produced by the custom build:- FROM registry.access.redhat.com/ubi9/ubi RUN touch /tmp/build - FROM registry.access.redhat.com/ubi9/ubi RUN touch /tmp/build- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- In the same directory, create a file named - build.sh. This file contains the logic that is run when the custom build runs:- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
6.3. Build custom builder image
You can use OpenShift Container Platform to build and push custom builder images to use in a custom strategy.
Prerequisites
- Define all the inputs that will go into creating your new custom builder image.
Procedure
- Define a - BuildConfigobject that will build your custom builder image:- oc new-build --binary --strategy=docker --name custom-builder-image - $ oc new-build --binary --strategy=docker --name custom-builder-image- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- From the directory in which you created your custom build image, run the build: - oc start-build custom-builder-image --from-dir . -F - $ oc start-build custom-builder-image --from-dir . -F- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - After the build completes, your new custom builder image is available in your project in an image stream tag that is named - custom-builder-image:latest.
6.4. Use custom builder image
				You can define a BuildConfig object that uses the custom strategy in conjunction with your custom builder image to execute your custom build logic.
			
Prerequisites
- Define all the required inputs for new custom builder image.
- Build your custom builder image.
Procedure
- Create a file named - buildconfig.yaml. This file defines the- BuildConfigobject that is created in your project and executed:- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - 1
- Specify your project name.
 
- Create the - BuildConfig:- oc create -f buildconfig.yaml - $ oc create -f buildconfig.yaml- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Create a file named - imagestream.yaml. This file defines the image stream to which the build will push the image:- kind: ImageStream apiVersion: image.openshift.io/v1 metadata: name: sample-custom spec: {}- kind: ImageStream apiVersion: image.openshift.io/v1 metadata: name: sample-custom spec: {}- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Create the imagestream: - oc create -f imagestream.yaml - $ oc create -f imagestream.yaml- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow 
- Run your custom build: - oc start-build sample-custom-build -F - $ oc start-build sample-custom-build -F- Copy to Clipboard Copied! - Toggle word wrap Toggle overflow - When the build runs, it launches a pod running the custom builder image that was built earlier. The pod runs the - build.shlogic that is defined as the entrypoint for the custom builder image. The- build.shlogic invokes Buildah to build the- dockerfile.samplethat was embedded in the custom builder image, and then uses Buildah to push the new image to the- sample-custom image stream.