Due to the Docker replacement and following the Unix/Linux philosophy (avoid having one binary/command to do everything), new tools have been created:
- buildah: A tool and library for building Open Container Initiative (OCI) container images.
- podman: A daemon-less CLI/API for running, managing, and debugging OCI containers and pods.
- scopeo: A command line utility that performs various operations on container images and image repositories.
A daemon-less tool for building and modifying OCI/Docker images that:
- Preserves existing Dockerfile workflow
- Allows fine-grained control over image layers, the content, and commits
- Lets you minimize container images by using tools from the container host rather than adding them in the image
- Shares the underlying image and storage components with Podman and CRI-O
- It is a tool and library for building Open Container Initiative (OCI) container images.
- It creates a rootfs directory on disk and allow other tools to populate the directory, then creates the container configuration JSON file.
- It allows you to push images to a container registry where it could be used by any container engine, like Docker, Podman, CRI-O, or another Buildah.
- It supports Dockerfiles.
- It allows developers to build images without root.
- Build a container from a Dockerﬁle: use a Dockerﬁle to build a new container image (buildah bud).
- Build a container from another image or scratch: build a new container, starting with an existing base image (buildah from <imagename>) or from scratch (buildah from scratch).
- Inspecting a container or image: view metadata associated with the container or image (buildah inspect).
- Mount a container: mount a container’s root ﬁlesystem to add or change content (buildah mount).
- Create a new container layer: use the updated contents of a container’s root ﬁlesystem as a ﬁlesystem layer to commit content to a new image (buildah commit).
- Unmount a container: unmount a mounted container (buildah umount).
- Delete a container or an image: remove a container (buildah rm) or a container image (buildah rmi).
A daemon-less CLI/API for running, managing, and debugging OCI containers and pods.
- Fast and lightweight
- More secure: no daemon
- Uses runC
- Provides a ‘docker-style’ syntax for working with containers
- Standard CNI networking
- Remote management API via Varlink
- Provides Systemd integration and advanced namespace isolation
- Compatible with Docker images
- More than just Docker, it can also manage pods
- Podman syntax is identical to Docker’s in most cases
- Tip: alias docker=’podman’
A comprehensive tool and library to inspect, sign, and transfer images.
- Inspect image manifests
- Sign and verify image manifests
- Push/pull images
- Currently the only tool capable of copying images between registries
- Disconnected environments
- Same code base as the/containers/image library which is used by buildah, podman, and CRI-O
- It is a command line utility that performs various operations on container images and image repositories.
- It allows to copy an image from and to various storage mechanisms. For example you can copy images from one registry to another, without requiring privilege.
- It can inspect a remote image showing its properties including its layers, without requiring you to pull the image to the host.
- It can delete an image from an image repository.
- When required by the repository, skopeo can pass the appropriate credentials and certificates for authentication.
- It can sign and verify image manifests.
Source: Crunchtools website.