How to build a multi architecture container using rootless nerdctl
3 min read | by Jordi Prats
One of the great things about using nerdctl is that it does not try to include everything you might need. This means that if you try to build a container using nerdctl you'll realize you still need to install the buildkit (unless you have installed the "nerdctl-full" version)
Moreover it's something you don't actually need to have installed locally:
$ nerdctl build --help | grep buildkit
Build an image from a Dockerfile. Needs buildkitd to be running.
--buildkit-host string BuildKit address [$BUILDKIT_HOST] (default "unix:///run/user/1000/buildkit/buildkitd.sock")
To install the buildkit we'll just need to go to the github releases to download the latest one. Once we have it we can install it to $HOME/.local for a rootless setup (notice I have skipped the bin directory, the tarball already includes this directory)
$ tar xzf buildkit-v0.9.3.linux-amd64.tar.gz -C $HOME/.local
Once we have the buildkit ready we just need to run the containerd-rootless-setuptool.sh install-buildkit script to properly setup the rootless buildkitd:
$ containerd-rootless-setuptool.sh install-buildkit
[INFO] Creating "/home/jprats/.config/systemd/user/buildkit.service"
[INFO] Starting systemd unit "buildkit.service"
+ systemctl --user start buildkit.service
+ sleep 3
+ systemctl --user --no-pager --full status buildkit.service
● buildkit.service - BuildKit (Rootless)
Loaded: loaded (/home/jprats/.config/systemd/user/buildkit.service; disabled; vendor preset: enabled)
Active: active (running) since Tue 2022-02-08 22:53:21 CET; 3s ago
Main PID: 226269 (buildkitd)
CGroup: /user.slice/user-1000.slice/user@1000.service/buildkit.service
└─226269 buildkitd
feb 08 22:53:21 croscat.pet2cattle.com systemd[2314]: Started BuildKit (Rootless).
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=info msg="auto snapshotter: using overlayfs"
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=info msg="found worker \"5obttyihmgwff32lu0mafhkwp\", labels=map[org.mobyproject.buildkit.worker.executor:oci org.mobyproject.buildkit.worker.hostname:croscat.pet2cattle.com org.mobyproject.buildkit.worker.snapshotter:overlayfs], platforms=[linux/amd64 linux/386]"
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=warning msg="rootless mode is not supported for containerd workers. disabling containerd worker."
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=info msg="found 1 workers, default=\"5obttyihmgwff32lu0mafhkwp\""
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=warning msg="currently, only the default worker can be used."
feb 08 22:53:21 croscat.pet2cattle.com containerd-rootless-setuptool.sh[226269]: time="2022-02-08T22:53:21+01:00" level=info msg="running server on /run/user/1000/buildkit/buildkitd.sock"
+ systemctl --user enable buildkit.service
Created symlink /home/jprats/.config/systemd/user/default.target.wants/buildkit.service → /home/jprats/.config/systemd/user/buildkit.service.
[INFO] Installed "buildkit.service" successfully.
[INFO] To control "buildkit.service", run: `systemctl --user (start|stop|restart) buildkit.service`
And that's it! To build a a multi architecture container using nerdctl we just need to specify the platforms we want to use using the --platform flag as follows:
nerdctl build --platform linux/arm/v7,linux/arm64,linux/amd64 -t multiarchdemo .
We can also build a multi architecture using docker's buildx, but we must admit nerdctl has an edge on this, it's much easier to setup.
Posted on 09/02/2022