Creating a RHEL 10 VM on macOS with bootc-image-builder

Thu, 09 Apr 2026 00:00:00 +0000

Yes, we have Apple machines in our lab because why not. So we needed a RHEL 10 VM to set up Ansible Automation Platform, which seems to support AARCH64 and Red Hat Enterprise Linux 10.

We need UTM installed on our Mac machine, either manually, via Homebrew or using a Nix flake (in order of increasing coolness).

Podman is also required, same rules as above apply:

We followed the RHEL documentation for creating a bootable qcow image from a bootc container image.

According to the upstream image builder docs, we need to make sure that our podman machine runs rootful. Otherwise image builder will not work. So let’s do this:

$ podman machine stop
$ podman machine set --rootful
$ podman machine start
$ podman machine info

Next we need to pull the bootc-image-builder image:

$ podman login registry.redhat.io (1)
$ podman pull registry.redhat.io/rhel10/bootc-image-builder

1	This requires a valid Red Hat account. Registration is free of charge.

Then we can pull the RHEL 10 bootc container, as bootc-image-builder is not able to pull container images:

podman pull registry.redhat.io/rhel10/rhel-bootc:latest

Image builder provides the option to configure the resulting image via kickstart. A builder for kickstart files is available here:

https://access.redhat.com/labs/kickstartconfig/

For a complete list of options see the kickstart documentation.

One important note from the documentation (quoted):

The following combined customizations are not supported: [customizations.user] and [customizations.installer.kickstart]. When you add a Kickstart, use a configuration file in the TOML format, because multi-line strings are prone to error.

For running the image builder we created a toml config file to configure the final qcow image:

[[customizations.user]]
name = "pinhead"
password = "thepassword"
key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIYhjnWzsArZVyyTa1E6sDbH06rUGDAhAF3bf3pmeBtm toni@stderr.at"
groups = ["wheel"]
[[customizations.filesystem]]
mountpoint = "/"
minsize = "50 GiB"

Now we are ready to trigger bootc-image-builder:

podman run \
--rm \
--privileged \
--pull=newer \
--security-opt label=type:unconfined_t \
-v /var/lib/containers/storage:/var/lib/containers/storage \ (1)
-v ./config.toml:/config.toml:ro \
-v ./output:/output \
registry.redhat.io/rhel10/bootc-image-builder:latest \
--type qcow2 \
--config /config.toml \
registry.redhat.io/rhel10/rhel-bootc:latest

1	We had to map this directory into the container, maybe this is required because we run podman in a VM on macOS (podman machine).

You can find the resulting qcow image in the output directory under output/qcow2/disk.qcow2. This image can be used to create a RHEL 10 VM in UTM on macOS.

It is also possible to customize the container image which is used as an input for bootc-image-builder. But this requires a valid RHEL subscription inside the container. The easiest way to achieve this is by running bootc-image-builder on an already registered RHEL machine.

A Makefile to streamline image creation can be found here.

Containers on TechBlog about OpenShift/Ansible/Satellite and much more

Creating a RHEL 10 VM on macOS with bootc-image-builder