Howto podman: Difference between revisions
Mandulete1 (talk | contribs) |
|||
(115 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
= install podman archlinux = | = install podman archlinux = | ||
install podman packages: | install podman packages: | ||
pacman -Syu podman podman-compose | pacman -Syu podman podman-compose aardvark-dns | ||
= install podman centos/almalinux/rocky = | = install podman centos/almalinux/rocky = | ||
install podman packages: | install podman packages: | ||
Line 9: | Line 10: | ||
chmod +x /usr/local/bin/podman-compose | chmod +x /usr/local/bin/podman-compose | ||
= install podman debian | = install podman debian = | ||
install podman packages: | install podman packages: | ||
apt-get -y install podman | apt-get -y install podman | ||
install podman-compose: | |||
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py | |||
chmod +x /usr/local/bin/podman-compose | |||
= install podman ubuntu = | |||
create the following directory: | |||
sudo mkdir -p /etc/apt/keyrings | |||
add kubic repo gpg key: | |||
curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_$(lsb_release -rs)/Release.key \ | |||
| gpg --dearmor \ | |||
| sudo tee /etc/apt/keyrings/devel_kubic_libcontainers_stable.gpg > /dev/null | |||
add kubic repo: | |||
echo \ | |||
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/devel_kubic_libcontainers_stable.gpg]\ | |||
https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_$(lsb_release -rs)/ /" \ | |||
| sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list > /dev/null | |||
install podman packages: | |||
sudo apt-get update | |||
sudo apt-get -y install podman | |||
install podman-compose: | install podman-compose: | ||
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py | curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py | ||
chmod +x /usr/local/bin/podman-compose | chmod +x /usr/local/bin/podman-compose | ||
= configure podman registries = | |||
add the following registries to /etc/containers/registries.conf | |||
cat >> /etc/containers/registries.conf << "EOF" | |||
[registries.search] | |||
registries = ['docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com', 'registry.centos.org'] | |||
EOF | |||
= commands = | = commands = | ||
list containers that are running or have exited: | list containers that are running or have exited: | ||
podman ps -a | podman ps -a | ||
pull a remote container image from docker.io: | pull a remote container image from docker.io: | ||
podman pull docker.io/library/almalinux:9 | podman pull docker.io/library/almalinux:9 | ||
list all local images: | list all local images: | ||
podman images | podman images | ||
remove a local container image by its image: | |||
podman rmi docker.io/library/almalinux:9 | |||
podman | |||
search local cache and remote registries for images: | search local cache and remote registries for images: | ||
podman search | podman search almalinux | ||
create (but don’t start) a container from an image: | create (but don’t start) a container from an image: | ||
podman create docker.io/library/almalinux:9 | podman create docker.io/library/almalinux:9 | ||
start an existing container from an image: | start an existing container from an image: | ||
podman start container | podman start container | ||
create a new image based on the current state of a running container: | |||
podman commit container mynewimage:tag | |||
restart an existing container: | restart an existing container: | ||
podman restart container | podman restart container | ||
Line 50: | Line 66: | ||
podman kill container | podman kill container | ||
Remove a container (use -f if the container is running) | Remove a container (use -f if the container is running) | ||
podman rm | podman rm -f container | ||
display a live stream of a | display a live stream of a container resource usage: | ||
podman stats container | podman stats container | ||
return metadata about a running container: | return metadata about a running container: | ||
Line 60: | Line 76: | ||
podman top container | podman top container | ||
display the logs of a container: | display the logs of a container: | ||
podman logs | podman logs -tail container | ||
pause all the processes in a container | pause all the processes in a container | ||
podman pause container | podman pause container | ||
Line 71: | Line 87: | ||
enter container environment: | enter container environment: | ||
podman exec -it container /bin/sh | podman exec -it container /bin/sh | ||
create container image from file: | |||
podman build -f Containerfile | |||
= private | = create container image = | ||
create podman-samba directory and the following files: | |||
mkdir ~/podman-samba | |||
cd ~/podman-samba | |||
runconfig.sh: | |||
cat > runconfig.sh << 'EOF' | |||
#!/bin/bash | |||
VRFY_USER=$(grep -c "$SMB_USER" /etc/passwd) | |||
VRFY_GROUP=$(grep -c "$SMB_GROUP" /etc/group) | |||
# add username for samba | |||
if [ $VRFY_USER -ne 0 ]; | |||
then | |||
echo "user $SMB_USER already exist" | |||
else | |||
echo "adding user $SMB_USER" | |||
useradd $SMB_USER -s /bin/nologin | |||
echo -ne "$SMB_PASS\n$SMB_PASS\n" | smbpasswd -a -s $SMB_USER | |||
fi | |||
# add group | |||
if [ $VRFY_GROUP -ne 0 ]; | |||
then | |||
echo "user $SMB_USER already exist" | |||
else | |||
groupadd $SMB_GROUP | |||
gpasswd -a $SMB_USER $SMB_GROUP | |||
fi | |||
# set directory permissions | |||
chown root.$SMB_GROUP -R /share | |||
chmod 2770 /share | |||
unset SMB_USER | |||
unset SMB_PASS | |||
unset SMB_GROUP | |||
# start samba | |||
smbd --foreground --debug-stdout | |||
EOF | |||
smb.conf: | |||
cat > smb.conf << EOF | |||
#### Global Settings #### | |||
[global] | |||
smb passwd file = /etc/samba/smbpasswd | |||
printing = cups | |||
encrypt passwords = yes | |||
wins support = true | |||
max log size = 0 | |||
unix password sync = Yes | |||
workgroup = Samba Server | |||
server string = Samba Server | |||
log file = /var/log/samba/%m.log | |||
netbios name = Samba | |||
load printers = yes | |||
[printers] | |||
comment = All Printers | |||
path = /var/spool/samba | |||
browseable = no | |||
guest ok = no | |||
writable = no | |||
printable = yes | |||
[share] | |||
path = /share | |||
create mode = 770 | |||
writeable = yes | |||
directory mode = 770 | |||
user = @samba | |||
comment = samba | |||
valid users = @samba | |||
write list = @samba | |||
force group = samba | |||
EOF | |||
Containerfile: | |||
cat > Containerfile << EOF | |||
FROM almalinux:8 | |||
MAINTAINER http://www.vidalinux.com | |||
LABEL Vendor="Vidalinux" | |||
LABEL License=GPLv2 | |||
LABEL Version=1.0 | |||
RUN yum -y update && yum clean all && yum -y install samba samba-common samba-client -y && \ | |||
rm -fr /var/cache/* | |||
# Move the Samba Conf file | |||
ADD smb.conf /tmp/ | |||
RUN mv /etc/samba/smb.conf /etc/samba/smb.conf.orig && \ | |||
mv /tmp/smb.conf /etc/samba/ | |||
RUN mkdir /share | |||
ADD runconfig.sh / | |||
RUN chmod +x /runconfig.sh | |||
EXPOSE 138/udp | |||
EXPOSE 445/udp | |||
EXPOSE 139 | |||
EXPOSE 445 | |||
env SMB_USER samba | |||
env SMB_PASS samba | |||
env SMB_GROUP samba | |||
CMD ["/runconfig.sh"] | |||
EOF | |||
podman-compose.yml: | |||
cat > podman-compose.yml << EOF | |||
version: '3' | |||
services: | |||
samba: | |||
restart: always | |||
image: vidalinux/samba:latest | |||
container_name: samba_server | |||
ports: | |||
- "139:139/udp" | |||
- "445:445/udp" | |||
- "139:139" | |||
- "445:445" | |||
environment: | |||
SMB_USER: mytestuser | |||
SMB_PASS: mypassword | |||
SMB_GROUP: samba | |||
TZ: America/Puerto_Rico | |||
volumes: | |||
- /share:/share | |||
EOF | |||
create your image with podman: | |||
podman build -t vidalinux/samba . | |||
= local private registry = | |||
create registry directory: | |||
mkdir ~/podman-registry | |||
cd ~/podman-registry | |||
compose file to create registry: | compose file to create registry: | ||
cat > podman-compose.yml << EOF | |||
version: '3' | version: '3' | ||
Line 80: | Line 239: | ||
restart: always | restart: always | ||
image: registry:2 | image: registry:2 | ||
container_name: registry | |||
ports: | ports: | ||
- "5000:5000" | - "5000:5000" | ||
Line 87: | Line 247: | ||
REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd | REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd | ||
REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data | REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data | ||
TZ: America/Puerto_Rico | |||
volumes: | volumes: | ||
- ~/ | - ~/podman-registry/auth:/auth | ||
- ~/ | - ~/podman-registry/data:/data | ||
EOF | |||
create password file: | create password file: | ||
mkdir ~/ | mkdir ~/podman-registry/auth | ||
podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > ~/ | podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > ~/podman-registry/auth/htpasswd | ||
add another user to registry: | add another user to registry: | ||
podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser2 testpassword2 >> ~/ | podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser2 testpassword2 >> ~/podman-registry/auth/htpasswd | ||
run the registry by executing: | run the registry by executing: | ||
podman-compose up -d | podman-compose up -d | ||
log in to a private registry: | log in to a private registry: | ||
podman login --tls-verify=false http://localhost:5000 -u testuser testpassword | podman login --tls-verify=false http://localhost:5000 -u testuser -p testpassword | ||
push image to local registry: | |||
podman tag localhost/vidalinux/samba:latest localhost:5000/vidalinux/samba:latest | |||
podman push localhost:5000/vidalinux/samba:latest --tls-verify=false | |||
as root user edit /etc/containers/registries.conf: | |||
[registries.insecure] | |||
registries = ['localhost'] | |||
change directory to samba container and modify podman-compose: | |||
cd ~/podman-samba | |||
edit samba container podman-compose.yaml file and change the image name: | |||
image: localhost:5000/vidalinux/samba:latest | |||
run your samba container: | |||
cd ~/podman-samba | |||
sudo podman login --tls-verify=false http://localhost:5000 -u testuser -p testpassword | |||
sudo podman-compose up -d | |||
to stop the container using podman compose: | |||
cd ~/podman-samba | |||
sudo podman-compose down | |||
you can run the container manually without podman-compose: | |||
podman run \ | |||
-d --name "samba_server" \ | |||
-v /share:/share \ | |||
-e "SMB_USER=mytestuser" \ | |||
-e "SMB_PASS=mypassword" \ | |||
-e "SMB_GROUP=samba" \ | |||
-e "TZ=America/Puerto_Rico" \ | |||
-p 138:138/udp \ | |||
-p 445:445/udp \ | |||
-p 139:139 \ | |||
-p 445:445 \ | |||
localhost:5000/vidalinux/samba:latest | |||
to test the container we mount the samba share: | |||
mkdir /mnt/samba | |||
mount -t cifs //localhost/share /mnt/samba -o username=mytestuser,password=mypassword | |||
pull image from local registry: | |||
podman pull localhost:5000/vidalinux/samba:latest --tls-verify=false | |||
logout from local registry: | logout from local registry: | ||
podman logout http://localhost:5000 | podman logout http://localhost:5000 | ||
= run container as service = | |||
generate systemd service file of your samba_server: | |||
sudo podman generate systemd --new --name samba_server > /etc/systemd/system/samba_server.service | |||
generate systemd service file of your registry: | |||
podman generate systemd --new --name registry > ~/.config/systemd/user/registry.service | |||
if you start your samba_server with podman-compose you need to stop it: | |||
cd ~/podman-samba | |||
sudo podman-compose down | |||
if you start your registry with podman-compose you need to stop it: | |||
cd ~/podman-registry | |||
podman-compose down | |||
start and enable your samba_server container using systemd: | |||
sudo systemctl enable samba_server | |||
sudo systemctl start samba_server | |||
start and enable your registry container using systemd: | |||
systemctl --user enable registry | |||
systemctl --user start registry | |||
= run pods with podman = | |||
create pod with podman: | |||
podman pod create --name wordpress_cms -p 8080:80 | |||
create the pod for mariadb: | |||
podman run -d --pod wordpress_cms \ | |||
-e MYSQL_DATABASE=wordpressdb \ | |||
-e MYSQL_ROOT_PASSWORD=root \ | |||
-e MYSQL_USER=wordpress \ | |||
-e MYSQL_PASSWORD=wordpress \ | |||
mariadb:10.7.7 | |||
add wordpress container to this pod: | |||
podman run -d --pod wordpress_cms \ | |||
-e WORDPRESS_DB_USER=wordpress \ | |||
-e WORDPRESS_DB_PASSWORD=wordpress \ | |||
-e WORDPRESS_DB_NAME=wordpressdb \ | |||
-e WORDPRESS_DB_HOST=127.0.0.1 \ | |||
wordpress:6.1.1-php8.1-apache | |||
open your browser to access wordpress: | |||
http://localhost:8080 | |||
list pods: | |||
podman pod list | |||
export podman pod to yaml: | |||
podman generate kube wordpress_cms > wordpress_cms.yaml | |||
remove pod: | |||
podman pod rm wordpress_cms | |||
create pod with yaml file: | |||
podman play kube wordpress_cms.yaml | |||
= podman for windows = | |||
if you run windows on kvm virtual machine make sure you change the following settings: | |||
<features> | |||
<acpi/> | |||
<apic/> | |||
<hyperv mode="custom"> | |||
<relaxed state="on"/> | |||
<vapic state="off"/> | |||
<spinlocks state="on" retries="8191"/> | |||
<synic state="off"/> | |||
<stimer state="off"/> | |||
<vendor_id state="on" value="123456789ab"/> | |||
</hyperv> | |||
</features> | |||
<cpu mode="custom" match="exact" check="partial"> | |||
<model fallback="allow">Skylake-Client-noTSX-IBRS</model> | |||
<topology sockets="1" dies="1" cores="4" threads="2"/> | |||
<feature policy="disable" name="hypervisor"/> | |||
<feature policy="require" name="vmx"/> | |||
</cpu> | |||
<clock offset="localtime"> | |||
<timer name="rtc" tickpolicy="catchup"/> | |||
<timer name="pit" tickpolicy="discard"/> | |||
<timer name="hpet" present="no"/> | |||
<timer name="hypervclock" present="no"/> | |||
<timer name="tsc" present="no" mode="native"/> | |||
</clock> | |||
install wsl on windows: | |||
* https://wiki.vidalinux.org/index.php/Howto_wsl_windows | |||
initiate podman on windows: | |||
podman machine init | |||
to start your machine run: | |||
podman machine start | |||
= podman for macosx = | |||
you can log into macosx via ssh do the following: | |||
on your mac, choose apple menu > system Settings, click general in the sidebar, then click sharing on the right. | |||
turn on remote login, then click the info button on the right. | |||
if needed, select the "allow full disk access for remote users" checkbox. | |||
specify which users can log in. | |||
access your mac via ssh: | |||
ssh user@10.44.1.44 | |||
on mac shell use sudo to become root: | |||
sudo su - | |||
install podman on macosx: | |||
open terminal and type the following command: | |||
xcode-select --install | |||
install homebrew: | |||
/bin/bash -c “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)” | |||
when finished update homebrew to latest: | |||
brew update | |||
if necessary perform the upgrade: | |||
brew upgrade | |||
then install podman: | |||
brew install podman | |||
prepare the podman virtual machine by typing: | |||
podman machine init | |||
then start podman: | |||
podman machine start | |||
= references = | |||
[scoop] | |||
* https://scoop.sh/#/ | |||
[install podman macosx] | |||
* https://phoenixnap.com/kb/podman-macos | |||
[install podman on windows] | |||
* https://github.com/containers/podman/blob/main/docs/tutorials/podman-for-windows.md |
Latest revision as of 23:45, 22 August 2023
install podman archlinux
install podman packages:
pacman -Syu podman podman-compose aardvark-dns
install podman centos/almalinux/rocky
install podman packages:
yum -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
install podman debian
install podman packages:
apt-get -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
install podman ubuntu
create the following directory:
sudo mkdir -p /etc/apt/keyrings
add kubic repo gpg key:
curl -fsSL https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_$(lsb_release -rs)/Release.key \ | gpg --dearmor \ | sudo tee /etc/apt/keyrings/devel_kubic_libcontainers_stable.gpg > /dev/null
add kubic repo:
echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/devel_kubic_libcontainers_stable.gpg]\ https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_$(lsb_release -rs)/ /" \ | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list > /dev/null
install podman packages:
sudo apt-get update sudo apt-get -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
configure podman registries
add the following registries to /etc/containers/registries.conf
cat >> /etc/containers/registries.conf << "EOF" [registries.search] registries = ['docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com', 'registry.centos.org'] EOF
commands
list containers that are running or have exited:
podman ps -a
pull a remote container image from docker.io:
podman pull docker.io/library/almalinux:9
list all local images:
podman images
remove a local container image by its image:
podman rmi docker.io/library/almalinux:9
search local cache and remote registries for images:
podman search almalinux
create (but don’t start) a container from an image:
podman create docker.io/library/almalinux:9
start an existing container from an image:
podman start container
create a new image based on the current state of a running container:
podman commit container mynewimage:tag
restart an existing container:
podman restart container
stop a running container gracefully
podman stop container
send a signal to a running container
podman kill container
Remove a container (use -f if the container is running)
podman rm -f container
display a live stream of a container resource usage:
podman stats container
return metadata about a running container:
podman inspect container
execute a command in a running container:
podman exec container command
display the running processes of a container:
podman top container
display the logs of a container:
podman logs -tail container
pause all the processes in a container
podman pause container
unpause all the processes in a container
podman unpause container
list the port mappings from a container to localhost
podman port container
attach to a running container:
podman attach container
enter container environment:
podman exec -it container /bin/sh
create container image from file:
podman build -f Containerfile
create container image
create podman-samba directory and the following files:
mkdir ~/podman-samba cd ~/podman-samba
runconfig.sh:
cat > runconfig.sh << 'EOF' #!/bin/bash VRFY_USER=$(grep -c "$SMB_USER" /etc/passwd) VRFY_GROUP=$(grep -c "$SMB_GROUP" /etc/group) # add username for samba if [ $VRFY_USER -ne 0 ]; then echo "user $SMB_USER already exist" else echo "adding user $SMB_USER" useradd $SMB_USER -s /bin/nologin echo -ne "$SMB_PASS\n$SMB_PASS\n" | smbpasswd -a -s $SMB_USER fi # add group if [ $VRFY_GROUP -ne 0 ]; then echo "user $SMB_USER already exist" else groupadd $SMB_GROUP gpasswd -a $SMB_USER $SMB_GROUP fi # set directory permissions chown root.$SMB_GROUP -R /share chmod 2770 /share unset SMB_USER unset SMB_PASS unset SMB_GROUP # start samba smbd --foreground --debug-stdout EOF
smb.conf:
cat > smb.conf << EOF #### Global Settings #### [global] smb passwd file = /etc/samba/smbpasswd printing = cups encrypt passwords = yes wins support = true max log size = 0 unix password sync = Yes workgroup = Samba Server server string = Samba Server log file = /var/log/samba/%m.log netbios name = Samba load printers = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [share] path = /share create mode = 770 writeable = yes directory mode = 770 user = @samba comment = samba valid users = @samba write list = @samba force group = samba EOF
Containerfile:
cat > Containerfile << EOF FROM almalinux:8 MAINTAINER http://www.vidalinux.com LABEL Vendor="Vidalinux" LABEL License=GPLv2 LABEL Version=1.0 RUN yum -y update && yum clean all && yum -y install samba samba-common samba-client -y && \ rm -fr /var/cache/* # Move the Samba Conf file ADD smb.conf /tmp/ RUN mv /etc/samba/smb.conf /etc/samba/smb.conf.orig && \ mv /tmp/smb.conf /etc/samba/ RUN mkdir /share ADD runconfig.sh / RUN chmod +x /runconfig.sh EXPOSE 138/udp EXPOSE 445/udp EXPOSE 139 EXPOSE 445 env SMB_USER samba env SMB_PASS samba env SMB_GROUP samba CMD ["/runconfig.sh"] EOF
podman-compose.yml:
cat > podman-compose.yml << EOF version: '3' services: samba: restart: always image: vidalinux/samba:latest container_name: samba_server ports: - "139:139/udp" - "445:445/udp" - "139:139" - "445:445" environment: SMB_USER: mytestuser SMB_PASS: mypassword SMB_GROUP: samba TZ: America/Puerto_Rico volumes: - /share:/share EOF
create your image with podman:
podman build -t vidalinux/samba .
local private registry
create registry directory:
mkdir ~/podman-registry cd ~/podman-registry
compose file to create registry:
cat > podman-compose.yml << EOF version: '3' services: registry: restart: always image: registry:2 container_name: registry ports: - "5000:5000" environment: REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data TZ: America/Puerto_Rico volumes: - ~/podman-registry/auth:/auth - ~/podman-registry/data:/data EOF
create password file:
mkdir ~/podman-registry/auth podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > ~/podman-registry/auth/htpasswd
add another user to registry:
podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser2 testpassword2 >> ~/podman-registry/auth/htpasswd
run the registry by executing:
podman-compose up -d
log in to a private registry:
podman login --tls-verify=false http://localhost:5000 -u testuser -p testpassword
push image to local registry:
podman tag localhost/vidalinux/samba:latest localhost:5000/vidalinux/samba:latest podman push localhost:5000/vidalinux/samba:latest --tls-verify=false
as root user edit /etc/containers/registries.conf:
[registries.insecure] registries = ['localhost']
change directory to samba container and modify podman-compose:
cd ~/podman-samba
edit samba container podman-compose.yaml file and change the image name:
image: localhost:5000/vidalinux/samba:latest
run your samba container:
cd ~/podman-samba sudo podman login --tls-verify=false http://localhost:5000 -u testuser -p testpassword sudo podman-compose up -d
to stop the container using podman compose:
cd ~/podman-samba sudo podman-compose down
you can run the container manually without podman-compose:
podman run \ -d --name "samba_server" \ -v /share:/share \ -e "SMB_USER=mytestuser" \ -e "SMB_PASS=mypassword" \ -e "SMB_GROUP=samba" \ -e "TZ=America/Puerto_Rico" \ -p 138:138/udp \ -p 445:445/udp \ -p 139:139 \ -p 445:445 \ localhost:5000/vidalinux/samba:latest
to test the container we mount the samba share:
mkdir /mnt/samba mount -t cifs //localhost/share /mnt/samba -o username=mytestuser,password=mypassword
pull image from local registry:
podman pull localhost:5000/vidalinux/samba:latest --tls-verify=false
logout from local registry:
podman logout http://localhost:5000
run container as service
generate systemd service file of your samba_server:
sudo podman generate systemd --new --name samba_server > /etc/systemd/system/samba_server.service
generate systemd service file of your registry:
podman generate systemd --new --name registry > ~/.config/systemd/user/registry.service
if you start your samba_server with podman-compose you need to stop it:
cd ~/podman-samba sudo podman-compose down
if you start your registry with podman-compose you need to stop it:
cd ~/podman-registry podman-compose down
start and enable your samba_server container using systemd:
sudo systemctl enable samba_server sudo systemctl start samba_server
start and enable your registry container using systemd:
systemctl --user enable registry systemctl --user start registry
run pods with podman
create pod with podman:
podman pod create --name wordpress_cms -p 8080:80
create the pod for mariadb:
podman run -d --pod wordpress_cms \ -e MYSQL_DATABASE=wordpressdb \ -e MYSQL_ROOT_PASSWORD=root \ -e MYSQL_USER=wordpress \ -e MYSQL_PASSWORD=wordpress \ mariadb:10.7.7
add wordpress container to this pod:
podman run -d --pod wordpress_cms \ -e WORDPRESS_DB_USER=wordpress \ -e WORDPRESS_DB_PASSWORD=wordpress \ -e WORDPRESS_DB_NAME=wordpressdb \ -e WORDPRESS_DB_HOST=127.0.0.1 \ wordpress:6.1.1-php8.1-apache
open your browser to access wordpress:
http://localhost:8080
list pods:
podman pod list
export podman pod to yaml:
podman generate kube wordpress_cms > wordpress_cms.yaml
remove pod:
podman pod rm wordpress_cms
create pod with yaml file:
podman play kube wordpress_cms.yaml
podman for windows
if you run windows on kvm virtual machine make sure you change the following settings:
<features> <acpi/> <apic/> <hyperv mode="custom"> <relaxed state="on"/> <vapic state="off"/> <spinlocks state="on" retries="8191"/> <synic state="off"/> <stimer state="off"/> <vendor_id state="on" value="123456789ab"/> </hyperv> </features> <cpu mode="custom" match="exact" check="partial"> <model fallback="allow">Skylake-Client-noTSX-IBRS</model> <topology sockets="1" dies="1" cores="4" threads="2"/> <feature policy="disable" name="hypervisor"/> <feature policy="require" name="vmx"/> </cpu> <clock offset="localtime"> <timer name="rtc" tickpolicy="catchup"/> <timer name="pit" tickpolicy="discard"/> <timer name="hpet" present="no"/> <timer name="hypervclock" present="no"/> <timer name="tsc" present="no" mode="native"/> </clock>
install wsl on windows:
initiate podman on windows:
podman machine init
to start your machine run:
podman machine start
podman for macosx
you can log into macosx via ssh do the following:
on your mac, choose apple menu > system Settings, click general in the sidebar, then click sharing on the right. turn on remote login, then click the info button on the right. if needed, select the "allow full disk access for remote users" checkbox. specify which users can log in.
access your mac via ssh:
ssh user@10.44.1.44
on mac shell use sudo to become root:
sudo su -
install podman on macosx: open terminal and type the following command:
xcode-select --install
install homebrew:
/bin/bash -c “$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)”
when finished update homebrew to latest:
brew update
if necessary perform the upgrade:
brew upgrade
then install podman:
brew install podman
prepare the podman virtual machine by typing:
podman machine init
then start podman:
podman machine start
references
[scoop]
[install podman macosx]
[install podman on windows]