Howto podman: Difference between revisions
Mandulete1 (talk | contribs) |
Mandulete1 (talk | contribs) |
||
Line 301: | Line 301: | ||
= podman for windows = | = podman for windows = | ||
if you run windows on kvm virtual machine make sure you change your procesor settings: | if you run windows on kvm virtual machine make sure you change your procesor settings: | ||
<features> | |||
<acpi/> | |||
<apic/> | |||
<hyperv mode="custom"> | |||
<relaxed state="on"/> | |||
<vapic state="off"/> | |||
<spinlocks state="on" retries="8191"/> | |||
<synic state="off"/> | |||
<stimer state="off"/> | |||
<vendor_id state="on" value="123456789ab"/> | |||
</hyperv> | |||
</features> | |||
<cpu mode="custom" match="exact" check="partial"> | <cpu mode="custom" match="exact" check="partial"> | ||
<model fallback="allow">Skylake-Client-noTSX-IBRS</model> | <model fallback="allow">Skylake-Client-noTSX-IBRS</model> | ||
<topology sockets="1" dies="1" cores="4" threads="2"/> | |||
<feature policy="disable" name="hypervisor"/> | <feature policy="disable" name="hypervisor"/> | ||
<feature policy="require" name="vmx"/> | <feature policy="require" name="vmx"/> | ||
</cpu> | </cpu> | ||
<clock offset="localtime"> | |||
<timer name="rtc" tickpolicy="catchup"/> | |||
< | <timer name="pit" tickpolicy="discard"/> | ||
< | <timer name="hpet" present="no"/> | ||
</ | <timer name="hypervclock" present="no"/> | ||
<timer name="tsc" present="no" mode="native"/> | |||
</clock> | |||
install wsl on windows: | install wsl on windows: | ||
* https://learn.microsoft.com/en-us/windows/wsl/install-manual | * https://learn.microsoft.com/en-us/windows/wsl/install-manual |
Revision as of 13:40, 2 February 2023
install podman archlinux
install podman packages:
pacman -Syu podman podman-compose
install podman centos/almalinux/rocky
install podman packages:
yum -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
install podman debian/ubuntu
install podman packages:
apt-get -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
configure podman registries
add the following registries to /etc/containers/registries.conf
cat >> /etc/containers/registries.conf << "EOF" [registries.search] registries = ['docker.io', 'registry.fedoraproject.org', 'quay.io', 'registry.access.redhat.com', 'registry.centos.org'] EOF
commands
list containers that are running or have exited:
podman ps -a
pull a remote container image from docker.io:
podman pull docker.io/library/almalinux:9
list all local images:
podman images
display information about how an image was built:
podman history docker.io/library/almalinux:9
remove a local container image by its image:
podman rmi docker.io/library/almalinux:9
search local cache and remote registries for images:
podman search almalinux
create a new image based on the current state of a running container:
podman commit container mynewimage:tag
create (but don’t start) a container from an image:
podman create docker.io/library/almalinux:9
start an existing container from an image:
podman start container
restart an existing container:
podman restart container
stop a running container gracefully
podman stop container
send a signal to a running container
podman kill container
Remove a container (use -f if the container is running)
podman rm -f container
display a live stream of a container resource usage:
podman stats container
return metadata about a running container:
podman inspect container
execute a command in a running container:
podman exec container command
display the running processes of a container:
podman top container
display the logs of a container:
podman logs -tail container
pause all the processes in a container
podman pause container
unpause all the processes in a container
podman unpause container
list the port mappings from a container to localhost
podman port container
attach to a running container:
podman attach container
enter container environment:
podman exec -it container /bin/sh
create container image from file:
podman build -f Dockerfile
create container image
create podman-samba directory and the following files:
mkdir ~/podman-samba cd ~/podman-samba
runconfig.sh:
cat > runconfig.sh << 'EOF' #!/bin/bash VRFY_USER=$(grep -c "$SMB_USER" /etc/passwd) VRFY_GROUP=$(grep -c "$SMB_GROUP" /etc/group) # add username for samba if [ $VRFY_USER -ne 0 ]; then echo "user $SMB_USER already exist" else echo "adding user $SMB_USER" useradd $SMB_USER -s /bin/nologin echo -ne "$SMB_PASS\n$SMB_PASS\n" | smbpasswd -a -s $SMB_USER fi # add group if [ $VRFY_GROUP -ne 0 ]; then echo "user $SMB_USER already exist" else groupadd $SMB_GROUP gpasswd -a $SMB_USER $SMB_GROUP fi # set directory permissions chown root.$SMB_GROUP -R /share chmod 2770 /share unset SMB_USER unset SMB_PASS unset SMB_GROUP # start samba smbd --foreground --debug-stdout EOF
smb.conf:
cat > smb.conf << EOF #### Global Settings #### [global] smb passwd file = /etc/samba/smbpasswd printing = cups encrypt passwords = yes wins support = true max log size = 0 unix password sync = Yes workgroup = Samba Server server string = Samba Server log file = /var/log/samba/%m.log netbios name = Samba load printers = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [share] path = /share create mode = 770 writeable = yes directory mode = 770 user = @samba comment = samba valid users = @samba write list = @samba force group = samba EOF
Containerfile:
cat > Containerfile << EOF FROM almalinux:8 MAINTAINER http://www.vidalinux.com LABEL Vendor="Vidalinux" LABEL License=GPLv2 LABEL Version=1.0 RUN yum -y update && yum clean all && yum -y install samba samba-common samba-client -y && \ rm -fr /var/cache/* # Move the Samba Conf file ADD smb.conf /tmp/ RUN mv /etc/samba/smb.conf /etc/samba/smb.conf.orig && \ mv /tmp/smb.conf /etc/samba/ RUN mkdir /share ADD runconfig.sh / RUN chmod +x /runconfig.sh EXPOSE 138/udp EXPOSE 445/udp EXPOSE 139 EXPOSE 445 env SMB_USER samba env SMB_PASS samba env SMB_GROUP samba CMD ["/runconfig.sh"] EOF
docker-compose.yml:
cat > podman-compose.yml << EOF version: '3' services: samba: restart: always image: vidalinux/samba:latest container_name: samba_server ports: - "139:139/udp" - "445:445/udp" - "139:139" - "445:445" environment: SMB_USER: mytestuser SMB_PASS: mypassword SMB_GROUP: samba TZ: America/Puerto_Rico volumes: - /share:/share EOF
create your image with podman:
podman build -t vidalinux/samba .
run your container:
podman-compose up -d
local private registry
create registry directory and the following files:
mkdir ~/podman-registry cd ~/podman-registry
compose file to create registry:
cat > podman-compose.yml << EOF version: '3' services: registry: restart: always image: registry:2 container_name: registry ports: - "5000:5000" environment: REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data TZ: America/Puerto_Rico volumes: - ~/podman-registry/auth:/auth - ~/podman-registry/data:/data EOF
create password file:
mkdir ~/podman-registry/auth podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > ~/podman-registry/auth/htpasswd
add another user to registry:
podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser2 testpassword2 >> ~/podman-registry/auth/htpasswd
run the registry by executing:
podman-compose up -d
log in to a private registry:
podman login --tls-verify=false http://localhost:5000 -u testuser -p testpassword
push image to local registry:
podman tag localhost/vidalinux/samba:latest localhost:5000/vidalinux/samba:latest podman push localhost:5000/vidalinux/samba:latest --tls-verify=false
pull image from local registry:
podman pull localhost:5000/vidalinux/samba:latest --tls-verify=false
logout from local registry:
podman logout http://localhost:5000
run container as service
generate systemd service file of your samba_server:
podman generate systemd --new --name samba_server > /etc/systemd/system/samba_server.service
generate systemd service file of your registry:
podman generate systemd --new --name registry > /etc/systemd/system/registry.service
if you start your samba_server with podman-compose you need to stop it:
cd ~/podman-samba podman-compose down
if you start your registry with podman-compose you need to stop it:
cd ~/podman-registry podman-compose down
start and enable your samba_server container using systemd:
systemctl enable samba_server systemctl start samba_server
start and enable your registry container using systemd:
systemctl enable registry systemctl start registry
run pods with podman
create pod with podman:
podman pod create --name wordpress_cms -p 8080:80
create the pod for mariadb:
podman run -d --pod wordpress_cms \ -e MYSQL_DATABASE=wordpressdb \ -e MYSQL_ROOT_PASSWORD=root \ -e MYSQL_USER=wordpress \ -e MYSQL_PASSWORD=wordpress \ mariadb:10.7.7
add wordpress container to this pod:
podman run -d --pod wordpress_cms \ -e WORDPRESS_DB_USER=wordpress \ -e WORDPRESS_DB_PASSWORD=wordpress \ -e WORDPRESS_DB_NAME=wordpressdb \ -e WORDPRESS_DB_HOST=127.0.0.1 \ wordpress:6.1.1-php8.1-apache
list pods:
podman pod list
export podman pod to yaml:
podman generate kube wordpress_cms > wordpress_cms.yaml
remove pod:
podman pod rm wordpress_cms
create pod with yaml file:
podman play kube wordpress_cms.yaml
open your browser to access wordpress:
http://localhost:8080
podman for windows
if you run windows on kvm virtual machine make sure you change your procesor settings:
<features> <acpi/> <apic/> <hyperv mode="custom"> <relaxed state="on"/> <vapic state="off"/> <spinlocks state="on" retries="8191"/> <synic state="off"/> <stimer state="off"/> <vendor_id state="on" value="123456789ab"/> </hyperv> </features> <cpu mode="custom" match="exact" check="partial"> <model fallback="allow">Skylake-Client-noTSX-IBRS</model> <topology sockets="1" dies="1" cores="4" threads="2"/> <feature policy="disable" name="hypervisor"/> <feature policy="require" name="vmx"/> </cpu> <clock offset="localtime"> <timer name="rtc" tickpolicy="catchup"/> <timer name="pit" tickpolicy="discard"/> <timer name="hpet" present="no"/> <timer name="hypervclock" present="no"/> <timer name="tsc" present="no" mode="native"/> </clock>
install wsl on windows:
install podman on windows:
initiate podman on windows:
podman machine init
to start your machine run:
podman machine start
podman for macosx
install podman on macosx:
references
[scoop]