Howto podman
install podman archlinux
install podman packages:
pacman -Syu podman podman-compose
install podman centos/almalinux/rocky
install podman packages:
yum -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
install podman debian/ubuntu
install podman packages:
apt-get -y install podman
install podman-compose:
curl -o /usr/local/bin/podman-compose https://raw.githubusercontent.com/containers/podman-compose/devel/podman_compose.py chmod +x /usr/local/bin/podman-compose
commands
create container image from file:
podman build -f Dockerfile
list containers that are running or have exited:
podman ps -a
remove a local container image by its image:
podman rmi docker.io/library/almalinux:9
pull a remote container image from docker.io:
podman pull docker.io/library/almalinux:9
list all local images:
podman images
display information about how an image was built:
podman history docker.io/library/almalinux:9
log in to a remote registry:
podman login registryURL -u username -p password
pull an image from a remote registry:
podman pull docker.io/library/almalinux:9
search local cache and remote registries for images:
podman search searchstring
create a new image based on the current state of a running container:
podman commit container mynewimage:tag
create (but don’t start) a container from an image:
podman create docker.io/library/almalinux:9
start an existing container from an image:
podman start container
restart an existing container:
podman restart container
stop a running container gracefully
podman stop container
send a signal to a running container
podman kill container
Remove a container (use -f if the container is running)
podman rm [-f] container
display a live stream of a container’s resource usage:
podman stats container
return metadata about a running container:
podman inspect container
execute a command in a running container:
podman exec container command
display the running processes of a container:
podman top container
display the logs of a container:
podman logs [-tail] container
pause all the processes in a container
podman pause container
unpause all the processes in a container
podman unpause container
list the port mappings from a container to localhost
podman port container
attach to a running container:
podman attach container
enter container environment:
podman exec -it container /bin/sh
create container image
create a new directory and create the following files:
mkdir podman-samba cd podman-samba
runconfig.sh:
cat > runconfig.sh << 'EOF' #!/bin/bash VRFY_USER=$(grep -c "$SMB_USER" /etc/passwd) VRFY_GROUP=$(grep -c "$SMB_GROUP" /etc/group) # add username for samba if [ $VRFY_USER -ne 0 ]; then echo "user $SMB_USER already exist" else echo "adding user $SMB_USER" useradd $SMB_USER -s /bin/nologin echo -ne "$SMB_PASS\n$SMB_PASS\n" | smbpasswd -a -s $SMB_USER fi # add group if [ $VRFY_GROUP -ne 0 ]; then echo "user $SMB_USER already exist" else groupadd $SMB_GROUP gpasswd -a $SMB_USER $SMB_GROUP fi # set directory permissions chown root.$SMB_GROUP -R /share chmod 2770 /share unset SMB_USER unset SMB_PASS unset SMB_GROUP # start samba smbd --foreground --debug-stdout EOF
smb.conf:
cat > smb.conf << EOF #### Global Settings #### [global] smb passwd file = /etc/samba/smbpasswd printing = cups encrypt passwords = yes wins support = true max log size = 0 unix password sync = Yes workgroup = Samba Server server string = Samba Server log file = /var/log/samba/%m.log netbios name = Samba load printers = yes [printers] comment = All Printers path = /var/spool/samba browseable = no guest ok = no writable = no printable = yes [share] path = /share create mode = 770 writeable = yes directory mode = 770 user = @samba comment = samba valid users = @samba write list = @samba force group = samba EOF
Containerfile:
cat > Containerfile << EOF FROM almalinux:8 MAINTAINER http://www.vidalinux.com LABEL Vendor="Vidalinux" LABEL License=GPLv2 LABEL Version=1.0 RUN yum -y update && yum clean all && yum -y install samba samba-common samba-client -y && \ rm -fr /var/cache/* # Move the Samba Conf file ADD smb.conf /tmp/ RUN mv /etc/samba/smb.conf /etc/samba/smb.conf.orig && \ mv /tmp/smb.conf /etc/samba/ RUN mkdir /share ADD runconfig.sh / RUN chmod +x /runconfig.sh EXPOSE 138/udp EXPOSE 445/udp EXPOSE 139 EXPOSE 445 env SMB_USER samba env SMB_PASS samba env SMB_GROUP samba CMD ["/runconfig.sh"] EOF
docker-compose.yml:
cat > docker-compose.yml << EOF version: '3' services: samba: restart: always image: vidalinux/samba:latest container_name: samba_server ports: - "139:139/udp" - "445:445/udp" - "139:139" - "445:445" environment: SMB_USER: mytestuser SMB_PASS: mypassword SMB_GROUP: samba volumes: - /share:/share EOF
create your image with podman:
podman build -t vidalinux/samba .
run your container:
podman-compose up -d
private local registry
compose file to create registry:
version: '3' services: registry: restart: always image: registry:2 container_name: registry ports: - "5000:5000" environment: REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY: /data volumes: - ~/docker-registry/auth:/auth - ~/docker-registry/data:/data
create password file:
mkdir ~/docker-registry/auth -p podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser testpassword > ~/docker-registry/auth/htpasswd
add another user to registry:
podman run --rm --entrypoint htpasswd httpd:2 -Bbn testuser2 testpassword2 >> ~/docker-registry/auth/htpasswd
run the registry by executing:
podman-compose up -d
log in to a private registry:
podman login --tls-verify=false http://localhost:5000 -u testuser testpassword
logout from local registry:
podman logout http://localhost:5000
run container as service
generate systemd service file of your container:
podman generate systemd --new --name samba_server > /etc/systemd/system/samba_server.service
if you start your container with podman-compose you need to stop it:
cd podman-samba podman-compose down
start and enable your samba_server container using systemd:
systemctl enable samba_server systemctl start samba_server