Podman
Contents
Podman
Start Podman
podman machine start
Images
List Images
podman images
Pull an image
podman pull docker.io/library/httpd
Run an image
podman run -dt -p 8080:80/tcp docker.io/library/httpd podman run -it --entrypoint="/bin/sh" docker.io/library/httpd podman run -it -v /home/user/project:/app --entrypoint="/bin/bash" python:3.9.13-buster
- The -d will run the container in detach mode, so you wont see any console.
- The -t command connects the container to your terminal so it will not exit after it runs.
The following command with -rm will clean up the container and remove any persists data.
podman run -rm docker.io/library/httpd
To commit a container to the list of podman images.
podman commit {id}
Continue a container This will start back up an exited container, it will continue where you left off.
podman start {id}
Get in to a running container
podman exec -it {id} /bin/sh
List running images
podman ps -a
Remove Image
podman rmi {image_sha}
Load an Image
Worked cat cs-oci.tar | podman load Did not work. podman load oci-archive:cs-oci.tar:latest
Update the tag for an image
podman tag e7b8dd57dec6 cs:latest
Containers
List all containers
podman ps -a
Remove Container
podman rm ff22b3bfecc1
Pods
Create a pod
podman pod create --name mypod
List pods
podman pod list
Start pod
podman pod start {podname}
Stop pod
podman pod stop {podname}
List all processes with pods
podman ps -a --pod
Volume
Volume in Podman can be a virtual volume that is mounted through Podman. This virtual volume can be exported or imported as well.
You can also setup to point to a local host directory but because Podman is rootless Podman will need access to the directory, by either permissions on the directory or the user that runs the container from Podman.
Create Virtual Volume
podman volume create myvolume
Export Virtual Volume
podman volume export myvolume --output myvolume.tar
Repositories
To login to a repository. The below example is for harbor but could be used for others.
podman login --username JDOE --password {cli_secret} https://registry.harbor-url.com/
Build
To build and avoid any cached layers use the following.
podman build --no-cache -t $container_name:$container_tag .
Logs
View Logs
podman logs ff22b3bfecc1
Stop the latest container
podman stop ff22b3bfecc1
Kube
Generate kubernetes yaml
podman generate kube -f infra.yaml mypod
Load kubernetes yaml
podman play kube infra.yaml
Kubernetes File
- Kubernetes setup for CS.
apiVersion: v1
kind: ConfigMap
metadata:
name: cs-config
data:
CS_DATABASE_MONGODB_EMBEDED_ENABLED: "false"
SPRING_DATA_MONGODB_HOST: "localhost"
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
labels:
app: mypod
spec:
containers:
- name: database
image: docker.io/library/mongo:4.4.13
securityContext:
runAsUser: 0
volumeMounts:
- name: mongodb-data-volume
mountPath: /data/db
- name: application
image: cs:latest
ports:
- containerPort: 8080
hostPort: 8080
envFrom:
- configMapRef:
name: cs-config
volumes:
- name: mongodb-data-volume
persistentVolumeClaim:
claimName: mongodb-data-storage
Examples
Example run MongoDB
podman run \ --detach \ --publish 27017:27017 \ --userns=keep-id \ --volume ./mongo-data:/data/db \ --name some-mongo \ mongo:4.4.13 # --detach, -d - Detached mode: run the container in the background and print the new container ID. The default is false # --publish, -p - Publish a container’s port, or range of ports, to the host. # --userns - Because podman runs rootless we need to assign a user that can access the local volumn. This sets the podman user to the same user who ran the podman command. # --volume, -v - Create a bind mount. # --name - Assign a name to the container.
Example running with pods This is a test to see how apps can talk between each other in a podman network within a pod.
Create the pod
podman pod create --userns=keep-id --publish 8080:8080 --name mypod
podman run --detach --volume ./mongo-data:/data/db --pod mypod --name some-mongo mongo:4.4.13
podman run --detach --pod mypod --name myapp -e SPRING_DATA_MONGODB_HOST="localhost" -e CS_DATABASE_MONGODB_EMBEDED_ENABLED="false" e7b8dd57dec6
Not used - only for debug podman run -it --pod mypod --name myapp --volume ./config:/config --entrypoint "/bin/sh" e7b8dd57dec6
