Difference between revisions of "Podman"
From John Freier
| (22 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | == Podman == | ||
| + | |||
| + | '''Start Podman''' | ||
| + | podman machine start | ||
| + | |||
| + | == Images == | ||
| + | |||
'''List Images''' | '''List Images''' | ||
podman images | podman images | ||
| − | |||
| − | |||
| − | |||
'''Pull an image''' | '''Pull an image''' | ||
| Line 10: | Line 14: | ||
'''Run an image''' | '''Run an image''' | ||
podman run -dt -p 8080:80/tcp docker.io/library/httpd | podman run -dt -p 8080:80/tcp docker.io/library/httpd | ||
| + | |||
| + | podman run -it --entrypoint="/bin/sh" docker.io/library/httpd | ||
| + | |||
| + | podman run -it -v /home/user/project:/app --entrypoint="/bin/bash" python:3.9.13-buster | ||
| − | + | * The -d will run the container in detach mode, so you wont see any console. | |
| − | + | * The -t command connects the container to your terminal so it will not exit after it runs. | |
| − | + | The following command with -rm will clean up the container and remove any persists data. | |
| + | podman run -rm docker.io/library/httpd | ||
| − | podman | + | To commit a container to the list of podman images. |
| + | podman commit {id} | ||
| − | '''List | + | '''Continue a container''' |
| + | This will start back up an exited container, it will continue where you left off. | ||
| + | podman start {id} | ||
| + | |||
| + | '''Get in to a running container''' | ||
| + | podman exec -it {id} /bin/sh | ||
| + | |||
| + | '''List running images''' | ||
podman ps -a | podman ps -a | ||
| − | '''Remove | + | '''Remove Image''' |
| − | podman | + | podman rmi {image_sha} |
'''Load an Image''' | '''Load an Image''' | ||
| Line 30: | Line 47: | ||
Did not work. | Did not work. | ||
podman load oci-archive:cs-oci.tar:latest | podman load oci-archive:cs-oci.tar:latest | ||
| + | |||
| + | '''Update the tag for an image''' | ||
| + | podman tag e7b8dd57dec6 cs:latest | ||
| + | |||
| + | == Containers == | ||
| + | |||
| + | '''List all containers''' | ||
| + | podman ps -a | ||
| + | |||
| + | '''Remove Container''' | ||
| + | podman rm ff22b3bfecc1 | ||
| + | |||
| + | == Pods == | ||
| + | |||
| + | '''Create a pod''' | ||
| + | podman pod create --name mypod | ||
| + | |||
| + | '''List pods''' | ||
| + | podman pod list | ||
| + | |||
| + | '''Start pod''' | ||
| + | podman pod start {podname} | ||
| + | |||
| + | '''Stop pod''' | ||
| + | podman pod stop {podname} | ||
| + | |||
| + | '''List all processes with pods''' | ||
| + | podman ps -a --pod | ||
| + | |||
| + | == Volume == | ||
| + | |||
| + | Volume in Podman can be a virtual volume that is mounted through Podman. This virtual volume can be exported or imported as well. | ||
| + | |||
| + | You can also setup to point to a local host directory but because Podman is rootless Podman will need access to the directory, by either permissions on the directory or the user that runs the container from Podman. | ||
| + | |||
| + | '''Create Virtual Volume''' | ||
| + | podman volume create myvolume | ||
| + | |||
| + | '''Export Virtual Volume''' | ||
| + | podman volume export myvolume --output myvolume.tar | ||
| + | |||
| + | == Repositories == | ||
| + | To login to a repository. | ||
| + | The below example is for harbor but could be used for others. | ||
| + | podman login --username JDOE --password {cli_secret} https://registry.harbor-url.com/ | ||
| + | |||
| + | == Build == | ||
| + | |||
| + | To build and avoid any cached layers use the following. | ||
| + | podman build --no-cache -t $container_name:$container_tag . | ||
| + | |||
| + | == Logs == | ||
| + | |||
| + | '''View Logs''' | ||
| + | podman logs ff22b3bfecc1 | ||
| + | |||
| + | '''Stop the latest container''' | ||
| + | |||
| + | podman stop ff22b3bfecc1 | ||
| + | |||
| + | == Kube == | ||
| + | |||
| + | '''Generate kubernetes yaml''' | ||
| + | podman generate kube -f infra.yaml mypod | ||
| + | |||
| + | '''Load kubernetes yaml''' | ||
| + | podman play kube infra.yaml | ||
| + | |||
| + | '''Kubernetes File''' | ||
| + | # Kubernetes setup for CS. | ||
| + | apiVersion: v1 | ||
| + | kind: ConfigMap | ||
| + | metadata: | ||
| + | name: cs-config | ||
| + | data: | ||
| + | CS_DATABASE_MONGODB_EMBEDED_ENABLED: "false" | ||
| + | SPRING_DATA_MONGODB_HOST: "localhost" | ||
| + | --- | ||
| + | apiVersion: v1 | ||
| + | kind: Pod | ||
| + | metadata: | ||
| + | name: mypod | ||
| + | labels: | ||
| + | app: mypod | ||
| + | spec: | ||
| + | containers: | ||
| + | - name: database | ||
| + | image: docker.io/library/mongo:4.4.13 | ||
| + | securityContext: | ||
| + | runAsUser: 0 | ||
| + | volumeMounts: | ||
| + | - name: mongodb-data-volume | ||
| + | mountPath: /data/db | ||
| + | - name: application | ||
| + | image: cs:latest | ||
| + | ports: | ||
| + | - containerPort: 8080 | ||
| + | hostPort: 8080 | ||
| + | envFrom: | ||
| + | - configMapRef: | ||
| + | name: cs-config | ||
| + | volumes: | ||
| + | - name: mongodb-data-volume | ||
| + | persistentVolumeClaim: | ||
| + | claimName: mongodb-data-storage | ||
| + | |||
| + | == Examples == | ||
'''Example run MongoDB''' | '''Example run MongoDB''' | ||
| Line 53: | Line 177: | ||
podman run --detach --volume ./mongo-data:/data/db --pod mypod --name some-mongo mongo:4.4.13 | podman run --detach --volume ./mongo-data:/data/db --pod mypod --name some-mongo mongo:4.4.13 | ||
| + | |||
| + | podman run --detach --pod mypod --name myapp -e SPRING_DATA_MONGODB_HOST="localhost" -e CS_DATABASE_MONGODB_EMBEDED_ENABLED="false" e7b8dd57dec6 | ||
| + | |||
| + | Not used - only for debug | ||
| + | podman run -it --pod mypod --name myapp --volume ./config:/config --entrypoint "/bin/sh" e7b8dd57dec6 | ||
Latest revision as of 14:00, 12 July 2023
Contents
Podman
Start Podman
podman machine start
Images
List Images
podman images
Pull an image
podman pull docker.io/library/httpd
Run an image
podman run -dt -p 8080:80/tcp docker.io/library/httpd podman run -it --entrypoint="/bin/sh" docker.io/library/httpd podman run -it -v /home/user/project:/app --entrypoint="/bin/bash" python:3.9.13-buster
- The -d will run the container in detach mode, so you wont see any console.
- The -t command connects the container to your terminal so it will not exit after it runs.
The following command with -rm will clean up the container and remove any persists data.
podman run -rm docker.io/library/httpd
To commit a container to the list of podman images.
podman commit {id}
Continue a container This will start back up an exited container, it will continue where you left off.
podman start {id}
Get in to a running container
podman exec -it {id} /bin/sh
List running images
podman ps -a
Remove Image
podman rmi {image_sha}
Load an Image
Worked cat cs-oci.tar | podman load Did not work. podman load oci-archive:cs-oci.tar:latest
Update the tag for an image
podman tag e7b8dd57dec6 cs:latest
Containers
List all containers
podman ps -a
Remove Container
podman rm ff22b3bfecc1
Pods
Create a pod
podman pod create --name mypod
List pods
podman pod list
Start pod
podman pod start {podname}
Stop pod
podman pod stop {podname}
List all processes with pods
podman ps -a --pod
Volume
Volume in Podman can be a virtual volume that is mounted through Podman. This virtual volume can be exported or imported as well.
You can also setup to point to a local host directory but because Podman is rootless Podman will need access to the directory, by either permissions on the directory or the user that runs the container from Podman.
Create Virtual Volume
podman volume create myvolume
Export Virtual Volume
podman volume export myvolume --output myvolume.tar
Repositories
To login to a repository. The below example is for harbor but could be used for others.
podman login --username JDOE --password {cli_secret} https://registry.harbor-url.com/
Build
To build and avoid any cached layers use the following.
podman build --no-cache -t $container_name:$container_tag .
Logs
View Logs
podman logs ff22b3bfecc1
Stop the latest container
podman stop ff22b3bfecc1
Kube
Generate kubernetes yaml
podman generate kube -f infra.yaml mypod
Load kubernetes yaml
podman play kube infra.yaml
Kubernetes File
- Kubernetes setup for CS.
apiVersion: v1
kind: ConfigMap
metadata:
name: cs-config
data:
CS_DATABASE_MONGODB_EMBEDED_ENABLED: "false"
SPRING_DATA_MONGODB_HOST: "localhost"
---
apiVersion: v1
kind: Pod
metadata:
name: mypod
labels:
app: mypod
spec:
containers:
- name: database
image: docker.io/library/mongo:4.4.13
securityContext:
runAsUser: 0
volumeMounts:
- name: mongodb-data-volume
mountPath: /data/db
- name: application
image: cs:latest
ports:
- containerPort: 8080
hostPort: 8080
envFrom:
- configMapRef:
name: cs-config
volumes:
- name: mongodb-data-volume
persistentVolumeClaim:
claimName: mongodb-data-storage
Examples
Example run MongoDB
podman run \ --detach \ --publish 27017:27017 \ --userns=keep-id \ --volume ./mongo-data:/data/db \ --name some-mongo \ mongo:4.4.13 # --detach, -d - Detached mode: run the container in the background and print the new container ID. The default is false # --publish, -p - Publish a container’s port, or range of ports, to the host. # --userns - Because podman runs rootless we need to assign a user that can access the local volumn. This sets the podman user to the same user who ran the podman command. # --volume, -v - Create a bind mount. # --name - Assign a name to the container.
Example running with pods This is a test to see how apps can talk between each other in a podman network within a pod.
Create the pod
podman pod create --userns=keep-id --publish 8080:8080 --name mypod
podman run --detach --volume ./mongo-data:/data/db --pod mypod --name some-mongo mongo:4.4.13
podman run --detach --pod mypod --name myapp -e SPRING_DATA_MONGODB_HOST="localhost" -e CS_DATABASE_MONGODB_EMBEDED_ENABLED="false" e7b8dd57dec6
Not used - only for debug podman run -it --pod mypod --name myapp --volume ./config:/config --entrypoint "/bin/sh" e7b8dd57dec6
