Docker: Difference between revisions
No edit summary |
|||
(60 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Step 1: Install | =install podman on fedora 21= | ||
Step 1: Install podman on Fedora 21 | |||
*As a matter of best practice, we’ll update our packages: | *As a matter of best practice, we’ll update our packages: | ||
yum update -y | yum update -y | ||
*Let’s install | *Let’s install podman by installing the docker-io package: | ||
yum -y install docker-io | yum -y install docker-io | ||
*Once the installation completes, we’ll need to start the | *Once the installation completes, we’ll need to start the podman daemon: | ||
systemctl start docker | systemctl start docker | ||
*And finally, and optionally, let’s configure | *And finally, and optionally, let’s configure podman to start when the server boots: | ||
systemctl enable docker | systemctl enable docker | ||
*Step 2: Download a | *Step 2: Download a podman Container | ||
podman pull marina/fedora21-i386 | |||
Step 3: Run a podman Container | |||
basic fedora container with a bash shell, we just run one command. | basic fedora container with a bash shell, we just run one command. podman run will run a command in a new container, -i attaches stdin and stdout, -t allocates a tty, and we’re using the standard fedora | ||
podman run -i -t marina/fedora21-i386 /bin/bash | |||
connect, or detach, from the shell without exiting use the escape sequence Ctrl-p + Ctrl-q. | connect, or detach, from the shell without exiting use the escape sequence Ctrl-p + Ctrl-q. | ||
sudo podman run -i -t -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --rm marina/fedora21-i386 /bin/bash | |||
==Update image== | ==Update image== | ||
sed -i 's/\$releasever/21/g;s/\$basearch/i386/g' /etc/yum.repos.d/* | sed -i 's/\$releasever/21/g;s/\$basearch/i386/g' /etc/yum.repos.d/* | ||
yum clean all | yum clean all | ||
yum -y update | yum -y update | ||
*Search for images. | yum -y install firefox | ||
docker search fedora | yum -y install https://www.halfface.se/jdk-8u40-linux-i586.rpm | ||
alternatives --install /usr/bin/java java /usr/java/latest/jre/bin/java 200000 | |||
alternatives --install /usr/bin/javaws javaws /usr/java/latest/jre/bin/javaws 200000 | |||
alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/latest/jre/lib/i386/libnpjp2.so 200000 | |||
alternatives --install /usr/lib64/mozilla/plugins/libjavaplugin.so libjavaplugin.so.x86_64 /usr/java/latest/jre/lib/amd64/libnpjp2.so 200000 | |||
ln -sf /usr/java/latest/jre/lib/i386/libnpjp2.so /etc/alternatives/libjavaplugin.so | |||
yum -y install 'xorg-x11-fonts*' | |||
*Search for images. | |||
podman search fedora | |||
==attach container== | |||
List containers. | |||
sudo podman ps | |||
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | |||
315ea401e287 marina/fedora21-i386:0.1.0 "/bin/bash" About an hour ago Up About an hour elated_nobel | |||
==list all containers== | |||
podman ps -a | |||
podman ps -a --no-trunc | |||
==Connect container== | |||
Reconnect process. When you do CTRL + c it will die. | |||
sudo podman attach 315ea401e287 | |||
==list images== | |||
sudo podman images | |||
==delete image== | |||
podman rmi 315ea401e287 | |||
==delete container== | |||
podman container rm cc3f2ff51cab cd20b396a061 | |||
=Connect to image= | |||
podman exec -it elated_nobel /bin/bash | |||
=logs= | |||
Look at log output from container. | |||
podman logs some-guacamole | |||
podman logs --follow 123141234 | |||
=stop= | |||
Stop podman image. | |||
podman stop 7bcf035e1a4e | |||
=start= | |||
Start podman image | |||
podman start 7bcf035e1a4e | |||
=list ip address of container= | |||
podman inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' c7eec987a17b | |||
If you want to see all settings | |||
podman inspect e2f7a7e275d5 | |||
=look at mounts= | |||
podman inspect -f ‘{{ .Mounts }}’ 79b9ab19ace0 | |||
Guess which container uses which ip. | |||
podman ps 2>&1 | grep -v '^CONTAINER ID' | while read ID THE_REST ; do echo '***' $ID $THE_REST ; podman inspect $ID | grep '"5000"' ; done | |||
=install guacamole= | |||
Create a mysql database. | |||
mysql ... | |||
Start guacd | |||
podman run --name some-guacd -d guacamole/guacd | |||
Start guacamole | |||
CREDS=guacamole ; podman run --name some-guacamole --link some-guacd:guacd -e MYSQL_DATABASE=${CREDS} -e MYSQL_HOSTNAME=172.17.0.1 -e MYSQL_PORT=3306 -e MYSQL_USER=${CREDS} -e MYSQL_PASSWORD=${CREDS} -d -p 8080:8080 guacamole/guacamole | |||
=List images= | |||
podman images | |||
=docker history image_name= | |||
name> will show the layers baked into an image. | |||
podman history $image | |||
=docker version= | |||
Which version of podman are we running. | |||
=docker info= | |||
Information about docker | |||
=docker cp= | |||
Copy file in and out of podman image. | |||
podman cp <containerId>:/file/path/in/container/file /host/local/path/file | |||
=create podman image based on centos 7= | |||
sudo podman run -i -t --name centos7 centos:7 /bin/bash | |||
Create image from Dockerfile | |||
podman build -t abjorklund/openshift_install . | |||
List images | |||
podman image ls | |||
Create container from image. Mount $PWD on /root/src | |||
podman run --rm -it -v $PWD:/root/src abjorklund/openshift_install | |||
=create podman image based on centor 7= | |||
sudo podman run -i -t --name centos7 centos:7 /bin/bash | |||
=Add mount to container= | |||
Commit existing image. | |||
sudo podman commit d3c982e9e73e centos7_2021-04-05_12-33 | |||
Add mount to new container | |||
sudo podman run -ti --mount type=bind,source=/opt/autopanopro/,target=/opt/autopanopro/ centos7_2021-04-05_12-33 /bin/bash | |||
=podman where are files stored= | |||
Which image is interesting. | |||
[root@worker-1 ~]# podman ps -a | |||
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES | |||
a1c2397ccd1a registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 3 months ago Exited (0) 2 months ago toolbox-root | |||
6782eb51bb24 registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 3 months ago Exited (0) 22 minutes ago toolbox-core | |||
3a11d6bb76c9 registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 5 months ago Exited (0) 5 months ago toolbox- | |||
Where are files stored. | |||
[root@worker-1 ~]# podman inspect 6782eb51bb24 | grep 02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac | |||
"UpperDir": "/var/lib/containers/storage/overlay/02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac/diff", | |||
"WorkDir": "/var/lib/containers/storage/overlay/02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac/work" | |||
=docker login halfface.se= | |||
Log in to a podman registry. | |||
podman login halfface.se | |||
=autostart= | |||
Make all podman images autostart. | |||
podman update --restart unless-stopped $(docker ps -q) | |||
=become root= | |||
podman exec -it --user 0 8346d5e8df67e96e1df5ebd50cd4d526fa066a07e274e76ae3ddf7dbf7e30f6a /bin/bash | |||
=inspect= | |||
Describe | |||
podman inspect minio_minio1_1 | |||
=docker-compose pull= | |||
Pulls an image associated with a service defined in a docker-compose.yml, docker-compose.override.yml or docker-stack.yml file, but does not start containers based on those images. | |||
docker-compose pull | |||
=docker-compose up= | |||
Bring up podman containers in detached mode. | |||
docker-compose up -d | |||
=update variable= | |||
Find Container id. | |||
podman ps -a --no-trunc | |||
stop podman daemon and change container config in | |||
/var/lib/docker/containers/[container-id]/config.json | |||
Start container. | |||
=set proxy= | |||
mkdir -p /etc/systemd/system/docker.service.d/ | |||
echo '[Service] | |||
Environment="HTTP_PROXY=http://proxy.int.redbridge.se:3128" | |||
Environment="HTTPS_PROXY=http://proxy.int.redbridge.se:3128" | |||
Environment="NO_PROXY=localhost,127.0.0.1" | |||
' > /etc/systemd/system/docker.service.d/proxy.conf | |||
systemctl daemon-reload | |||
systemctl restart docker | |||
=push container to docker.io= | |||
# login to where your container should reside. And create repository. In this example halfface/rockylinux-toolbox on docker.io. | |||
... | |||
# Create Dockerfile that describe your wanted state. | |||
# Specify the parent image from which we build | |||
FROM rockylinux/rockylinux:9 | |||
# Prepare container to suite your needs. | |||
RUN dnf -y install procps-ng iproute bind-utils && dnf clean all | |||
... | |||
# Clear crap from your local podman environment. | |||
podman system prune -a -f | |||
# Create container | |||
podman build -t rockylinux-toolbox:v1 . | |||
# Login to docker.io | |||
podman login -u halfface -p "${PASSWORD}" docker.io/halfface/rockylinux-toolbox | |||
# Tag image | |||
podman tag localhost/rockylinux-toolbox:v1 halfface/rockylinux-toolbox:v1 | |||
# Push container to docker.io/halfface/rockylinux-toolbox | |||
podman push halfface/rockylinux-toolbox:v1 | |||
# Now you can start to use you container. | |||
=Search for tags.= | |||
podman search --list-tags rb-dreg03.int.redbridge.se/docker-common-env/rockylinux-9-common-env --limit 40 | |||
=Run the container as $USER who has uid/gid 1111 on a hostname container-${HOSTNAME}.= | |||
podman run --user $USER --uidmap 1111:0:1 --uidmap 0:1:1111 -it -v $HOME:$HOME -h container-${HOSTNAME} rb-dreg03.int.redbridge.se/docker-common-env/rockylinux-9-common-env:latest | |||
=troubleshooting container= | |||
Network | |||
github.com/nicolaka/netshoot | |||
fedora:40 | |||
=skopeo= | |||
Investigate container | |||
skopeo inspect docker://docker.io/halfface/rockylinux-toolbox:latest | jq . | less |
Latest revision as of 12:37, 8 July 2024
install podman on fedora 21
Step 1: Install podman on Fedora 21
- As a matter of best practice, we’ll update our packages:
yum update -y
- Let’s install podman by installing the docker-io package:
yum -y install docker-io
- Once the installation completes, we’ll need to start the podman daemon:
systemctl start docker
- And finally, and optionally, let’s configure podman to start when the server boots:
systemctl enable docker
- Step 2: Download a podman Container
podman pull marina/fedora21-i386
Step 3: Run a podman Container basic fedora container with a bash shell, we just run one command. podman run will run a command in a new container, -i attaches stdin and stdout, -t allocates a tty, and we’re using the standard fedora
podman run -i -t marina/fedora21-i386 /bin/bash
connect, or detach, from the shell without exiting use the escape sequence Ctrl-p + Ctrl-q.
sudo podman run -i -t -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --rm marina/fedora21-i386 /bin/bash
Update image
sed -i 's/\$releasever/21/g;s/\$basearch/i386/g' /etc/yum.repos.d/* yum clean all yum -y update yum -y install firefox yum -y install https://www.halfface.se/jdk-8u40-linux-i586.rpm alternatives --install /usr/bin/java java /usr/java/latest/jre/bin/java 200000 alternatives --install /usr/bin/javaws javaws /usr/java/latest/jre/bin/javaws 200000 alternatives --install /usr/lib/mozilla/plugins/libjavaplugin.so libjavaplugin.so /usr/java/latest/jre/lib/i386/libnpjp2.so 200000 alternatives --install /usr/lib64/mozilla/plugins/libjavaplugin.so libjavaplugin.so.x86_64 /usr/java/latest/jre/lib/amd64/libnpjp2.so 200000 ln -sf /usr/java/latest/jre/lib/i386/libnpjp2.so /etc/alternatives/libjavaplugin.so yum -y install 'xorg-x11-fonts*' *Search for images. podman search fedora
attach container
List containers.
sudo podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 315ea401e287 marina/fedora21-i386:0.1.0 "/bin/bash" About an hour ago Up About an hour elated_nobel
list all containers
podman ps -a podman ps -a --no-trunc
Connect container
Reconnect process. When you do CTRL + c it will die.
sudo podman attach 315ea401e287
list images
sudo podman images
delete image
podman rmi 315ea401e287
delete container
podman container rm cc3f2ff51cab cd20b396a061
Connect to image
podman exec -it elated_nobel /bin/bash
logs
Look at log output from container.
podman logs some-guacamole podman logs --follow 123141234
stop
Stop podman image.
podman stop 7bcf035e1a4e
start
Start podman image
podman start 7bcf035e1a4e
list ip address of container
podman inspect -f 'Template:Range.NetworkSettings.NetworksTemplate:.IPAddressTemplate:End' c7eec987a17b
If you want to see all settings
podman inspect e2f7a7e275d5
look at mounts
podman inspect -f ‘Template:.Mounts’ 79b9ab19ace0
Guess which container uses which ip.
podman ps 2>&1 | grep -v '^CONTAINER ID' | while read ID THE_REST ; do echo '***' $ID $THE_REST ; podman inspect $ID | grep '"5000"' ; done
install guacamole
Create a mysql database.
mysql ...
Start guacd
podman run --name some-guacd -d guacamole/guacd
Start guacamole
CREDS=guacamole ; podman run --name some-guacamole --link some-guacd:guacd -e MYSQL_DATABASE=${CREDS} -e MYSQL_HOSTNAME=172.17.0.1 -e MYSQL_PORT=3306 -e MYSQL_USER=${CREDS} -e MYSQL_PASSWORD=${CREDS} -d -p 8080:8080 guacamole/guacamole
List images
podman images
docker history image_name
name> will show the layers baked into an image.
podman history $image
docker version
Which version of podman are we running.
docker info
Information about docker
docker cp
Copy file in and out of podman image.
podman cp <containerId>:/file/path/in/container/file /host/local/path/file
create podman image based on centos 7
sudo podman run -i -t --name centos7 centos:7 /bin/bash
Create image from Dockerfile
podman build -t abjorklund/openshift_install .
List images
podman image ls
Create container from image. Mount $PWD on /root/src
podman run --rm -it -v $PWD:/root/src abjorklund/openshift_install
create podman image based on centor 7
sudo podman run -i -t --name centos7 centos:7 /bin/bash
Add mount to container
Commit existing image.
sudo podman commit d3c982e9e73e centos7_2021-04-05_12-33
Add mount to new container
sudo podman run -ti --mount type=bind,source=/opt/autopanopro/,target=/opt/autopanopro/ centos7_2021-04-05_12-33 /bin/bash
podman where are files stored
Which image is interesting.
[root@worker-1 ~]# podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES a1c2397ccd1a registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 3 months ago Exited (0) 2 months ago toolbox-root 6782eb51bb24 registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 3 months ago Exited (0) 22 minutes ago toolbox-core 3a11d6bb76c9 registry.redhat.io/rhel8/support-tools:latest /usr/bin/bash 5 months ago Exited (0) 5 months ago toolbox-
Where are files stored.
[root@worker-1 ~]# podman inspect 6782eb51bb24 | grep 02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac "UpperDir": "/var/lib/containers/storage/overlay/02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac/diff", "WorkDir": "/var/lib/containers/storage/overlay/02a2f9b0010d4232445bb8bbc42ac4848e3c768e814849c711c19685bd2f46ac/work"
docker login halfface.se
Log in to a podman registry.
podman login halfface.se
autostart
Make all podman images autostart.
podman update --restart unless-stopped $(docker ps -q)
become root
podman exec -it --user 0 8346d5e8df67e96e1df5ebd50cd4d526fa066a07e274e76ae3ddf7dbf7e30f6a /bin/bash
inspect
Describe
podman inspect minio_minio1_1
docker-compose pull
Pulls an image associated with a service defined in a docker-compose.yml, docker-compose.override.yml or docker-stack.yml file, but does not start containers based on those images.
docker-compose pull
docker-compose up
Bring up podman containers in detached mode.
docker-compose up -d
update variable
Find Container id.
podman ps -a --no-trunc
stop podman daemon and change container config in
/var/lib/docker/containers/[container-id]/config.json
Start container.
set proxy
mkdir -p /etc/systemd/system/docker.service.d/ echo '[Service] Environment="HTTP_PROXY=http://proxy.int.redbridge.se:3128" Environment="HTTPS_PROXY=http://proxy.int.redbridge.se:3128" Environment="NO_PROXY=localhost,127.0.0.1" ' > /etc/systemd/system/docker.service.d/proxy.conf systemctl daemon-reload systemctl restart docker
push container to docker.io
# login to where your container should reside. And create repository. In this example halfface/rockylinux-toolbox on docker.io. ... # Create Dockerfile that describe your wanted state. # Specify the parent image from which we build FROM rockylinux/rockylinux:9 # Prepare container to suite your needs. RUN dnf -y install procps-ng iproute bind-utils && dnf clean all ... # Clear crap from your local podman environment. podman system prune -a -f # Create container podman build -t rockylinux-toolbox:v1 . # Login to docker.io podman login -u halfface -p "${PASSWORD}" docker.io/halfface/rockylinux-toolbox # Tag image podman tag localhost/rockylinux-toolbox:v1 halfface/rockylinux-toolbox:v1 # Push container to docker.io/halfface/rockylinux-toolbox podman push halfface/rockylinux-toolbox:v1 # Now you can start to use you container.
Search for tags.
podman search --list-tags rb-dreg03.int.redbridge.se/docker-common-env/rockylinux-9-common-env --limit 40
Run the container as $USER who has uid/gid 1111 on a hostname container-${HOSTNAME}.
podman run --user $USER --uidmap 1111:0:1 --uidmap 0:1:1111 -it -v $HOME:$HOME -h container-${HOSTNAME} rb-dreg03.int.redbridge.se/docker-common-env/rockylinux-9-common-env:latest
troubleshooting container
Network
github.com/nicolaka/netshoot fedora:40
skopeo
Investigate container
skopeo inspect docker://docker.io/halfface/rockylinux-toolbox:latest | jq . | less