podman介绍

podman介绍

在这里插入图片描述

什么是 Podman?简而言之: alias docker = podman

Podman 是一个开源的容器管理工具,其可在大多数 Linux 平台上使用,它是一种无守护程序的容器引擎,用于在 Linux 系统上开发,管理和运行任何符合 Open Container Initiative(OCI)标准的容器和容器镜像,提供了一个与Docker兼容的命令行前端,该前端可以简单地为Docker CLI别名,即“ alias docker = podman”。Podman控制下的容器既可以由root用户运行,也可以由非特权用户运行,这个是Podman与Docker最大的差别之一。

podman使用

1. 安装podman

[root@localhost ~]# yum -y install podman

2. 查看podman命令的帮助


[root@localhost ~]# podman --help
manage pods and images

Usage:
  podman [flags]
  podman [command]

Available Commands:
  attach      Attach to a running container
  build       Build an image using instructions from Containerfiles
  commit      Create new image based on the changed container
  container   Manage Containers
  cp          Copy files/folders between a container and the local filesystem
  create      Create but do not start a container
  diff        Inspect changes on container's file systems
  events      Show podman events
  ......

3. 查看podman具体命令的帮助


[root@localhost ~]# podman ps --help
List containers

Description:
  Prints out information about the containers

Usage:
  podman ps [flags]

Examples:
  podman ps -a
  podman ps -a --format "{{.ID}}  {{.Image}}  {{.Labels}}  {{.Mounts}}"
  podman ps --size --sort names

......

4. 查看podman命令man手册

[root@localhost ~]# man podman

5. 查看podman具体命令的man手册

[root@localhost ~]# man podman ps

6. 查找httpd镜像

[root@localhost ~]# podman search httpd
INDEX        NAME                                                                          DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
redhat.com   registry.access.redhat.com/rhscl/httpd-24-rhel7                               Apache HTTP 2.4 Server                            0                  
redhat.com   registry.access.redhat.com/rhmap45/httpd                                      Provides an extension to the RHSCL Httpd ima...   0                  
redhat.com   registry.access.redhat.com/cloudforms46-beta/cfme-openshift-httpd             CloudForms is a management and automation pl...   0                  
redhat.com   registry.access.redhat.com/rhmap44/httpd                                      Provides an extension to the RHSCL Httpd Doc...   0                  
redhat.com   registry.access.redhat.com/cloudforms46/cfme-openshift-httpd                  Web Server image for a multi-pod Red Hat® C...    0                  
redhat.com   registry.access.redhat.com/rhmap42/httpd                                      Provides an extension to the RHSCL Httpd Doc...   0                  
redhat.com   registry.access.redhat.com/rhmap46/httpd                                      Provides an extension to the RHSCL Httpd ima...   0                  
redhat.com   registry.access.redhat.com/cloudforms47/cfme-openshift-httpd                  CloudForms 4.7 APP image for OpenShift            0                  
redhat.com   registry.access.redhat.com/rhmap43/httpd                                      Provides an extension to the RHSCL Httpd Doc...   0                  
redhat.com   registry.access.redhat.com/rhmap47/httpd                                      Provides an extension to the RHSCL Httpd ima...   0                  
redhat.com   registry.access.redhat.com/ubi8/httpd-24                                      Platform for running Apache httpd 2.4 or bui...   0     

7. 查找官方的httpd镜像


[root@localhost ~]# podman search httpd --filter=is-official
INDEX       NAME                      DESCRIPTION                      STARS   OFFICIAL   AUTOMATED
docker.io   docker.io/library/httpd   The Apache HTTP Server Project   3794    [OK]       

8. 拉取httpd镜像

[root@localhost ~]# podman pull docker.io/library/httpd
Trying to pull docker.io/library/httpd...
Getting image source signatures
Copying blob aa379c0cedc2 done  
Copying blob e5ae68f74026 done  
Copying blob f1aa5f54b226 done  
Copying blob d3576f2b6317 done  
Copying blob bc36ee1127ec done  
Copying config ea28e1b82f done  
Writing manifest to image destination
Storing signatures
ea28e1b82f314092abd3f90a69e57d6ccf506382821ee0b8d9b48c3e47440c1f

9. 列出镜像

[root@localhost ~]# podman images
REPOSITORY                TAG      IMAGE ID       CREATED       SIZE
docker.io/library/httpd   latest   ea28e1b82f31   12 days ago   148 MB

10. 运行容器

此示例容器将运行一个非常基本的 httpd 服务器,该服务器仅为其索引页提供服务

[root@localhost ~]# podman run -dt -p 80:80  docker.io/library/httpd
c9bb7438aaf04d6807087f9cac703eeba1b0ca43a62ba208283c71b0056da706

11. 列出正在运行的容器

[root@localhost ~]# podman ps
CONTAINER ID  IMAGE                           COMMAND           CREATED        STATUS            PORTS               NAMES
c9bb7438aaf0  docker.io/library/httpd:latest  httpd-foreground  9 seconds ago  Up 9 seconds ago  0.0.0.0:80->80/tcp  dreamy_raman

12. 查看容器信息

[root@localhost ~]#  podman inspect dreamy_raman |grep -i ipAddress
            "SecondaryIPAddresses": null,
            "IPAddress": "10.88.0.2",

13. 查看最新创建的容器信息

[root@localhost ~]#  podman inspect -l |grep -i ipAddress
            "SecondaryIPAddresses": null,
            "IPAddress": "10.88.0.2",

14. 查看最新创建的容器的日志

[root@localhost ~]# podman logs -l
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.88.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.88.0.2. Set the 'ServerName' directive globally to suppress this message
[Tue Dec 14 10:05:42.976520 2021] [mpm_event:notice] [pid 1:tid 140299619630400] AH00489: Apache/2.4.51 (Unix) configured -- resuming normal operations
[Tue Dec 14 10:05:42.976630 2021] [core:notice] [pid 1:tid 140299619630400] AH00094: Command line: 'httpd -D FOREGROUND'

15. 查看最新创建容器的进程

[root@localhost ~]# podman  top -l
USER       PID   PPID   %CPU    ELAPSED            TTY     TIME   COMMAND
root       1     0      0.000   10m23.606023575s   pts/0   0s     httpd -DFOREGROUND 
www-data   7     1      0.000   10m23.606078625s   pts/0   0s     httpd -DFOREGROUND 
www-data   8     1      0.000   10m23.606112801s   pts/0   0s     httpd -DFOREGROUND 
www-data   9     1      0.000   10m23.60614431s    pts/0   0s     httpd -DFOREGROUND 

16. 删除最新创建的容器

[root@localhost ~]# podman rm -f -l 
c9bb7438aaf04d6807087f9cac703eeba1b0ca43a62ba208283c71b0056da706

17. 查看所有容器

[root@localhost ~]# podman  ps -a
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES

普通用户的使用方式

1. 普通用户使用的配置

在允许没有root特权的用户运行Podman之前,管理员必须安装或构建Podman并完成以下配置

cgroup V2Linux内核功能允许用户限制普通用户容器可以使用的资源,如果使用cgroup V2启用了运行Podman的Linux发行版,则可能需要更改默认的OCI运行时。某些较旧的版本runc不适用于cgroup V2,必须切换到备用OCI运行时crun。

[root@podman containers]# yum -y install crun

可以使用–runtime选项在命令行中打开对cgroup V2的替代OCI运行时支持

podman  --runtime crun

也可以修改containers.conf文件runtime = "runc"到runtime = “crun”

[root@podman ~]# vim /usr/share/containers/containers.conf 

runtime = "crun"
#runtime = "runc"

2. 安装slirp4netns

slirp4nets包为普通用户提供一种网络模式

[root@podman ~]# yum -y install slirp4netns

3. 安装fuse-overlayfs

在普通用户环境中使用Podman时,建议使用fuse-overlayfs而不是VFS文件系统,至少需要版本0.7.6。

[root@podman ~]# yum -y install fuse-overlayfs

配置storage.conf文件

[root@podman ~]#  vim /etc/containers/storage.conf
mount_program = "/usr/bin/fuse-overlayfs"  #取消注释

4. /etc/subuid和/etc/subgid配置

/etc/subuid文件的格式为USERNAME:UID:RANGE

  • 在/ etc / passwd或getpwent中列出的用户名。
  • 为用户分配的初始uid。
  • 为用户分配的UID范围的大小
[root@localhost yum.repos.d]# podman exec -it httpd /bin/bash
root@700a85cd10ee:/usr/local/apache2# useradd apache
root@700a85cd10ee:/usr/local/apache2# cat /etc/subuid 
apache:100000:65536
root@700a85cd10ee:/usr/local/apache2# cat /etc/subgid
apache:100000:65536
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值