podman案例：容器apache新旧版本更迭，数据持久化

podman案例：容器中apache新旧版本更迭，数据持久化

1.拉取新旧版本镜像到本地，做好准备工作

• RedHat官方镜像仓：https://catalog.redhat.com/software/containers/explore
• 可以在网页上查询自己需要的镜像，然后在shell终端执行命令，进行拉取使用

# 拉取旧版本的apache的镜像到本地
[root@rhel-liuyunfei-82 ~]# podman pull registry.redhat.io/rhel8/httpd-24:1-160
Trying to pull registry.redhat.io/rhel8/httpd-24:1-160...
Getting image source signatures
Copying blob 06038631a24a done
Copying blob 44115d860fce done
Copying blob 7220659c6858 done
Copying blob 262268b65bd5 done
Copying config b9c0594ea9 done
Writing manifest to image destination
Storing signatures
b9c0594ea9037e2ecfbd8182c4edf727fb4f7b51839fa334d5681c2963576756

# 拉取新版本的镜像到本地
[root@rhel-liuyunfei-82 ~]# podman pull registry.redhat.io/rhel8/httpd-24
Trying to pull registry.redhat.io/rhel8/httpd-24...
Getting image source signatures
Copying blob eac1b95df832 skipped: already exists
Copying blob 47aa3ed2034c skipped: already exists
Copying blob e9046716b06d skipped: already exists
Copying blob 9ea3e616d557 done
Copying config 0d04740850 done
Writing manifest to image destination
Storing signatures
0d04740850e8ba516528b96feea3871e49d858fb684c1a015b2846e4e73dd77e

[root@rhel-liuyunfei-82 ~]# podman images | grep httpd
registry.redhat.io/rhel8/httpd-24      latest   0d04740850e8   7 days ago    462 MB
registry.redhat.io/rhel8/httpd-24      1-160    b9c0594ea903   7 days ago   461 MB

2.启动旧版本的容器，同时将数据持久化，端口映射

• 如果做数据持久化，外部目录和文件的selinux上下文标签必须是容器所规定的上下文标签：container_file_t
  • 可以在启动容器做数据持久化时，指定 Z 参数，podman会自动将外部目录和文件上下文标签修改
  • 也可以不指定，后续自己手动修改上下文标签，修改为：container_file_t

# Linux系统创建外部目录，与容器内部进行数据持久化
[root@rhel-liuyunfei-82 ~]# mkdir -p ~/httpd/html
# 检测上下文标签，发现不是容器定义的selinux上下文标签，后续指定参数自动修改
[root@rhel-liuyunfei-82 ~]# ls -Zd ~/httpd/html
unconfined_u:object_r:admin_home_t:s0 /root/httpd/html
# 创建测试文件
[root@rhel-liuyunfei-82 ~]# echo "this is the Linux system directory" > ~/httpd/html/index.html
[root@rhel-liuyunfei-82 ~]# ls -Z ~/httpd/html/index.html
unconfined_u:object_r:admin_home_t:s0 /root/httpd/html/index.html

# 使用旧版本镜像启动apache容器
[root@rhel-liuyunfei-82 ~]# podman run -d --name=httpd-1 -p 8080:8080 -v ~/httpd:/var/www:Z registry.redhat.io/rhel8/httpd-24:1-160
d07a455362adf7cb09efbc896ca83af81e2352355363e5ac5563c79c1ef06a1d

# 查询容器状态
[root@rhel-liuyunfei-82 ~]# podman ps
CONTAINER ID  IMAGE                                     COMMAND               CREATED        STATUS            PORTS                   NAMES
d07a455362ad  registry.redhat.io/rhel8/httpd-24:latest  /usr/bin/run-http...  3 seconds ago  Up 2 seconds ago  0.0.0.0:8080->8080/tcp  httpd-1

2.1本地测验是否创建成功

[root@rhel-liuyunfei-82 ~]# curl http://localhost:8080
this is the Linux system directory

3.进入容器中进行检查apache服务默认根文档路径 /var/www/html/index.html。

# 进入容器
[root@rhel-liuyunfei-82 ~]# podman exec -it httpd-1 /bin/bash
# 检察服务状态
bash-4.4$ ps -ef
UID          PID    PPID  C STIME TTY          TIME CMD
default        1       0  0 04:33 ?        00:00:00 httpd -D FOREGROUND
default       35       1  0 04:33 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       36       1  0 04:33 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       37       1  0 04:33 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       38       1  0 04:33 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       39       1  0 04:33 ?        00:00:00 httpd -D FOREGROUND
default       40       1  0 04:33 ?        00:00:01 httpd -D FOREGROUND
default       42       1  0 04:33 ?        00:00:01 httpd -D FOREGROUND
default       59       1  0 04:33 ?        00:00:01 httpd -D FOREGROUND
default      266       0  0 05:37 pts/0    00:00:00 /bin/bash
default      272     266  0 05:39 pts/0    00:00:00 ps -ef
# 查看根文档路径默认文件内容是否是与Linux系统中容器外部持久化目录中文件内容相同
bash-4.4$ cat /var/www/html/index.html
this is the Linux system directory

# 检查结果内容成功，退出
bash-4.4$ exit
exit

4.删除旧的容器，启动新的容器，查看内容

# 停止。删除旧的容器，但目录依然保留
[root@rhel-liuyunfei-82 ~]# podman stop httpd-1
d07a455362adf7cb09efbc896ca83af81e2352355363e5ac5563c79c1ef06a1d
[root@rhel-liuyunfei-82 ~]# podman rm httpd-1
d07a455362adf7cb09efbc896ca83af81e2352355363e5ac5563c79c1ef06a1d

# 使用latest标签的最新镜像，创建容器
[root@rhel-liuyunfei-82 ~]# podman run -d --name=httpd-new -p 8080:8080 -v ~/httpd:/var/www:Z registry.redhat.io/rhel8/httpd-24:latest
c1ccaa70af7453e0fdafbf5ceab248d76527d0e09dc8984fc64297397b8a4c29

# 查看新容器的状态
[root@rhel-liuyunfei-82 ~]# podman ps
CONTAINER ID  IMAGE                                     COMMAND               CREATED         STATUS             PORTS                   NAMES
c1ccaa70af74  registry.redhat.io/rhel8/httpd-24:latest  /usr/bin/run-http...  14 minutes ago  Up 14 minutes ago  0.0.0.0:8080->8080/tcp  httpd-new
# 进入新的容器，检查默认根文档路径的默认文件内容
[root@rhel-liuyunfei-82 ~]# podman exec -it httpd-new /bin/bash
bash-4.4$ ps -ef
UID          PID    PPID  C STIME TTY          TIME CMD
default        1       0  0 05:44 ?        00:00:00 httpd -D FOREGROUND
default       35       1  0 05:44 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       36       1  0 05:44 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       37       1  0 05:44 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       38       1  0 05:44 ?        00:00:00 /usr/bin/coreutils --coreutils-prog-shebang
default       39       1  0 05:44 ?        00:00:00 httpd -D FOREGROUND
default       40       1  0 05:44 ?        00:00:00 httpd -D FOREGROUND
default       41       1  0 05:44 ?        00:00:00 httpd -D FOREGROUND
default       50       1  0 05:44 ?        00:00:00 httpd -D FOREGROUND
default      254       0  8 05:59 pts/0    00:00:00 /bin/bash
default      259     254  0 05:59 pts/0    00:00:00 ps -ef
bash-4.4$ cat /var/www/html/index.html
this is the Linux system directory
# 成功实现预期目标，退出
bash-4.4$ exit
exit

5.检查镜像更改之后访问是否成功

[root@rhel-liuyunfei-82 ~]# curl http://localhost:8080
this is the Linux system directory