点击查看代码
什么是podman
Podman是一个开源项目,可在大多数Linux平台上使用并开源在GitHub上。Podman是一个无守护进程的容器引擎,用于在Linux系统上开发,管理和运行Open Container Initiative(OCI)容器和容器镜像。Podman提供了一个与Docker兼容的命令行前端,它可以简单地作为Docker cli,简单地说你可以直接添加别名:alias docker = podman来使用podman。
Podman控制下的容器可以由root用户运行,也可以由非特权用户运行。Podman管理整个容器的生态系统,其包括pod,容器,容器镜像,和使用libpod library的容器卷。Podman专注于帮助您维护和修改OCI容器镜像的所有命令和功能,例如拉取和标记。它允许您在生产环境中创建,运行和维护从这些映像创建的容器
部署podman
[root@localhost ~]# dnf -y install podman
//配置podman镜像加速器
[root@localhost ~]# vim /etc/containers/registries.conf
unqualified-search-registries = ["docker.io"] //修改设置拉取镜像取docker官网拉取
[[registry]] //添加
prefix = "docker.io" //添加
location = "w673ojdv.mirror.aliyuncs.com" //配置加速器
[root@localhost ~]# systemctl enable --now podman
查看版本
[root@localhost ~]# podman -v
podman version 3.3.1
[root@localhost ~]# podman version
Version: 3.3.1
API Version: 3.3.1
Go Version: go1.16.7
Built: Wed Nov 10 05:23:56 2021
OS/Arch: linux/amd64
[root@localhost ~]#
查看详细信息
[root@localhost ~]# podman info
host:
arch: amd64
buildahVersion: 1.22.3
cgroupManager: systemd
cgroupVersion: v1
conmon:
package: conmon-2.0.29-1.module_el8.5.0+890+6b136101.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.29, commit: 84384406047fae626269133e1951c4b92eed7603'
cpus: 4
distribution:
distribution: '"centos"'
version: "8"
--rm //一次性容器,退出后直接删除
列出容器
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
//-a 查看全部容器,包含未启动的容器
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d0bd832c2d6 docker.io/library/httpd:latest httpd-foreground 2 minutes ago Created friendly_ritchie
启动一个或多个容器
[root@localhost ~]# podman start web
web
停止一个或多个容器
[root@localhost ~]# podman stop web
web
重启容器
[root@localhost ~]# podman restart web
1a779a889fd2d0758f1b1672a9142358153327f9ec00765e62641ce0fee79497
连接到运行的容器
[root@localhost ~]# podman attach web //退出会关闭
root@1a779a889fd2# exit
在运行的容器中运行命令
[En]
Run the command in the running container
[root@localhost ~]# podman exec -it web /bin/sh //退出不会停止
ls
bin build cgi-bin conf error htdocs icons include logs modules
exit
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
0118e5cab030 docker.io/library/httpd:latest /bin/bash 4 minutes ago Up 54 seconds ago 0.0.0.0:80->80/tcp web
删除容器
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
5d0bd832c2d6 docker.io/library/httpd:latest httpd-foreground 2 minutes ago Created friendly_ritchie
[root@localhost ~]# podman rm 5d0bd832c2d6
5d0bd832c2d6477ba535819abc1c4072ce17fa4feab015b4e92c72c9fb053831
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
391246a3e97d docker.io/library/httpd:latest httpd-foreground 12 seconds ago Created condescending_cartwright
[root@localhost ~]# podman rm -f 391246a3e97d //-f 强制删除
391246a3e97d071e4da2ac4dbe7b4414e99ac840edc67adaf1c7d9c04f5c9abf
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
查看容器日志
[root@localhost ~]# docker logs web
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message
[Fri Aug 05 15:17:38.444681 2022] [mpm_event:notice] [pid 1:tid 139833106722112] AH00489: Apache/2.4.52 (Unix) configured -- resuming normal operations
干掉运行中的容器
[root@localhost ~]# docker kill web //kill强制关闭
web
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9fdaf3c409da httpd "httpd-foreground" 6 minutes ago Exited (137) 4 seconds ago web
显示容器或镜像的配置
[root@localhost ~]# podman inspect httpd
[
{
"Id": "dabbfbe0c57b6e5cd4bc089818d3f664acfad496dc741c9a501e72d15e803b34",
"Digest": "sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32",
"RepoTags": [
"docker.io/library/httpd:latest"
],
"RepoDigests": [
"docker.io/library/httpd@sha256:0954cc1af252d824860b2c5dc0a10720af2b7a3d3435581ca788dff8480c7b32",
"docker.io/library/httpd@sha256:57c1e4ff150e2782a25c8cebb80b574f81f06b74944caf972f27e21b76074194"
]
登录镜像仓库
[root@localhost ~]# podman login docker.io
Username: xinruizhong
Password:
Login Succeeded!
登出镜像仓库
[root@localhost ~]# podman logout docker.io
Removed login credentials for docker.io
显示指定镜像的历史记录
[root@localhost ~]# podman image history httpd
ID CREATED CREATED BY SIZE COMMENT
dabbfbe0c57b 7 months ago /bin/sh -c #(nop) CMD ["httpd-foreground"] 0 B
<missing> 7 months ago /bin/sh -c #(nop) EXPOSE 80 0 B
<missing> 7 months ago /bin/sh -c #(nop) COPY file:c432ff61c4993e... 3.58 kB
<missing> 7 months ago /bin/sh -c #(nop) STOPSIGNAL SIGWINCH 0 B
<missing> 7 months ago /bin/sh -c set -eux; savedAptMark="$(apt... 61.1 MB
</missing></missing></missing></missing>
列出容器的端口映射或特定映射
[En]
List port mappings or specific mappings for containers
[root@localhost ~]# podman port web
80/tcp -> 0.0.0.0:80
重命名现有的容器
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7403c4f042b4 docker.io/library/httpd:latest /bin/sh 2 minutes ago Up 2 minutes ago 0.0.0.0:80->80/tcp web
[root@localhost ~]# podman rename web httpd
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
7403c4f042b4 docker.io/library/httpd:latest /bin/sh 3 minutes ago Up 2 minutes ago 0.0.0.0:80->80/tcp httpd
显示一个容器的运行进程
[root@localhost ~]# podman top web
USER PID PPID %CPU ELAPSED TTY TIME COMMAND
root 1 0 0.000 5m56.414637232s ? 0s httpd -DFOREGROUND
www-data 8 1 0.000 5m55.414828093s ? 0s httpd -DFOREGROUND
www-data 9 1 0.000 5m55.414853952s ? 0s httpd -DFOREGROUND
www-data 10 1 0.000 5m55.414877937s ? 0s httpd -DFOREGROUND
给本地镜像添加标签
root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/httpd latest dabbfbe0c57b 7 months ago 148 MB
[root@localhost ~]# podman tag docker.io/library/httpd docker.io/library/httpd:v0.1
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/httpd latest dabbfbe0c57b 7 months ago 148 MB
docker.io/library/httpd v0.1 dabbfbe0c57b 7 months ago 148 MB
podman生成
[root@localhost ~]# podman generate systemd --help
Generate systemd units.
Description:
Generate systemd units for a pod or container.
The generated units can later be controlled via systemctl(1).
Usage:
podman generate systemd [options] {CONTAINER|POD}
Examples:
podman generate systemd CTR
podman generate systemd --new --time 10 CTR
podman generate systemd --files --name POD
Options:
--container-prefix string Systemd unit name prefix for containers (default "container")
-f, --files Generate .service files instead of printing to stdout
--format string Print the created units in specified format (json)
-n, --name Use container/pod names instead of IDs
--new Create a new container instead of starting an existing one
--no-header Skip header generation
--pod-prefix string Systemd unit name prefix for pods (default "pod")
--restart-policy string Systemd restart-policy (default "on-failure")
--separator string Systemd unit name separator between name/id and prefix (default "-")
-t, --time uint Stop timeout override (default 10)
//示例
[root@localhost ~]# podman generate systemd --name web --files --new
/root/container-web.service
[root@localhost ~]# cp /root/container-web.service /usr/lib/systemd/system/
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl status container-web.service
● container-web.service - Podman container-web.service
Loaded: loaded (/usr/lib/systemd/system/container-web.service; disabled; vendor preset: disabl>
Active: inactive (dead)
Docs: man:podman-generate-systemd(1)
[root@localhost ~]# systemctl enable --now container-web.service
Created symlink /etc/systemd/system/multi-user.target.wants/container-web.service → /usr/lib/systemd/system/container-web.service.
Created symlink /etc/systemd/system/default.target.wants/container-web.service → /usr/lib/systemd/system/container-web.service.
显示容器资源使用统计信息的实时流
[En]
A real-time stream that displays container resource usage statistics
[root@localhost ~]# podman stats web
ID NAME CPU % MEM USAGE / LIMIT MEM % NET IO BLOCK IO PIDS CPU TIME AVG CPU %
1d337a97c9a0 web 0.01% 27.96MB / 3.885GB 0.72% 1.604kB / 2.205kB 8.192kB / 0B 82 74.971194ms 0.00%
卸载工作容器的根文件系统
[En]
Unmount the root file system of the working container
[root@localhost ~]# podman umount web
web
[root@localhost ~]# podman exec -it web /bin/sh //卸载后无法进入容器
Error: exec failed: container_linux.go:380: starting container process caused: process_linux.go:99: starting setns process caused: fork/exec /proc/self/exe: no such file or directory: OCI runtime attempted to invoke a command that was not found
挂载工作容器的根文件系统
[En]
Mount the root file system of the working container
[root@localhost ~]# podman mount web
/var/lib/containers/storage/overlay/e190e6ad8069bc29d32418a2eeb3f9d7d4a7d831a1a36cc97ef5f5d6111b8b2b/merged
[root@localhost ~]# podman exec -it web /bin/sh
exit
Original: https://www.cnblogs.com/Their-own/p/16586616.html
Author: 事愿人为
Title: Podman部署及应用
原创文章受到原创版权保护。转载请注明出处:https://www.johngo689.com/522878/
转载文章受原作者版权保护。转载请注明原作者出处!