Podman boots up the container automatically and compares it with Docker

1. Introduction to podman
2. Advantages compared to Docker
3. Compatibility
4. Priority of background service unit files
5. Basic operations of podman

Install
Version
storehouse
Command Help
Image Accelerator
Pull the image

6. Run a web container

Start a web container in the background and access the container content
Pausing and deleting containers

7. Web container settings start automatically

Running a web container in the background
Create a .service unit file
View the generated unit file
Delete the container just now
Set up automatic startup

1. Introduction to podman

Podman was previously part of the CRI-O project, and was later separated into an independent project, libpod. Libpod is a tool and library for creating container pods. Podman is a daemonless container engine that runs as a root user or in rootless mode. In short, podman provides a docker-CLI command line to manage containers.

2. Advantages compared to Docker

Docker disadvantage 1:

As we all know, Docker's daemon occupies almost 100% of CPU resources on multiple cores, using a C/S model.

Podman advantage 1:

Podman does not require a daemon process or a root permission group, and uses the user namespace to simulate root operation in the container, adopting the fork/exec model.

The fork/exec model has the following advantages over the C/S model:

System administrators know who started a container
Use cgroup to restrict podman, and the corresponding created containers will also be restricted
The generation of systemd unit files can manage the startup and shutdown of tasks
Socket activation, send the socket from systemd to the podman container for use

3. Compatibility

Most of the functions of docker are compatible with podman, and aliases can also be used to write docker commands.

4. Priority of background service unit files

/usr/lib/systemd/user : The lowest priority, will be overwritten by the unit with the same name with a higher priority ~/.local/share/systemd/user

/etc/systemd/user : Globally shared user-level unit[s]

~/.config/systemd/user : highest priority

5. Basic operations of podman

Install

#Default centos source [root@slave02 ~]# yum -y module install container-tools #Container tool based on module [root@slave02 ~]# yum -y install podman-docker #Install docker compatible package (optional)

Version

[root@slave02 ~]# podman -v
podman version 3.3.0-dev

storehouse

Official repository: registry.access.redhat.com

Third-party repository: docker.io

Private repository: registry.lab.example.com

Command Help

[root@slave02 ~]# podman help|head -15
Manage pods, containers and images
Usage:
  podman [options] [command]
Available Commands:
  Attach Attach to a running container
  auto-update Auto update containers according to their auto-update policy
  build Build an image using instructions from Containerfiles
  commit Create new image based on the changed container #Create a new container based on the modified container container Manage containers
  cp Copy files/folders between a container and the local filesystem
  create Create but do not start a container
  diff Display the changes to the object's file system
  events Show podman events
....

Image Accelerator

Modify the configuration file: /etc/containers/registries.conf

Note: It cannot contain httpds//:url format

[root@slave02 ~]# cp /etc/containers/registries.conf /backup/registries.conf.back #Back up [root@slave02 ~]# vim /etc/containers/registries.conf
unqualified-search-registries = ["docker.io"] # Unqualified search registry [[registry]]
prefix = "docker.io"
location = "x" #x is the Ali acceleration mirror address

Pull the image

[root@slave02 ~]# podman pull nginx

6. Run a web container

Start a web container in the background and access the container content

#Prepare html page content[root@192 ~]# cat /opt/webhtml/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition
#Run a daemon web container process and map the contents of the /opt/webhtml directory to the container's /usr/share/nginx/html where web pages are stored [root@192 ~]# podman run -d --name web -p 8888:80 -v /opt/webhtml:/usr/share/nginx/html nginx
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c
[root@podman ~]# curl 192.168.136.129:8888
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition
#Container IP
[root@podman ~]# podman inspect web|grep IPAddress
"IPAddress": "10.88.0.6",
"IPAddress": "10.88.0.6",
#Host machine's ip
[root@podman ~]# ip r
192.168.136.0/24 dev ens33 proto kernel scope link src 192.168.136.129 metric 100 
#Since port binding is performed, you can directly access it by curl 192.168.136.129:8888

Enter the backend web container and check the service status

[root@podman ~]# podman exec -it web bash
root@3528e6d5148b:/# service nginx status
[ ok ] nginx is running. #Running

Modify container service content

#Modify the host machine /opt/webhtml/index.html [root@podman ~]# cat /opt/webhtml/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS
RHCE RHCA
#Access [root@podman ~]# curl 192.168.136.129:8888
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS 
RHCE RHCA
#Enter the container to check whether the content has been modified [root@podman ~]# podman exec -it web bash
root@3528e6d5148b:/# cat /usr/share/nginx/html/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS 
RHCE RHCA

Pausing and deleting containers

#Pause [root@podman ~]# podman stop web
web
[root@podman ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3528e6d5148b docker.io/library/nginx:latest nginx -g daemon o... 25 minutes ago Exited (0) 16 seconds ago 0.0.0.0:8888->80/tcp web
#delete [root@podman ~]# podman rm web
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c
#Or forcefully delete the running container [root@podman ~]# podman rm -f web
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c

7. Web container settings start automatically

Running a web container in the background

[root@podman ~]# podman run --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx
910db3ab6bd1ef18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a

Based on the web container, in the /etc/systemd/system with normal priority

Create a .service unit file

[root@192 ~]# cd /etc/systemd/system/
[root@podman user]# podman generate systemd --
--container-prefix (Systemd unit name prefix for containers)
--files {generate .service files instead of printing to standard output}
--format (Print the created units in specified format (json)) #Print unit files in the specified format --name (Use container/pod names instead of IDs) #Create a new container instead of using an existing container --new (Create a new container instead of starting an existing one) # (Skip header generation)
--no-header (Skip header generation)
--pod-prefix (Systemd unit name prefix for pods)
--restart-policy (Systemd restart-policy)
--separator (Systemd unit name separator between name/id and prefix)
--time (Stop timeout override)
[root@192 system]# podman generate systemd --name web --files --new
/etc/systemd/system/container-web.service

View the generated unit file

[root@192 system]# cat container-web.service 
# container-web.service
# autogenerated by Podman 3.3.0-dev # Tue Aug 17 13:03:13 CST 2021 # Tuesday, August 17 13:03:13 CST 2021                                                            
[Unit] #Unit Description=Podman container-web.service #Description Documentation=man:podman-generate-systemd(1) #Help and generated system Wants=network-online.target #Network After=network-online.target
RequiresMountsFor=%t/containers # Skip the previous one if it is not important [Service]
Environment=PODMAN_SYSTEMD_UNIT=%n                   
Restart=on-failure #Restart on failure TimeoutStopSec=70 #Timeout ExecStart=/usr/bin/podman run --sdnotify=conmon --cgroups=no-conmon --rm --replace --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx #Execution starts with /usr/bin/podman running the container just created Type=notify
NotifyAccess=all
[Install]
WantedBy=multi-user.target default.target

Delete the container just now

[root@podman ~]# podman rm web
910db3ab6bd1ef18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a
[root@podman ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

Set up automatic startup

[root@192 ~]# systemctl daemon-reload 
[root@192 ~]# systemctl enable --now container-web.service 
Created symlink /etc/systemd/system/multi-user.target.wants/container-web.service → /etc/systemd/system/container-web.service.
Created symlink /etc/systemd/system/default.target.wants/container-web.service → /etc/systemd/system/container-web.service.
[root@192 user]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b0c7709cb00e docker.io/library/nginx:latest nginx -g daemon o... 15 seconds ago Up 16 seconds ago 0.0.0.0:8080->80/tcp web

Setting up a container in rootless mode is similar to the above method.

Use the systemctl command with --user

#You need to run the loginctl enable-linger command to enable the user service to start automatically when the server starts [containers@serverb ~]$ loginctl enable-linger

The above is the detailed content of the implementation process of Podman booting and self-starting containers. For more information about Podman booting and self-starting containers, please pay attention to other related articles on 123WORDPRESS.COM!

You may also be interested in: