mirror/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2026-01-30 00:41:40 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
097b0eaa9aa03112e86368d20d7e30a8df2d43f3
podman/docs/tutorials/podman_tutorial.md
Kushal f7f220d827 remove sudo 
just tested with podman 1.0.0 on fedora 29
we don't need sudo

I tried this again and it seems like we DO need sudo?
Maybe I misunderstood something
but looks like I am unable to reproduce getting an IP address

also it would be nice if creating a check point
(which I belive means writing to disk) could be done without root
but I guess it depends on where on disk I am writing?

in any case, here is my new console output

```console
[kus@asus-vivobook personal]$ cd libpod/
[kus@asus-vivobook libpod]$ git checkout patch-1
Branch 'patch-1' set up to track remote branch 'patch-1' from 'origin'.
Switched to a new branch 'patch-1'
[kus@asus-vivobook libpod]$ podman run -dt -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
>                   -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
>                   -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
>                   registry.fedoraproject.org/f29/httpd /usr/bin/run-httpd
Trying to pull registry.fedoraproject.org/f29/httpd...Getting image source signatures
Copying blob 281a37f51f75: 85.68 MiB / 85.68 MiB [=======================] 1m47s
Copying blob ab0d48faadd2: 4.64 MiB / 4.64 MiB [=========================] 1m47s
Copying blob e1bf69dce18d: 49.77 MiB / 49.77 MiB [=======================] 1m47s
Copying config 532763348c4e: 6.66 KiB / 6.66 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777
[kus@asus-vivobook libpod]$ podman ps
CONTAINER ID  IMAGE                                        COMMAND               CREATED        STATUS            PORTS  NAMES
78917177dbf7  registry.fedoraproject.org/f29/httpd:latest  container-entrypo...  4 seconds ago  Up 3 seconds ago         nifty_lewin
[kus@asus-vivobook libpod]$ podman inspect -l | grep IPAddress\"
            "IPAddress": "",
[kus@asus-vivobook libpod]$ sudo podman inspect -l | grep IPAddress\"
[sudo] password for kus:
no such container
[kus@asus-vivobook libpod]$ podman logs --latest
=> sourcing 10-set-mpm.sh ...
=> sourcing 20-copy-config.sh ...
=> sourcing 40-ssl-certs.sh ...
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 22 12:59:38.887673 2019] [ssl:warn] [pid 1:tid 140100965338496] AH01909: 10.0.2.100:8443:0 server certificate does NOT include an ID which matches the server name
AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message
[Tue Jan 22 12:59:38.998169 2019] [ssl:warn] [pid 1:tid 140100965338496] AH01909: 10.0.2.100:8443:0 server certificate does NOT include an ID which matches the server name
[Tue Jan 22 12:59:38.998876 2019] [lbmethod_heartbeat:notice] [pid 1:tid 140100965338496] AH02282: No slotmem from mod_heartmonitor
[Tue Jan 22 12:59:39.001562 2019] [cgid:error] [pid 28:tid 140100965338496] (13)Permission denied: AH01243: Couldn't bind unix domain socket /run/httpd/cgisock.1
[Tue Jan 22 12:59:39.006051 2019] [mpm_event:notice] [pid 1:tid 140100965338496] AH00489: Apache/2.4.37 (Fedora) OpenSSL/1.1.1-pre9 configured -- resuming normal operations
[Tue Jan 22 12:59:39.006164 2019] [core:notice] [pid 1:tid 140100965338496] AH00094: Command line: 'httpd -D FOREGROUND'
[Tue Jan 22 12:59:39.006445 2019] [cgid:crit] [pid 1:tid 140100965338496] AH01238: cgid daemon failed to initialize
[kus@asus-vivobook libpod]$ podman top 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777
USER      PID   PPID   %CPU    ELAPSED           TTY     TIME   COMMAND
default   1     0      0.000   2m10.968144627s   pts/0   0s     httpd -D FOREGROUND
default   24    1      0.000   2m9.968688975s    pts/0   0s     /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default   25    1      0.000   2m9.968784295s    pts/0   0s     /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default   26    1      0.000   2m9.968880829s    pts/0   0s     /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default   27    1      0.000   2m9.968997468s    pts/0   0s     /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default   29    1      0.000   2m9.969134191s    pts/0   0s     httpd -D FOREGROUND
default   38    1      0.000   2m9.969239549s    pts/0   0s     httpd -D FOREGROUND
default   72    1      0.000   2m9.969344456s    pts/0   0s     httpd -D FOREGROUND
[kus@asus-vivobook libpod]$ podman container checkpoint 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777
checkpointing a container requires root
[kus@asus-vivobook libpod]$ podman stop --latest
78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777
[kus@asus-vivobook libpod]$ podman ps -a
CONTAINER ID  IMAGE                                        COMMAND               CREATED        STATUS                    PORTS  NAMES
78917177dbf7  registry.fedoraproject.org/f29/httpd:latest  container-entrypo...  3 minutes ago  Exited (0) 9 seconds ago         nifty_lewin
[kus@asus-vivobook libpod]$ podman rm --latest
78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777
```

original:
```console
[kus@mcny ~]$ podman run -dt -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
>                   -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
>                   -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
>                   registry.fedoraproject.org/f27/httpd /usr/bin/run-httpd
Trying to pull registry.fedoraproject.org/f27/httpd...Getting image source signatures
Copying blob ff3dab903f92: 80.73 MiB / 80.73 MiB [=========================] 14s
Copying blob 9347d6e9d864: 7.30 MiB / 7.30 MiB [===========================] 14s
Copying blob 2fc5c44251d4: 44.82 MiB / 44.82 MiB [=========================] 14s
Copying config 18f01f6f77ef: 6.55 KiB / 6.55 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
d0362571c3850159315778700a63a305296150177578a9339cca0d9c86ed97f1
[kus@mcny ~]$ podman ps
CONTAINER ID  IMAGE                                        COMMAND               CREATED         STATUS             PORTS  NAMES
d0362571c385  registry.fedoraproject.org/f27/httpd:latest  container-entrypo...  36 seconds ago  Up 36 seconds ago         happy_babbage
[kus@mcny ~]$
```

Signed-off-by: Kushal <kushaldeveloper@gmail.com>
2019-01-22 08:04:25 -05:00

8.2 KiB
Raw Blame History

PODMAN logo

Basic Setup and Use of Podman

Podman is a utility provided as part of the libpod library. It can be used to create and maintain containers. The following tutorial will teach you how to set up Podman and perform some basic commands with Podman.

NOTE: the code samples are intended to be run as a non-root user, and use sudo where root escalation is required.

Install Podman on Fedora from RPM Repositories

Fedora 27 and later provide Podman via the package manager.

sudo dnf install -y podman

Install Podman on Fedora from Source

Many of the basic components to run Podman are readily available from the Fedora RPM repositories. In this section, we will help you install all the runtime and build dependencies for Podman, acquire the source, and build it.

Installing build and runtime dependencies

sudo dnf install -y git runc libassuan-devel golang golang-github-cpuguy83-go-md2man glibc-static \
                                  gpgme-devel glib2-devel device-mapper-devel libseccomp-devel \
                                  atomic-registries iptables skopeo-containers containernetworking-cni \
                                  conmon ostree-devel

Building and installing podman

First, configure a GOPATH (if you are using go1.8 or later, this defaults to ~/go), then clone and make libpod.

export GOPATH=~/go
mkdir -p $GOPATH
git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
cd $GOPATH/src/github.com/containers/libpod
make
sudo make install PREFIX=/usr

You now have a working podman environment. Jump to Familiarizing yourself with Podman to begin using Podman.

Install podman on Ubuntu

The default Ubuntu cloud image size will not allow for the following exercise to be done without increasing its capacity. Be sure to add at least 5GB to the image. Instructions to do this are outside the scope of this tutorial. For this tutorial, the Ubuntu artful-server-cloudimg image was used.

Installing build and runtime dependencies

Installing base packages

sudo apt-get update
sudo apt-get install libdevmapper-dev libglib2.0-dev libgpgme11-dev golang libseccomp-dev libostree-dev \
                        go-md2man libprotobuf-dev libprotobuf-c0-dev libseccomp-dev python3-setuptools

Building and installing conmon

First, configure a GOPATH (if you are using go1.8 or later, this defaults to ~/go), then clone and make libpod.

export GOPATH=~/go
mkdir -p $GOPATH
git clone https://github.com/kubernetes-sigs/cri-o $GOPATH/src/github.com/kubernetes-sigs/cri-o
cd $GOPATH/src/github.com/kubernetes-sigs/cri-o
mkdir bin
make bin/conmon
sudo install -D -m 755 bin/conmon /usr/libexec/podman/conmon

Adding required configuration files

sudo mkdir -p /etc/containers
sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf
sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json

Installing CNI plugins

git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins
cd $GOPATH/src/github.com/containernetworking/plugins
./build_linux.sh
sudo mkdir -p /usr/libexec/cni
sudo cp bin/* /usr/libexec/cni

Installing CNI config

Add a most basic network config

mkdir -p /etc/cni/net.d
curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | tee /etc/cni/net.d/99-loopback.conf

Installing runc

git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
cd $GOPATH/src/github.com/opencontainers/runc
make BUILDTAGS="seccomp"
sudo cp runc /usr/bin/runc

Building and installing Podman

git clone https://github.com/containers/libpod/ $GOPATH/src/github.com/containers/libpod
cd $GOPATH/src/github.com/containers/libpod
make
sudo make install PREFIX=/usr

Familiarizing yourself with Podman

Running a sample container

This sample container will run a very basic httpd server that serves only its index page.

podman run -dt -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
                  -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
                  -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
                  registry.fedoraproject.org/f27/httpd /usr/bin/run-httpd

Because the container is being run in detached mode, represented by the -d in the podman run command, podman will print the container ID after it has run.

Listing running containers

The Podman ps command is used to list creating and running containers.

podman ps

Note: If you add -a to the ps command, Podman will show all containers.

Inspecting a running container

You can "inspect" a running container for metadata and details about itself. We can even use the inspect subcommand to see what IP address was assigned to the container.

$ sudo podman inspect -l | grep IPAddress\":
        "IPAddress": "10.88.6.140",

Note: The -l is a convenience argument for latest container. You can also use the container's ID instead of -l.

Testing the httpd server

Now that we have the IP address of the container, we can test the network communication between the host operating system and the container using curl. The following command should display the index page of our containerized httpd server.

curl http://<IP_address>:8080

Viewing the container's logs

You can view the container's logs with Podman as well:

$ sudo podman logs --latest
10.88.0.1 - - [07/Feb/2018:15:22:11 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.55.1" "-"
10.88.0.1 - - [07/Feb/2018:15:22:30 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.55.1" "-"
10.88.0.1 - - [07/Feb/2018:15:22:30 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.55.1" "-"
10.88.0.1 - - [07/Feb/2018:15:22:31 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.55.1" "-"
10.88.0.1 - - [07/Feb/2018:15:22:31 +0000] "GET / HTTP/1.1" 200 612 "-" "curl/7.55.1" "-"

Viewing the container's pids

And you can observe the httpd pid in the container with top.

$ sudo podman top <container_id>
  UID   PID  PPID  C STIME TTY          TIME CMD
    0 31873 31863  0 09:21 ?        00:00:00 nginx: master process nginx -g daemon off;
  101 31889 31873  0 09:21 ?        00:00:00 nginx: worker process

Checkpointing the container

Checkpointing a container stops the container while writing the state of all processes in the container to disk. With this a container can later be restored and continue running at exactly the same point in time as the checkpoint. This capability requires CRIU 3.11 or later installed on the system. To checkpoint the container use:

sudo podman container checkpoint <container_id>

Restoring the container

Restoring a container is only possible for a previously checkpointed container. The restored container will continue to run at exactly the same point in time it was checkpointed. To restore the container use:

sudo podman container restore <container_id>

After being restored, the container will answer requests again as it did before checkpointing.

curl http://<IP_address>:8080

Stopping the container

To stop the httpd container:

sudo podman stop --latest

You can also check the status of one or more containers using the ps subcommand. In this case, we should use the -a argument to list all containers.

sudo podman ps -a

Removing the container

To remove the httpd container:

sudo podman rm --latest

You can verify the deletion of the container by running podman ps -a.

Integration Tests

For more information on how to setup and run the integration tests in your environment, checkout the Integration Tests README.md

More information

For more information on Podman and its subcommands, checkout the asciiart demos on the README.md page.

Reference in New Issue View Git Blame Copy Permalink