Podman boots up the container automatically and compares it with Docker

Podman boots up the container automatically and compares it with Docker

1. Introduction to podman

Podman was previously part of the CRI-O project, and was later separated into an independent project, libpod. Libpod is a tool and library for creating container pods. Podman is a daemonless container engine that runs as a root user or in rootless mode. In short, podman provides a docker-CLI command line to manage containers.

2. Advantages compared to Docker

Docker disadvantage 1:

As we all know, Docker's daemon occupies almost 100% of CPU resources on multiple cores, using a C/S model.

Podman advantage 1:

Podman does not require a daemon process or a root permission group, and uses the user namespace to simulate root operation in the container, adopting the fork/exec model.

The fork/exec model has the following advantages over the C/S model:

  • System administrators know who started a container
  • Use cgroup to restrict podman, and the corresponding created containers will also be restricted
  • The generation of systemd unit files can manage the startup and shutdown of tasks
  • Socket activation, send the socket from systemd to the podman container for use

3. Compatibility

Most of the functions of docker are compatible with podman, and aliases can also be used to write docker commands.

4. Priority of background service unit files

/usr/lib/systemd/user : The lowest priority, will be overwritten by the unit with the same name with a higher priority ~/.local/share/systemd/user

/etc/systemd/user : Globally shared user-level unit[s]

~/.config/systemd/user : highest priority

5. Basic operations of podman

Install

#Default centos source [root@slave02 ~]# yum -y module install container-tools #Container tool based on module [root@slave02 ~]# yum -y install podman-docker #Install docker compatible package (optional)

Version

[root@slave02 ~]# podman -v
podman version 3.3.0-dev

storehouse

Official repository: registry.access.redhat.com

Third-party repository: docker.io

Private repository: registry.lab.example.com

Command Help

[root@slave02 ~]# podman help|head -15
Manage pods, containers and images
Usage:
  podman [options] [command]
Available Commands:
  Attach Attach to a running container
  auto-update Auto update containers according to their auto-update policy
  build Build an image using instructions from Containerfiles
  commit Create new image based on the changed container #Create a new container based on the modified container container Manage containers
  cp Copy files/folders between a container and the local filesystem
  create Create but do not start a container
  diff Display the changes to the object's file system
  events Show podman events
....

Image Accelerator

Modify the configuration file: /etc/containers/registries.conf

Note: It cannot contain httpds//:url format

[root@slave02 ~]# cp /etc/containers/registries.conf /backup/registries.conf.back #Back up [root@slave02 ~]# vim /etc/containers/registries.conf
unqualified-search-registries = ["docker.io"] # Unqualified search registry [[registry]]
prefix = "docker.io"
location = "x" #x is the Ali acceleration mirror address

Pull the image

[root@slave02 ~]# podman pull nginx

6. Run a web container

Start a web container in the background and access the container content

#Prepare html page content[root@192 ~]# cat /opt/webhtml/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition
#Run a daemon web container process and map the contents of the /opt/webhtml directory to the container's /usr/share/nginx/html where web pages are stored [root@192 ~]# podman run -d --name web -p 8888:80 -v /opt/webhtml:/usr/share/nginx/html nginx
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c
[root@podman ~]# curl 192.168.136.129:8888
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition
#Container IP
[root@podman ~]# podman inspect web|grep IPAddress
"IPAddress": "10.88.0.6",
"IPAddress": "10.88.0.6",
#Host machine's ip
[root@podman ~]# ip r
192.168.136.0/24 dev ens33 proto kernel scope link src 192.168.136.129 metric 100 
#Since port binding is performed, you can directly access it by curl 192.168.136.129:8888

Enter the backend web container and check the service status

[root@podman ~]# podman exec -it web bash
root@3528e6d5148b:/# service nginx status
[ ok ] nginx is running. #Running

Modify container service content

#Modify the host machine /opt/webhtml/index.html [root@podman ~]# cat /opt/webhtml/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS
RHCE RHCA
#Access [root@podman ~]# curl 192.168.136.129:8888
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS 
RHCE RHCA
#Enter the container to check whether the content has been modified [root@podman ~]# podman exec -it web bash
root@3528e6d5148b:/# cat /usr/share/nginx/html/index.html 
Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS 
RHCE RHCA

Pausing and deleting containers

#Pause [root@podman ~]# podman stop web
web
[root@podman ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3528e6d5148b docker.io/library/nginx:latest nginx -g daemon o... 25 minutes ago Exited (0) 16 seconds ago 0.0.0.0:8888->80/tcp web
#delete [root@podman ~]# podman rm web
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c
#Or forcefully delete the running container [root@podman ~]# podman rm -f web
3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c

7. Web container settings start automatically

Running a web container in the background

[root@podman ~]# podman run --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx
910db3ab6bd1ef18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a

Based on the web container, in the /etc/systemd/system with normal priority

Create a .service unit file

[root@192 ~]# cd /etc/systemd/system/
[root@podman user]# podman generate systemd --
--container-prefix (Systemd unit name prefix for containers)
--files {generate .service files instead of printing to standard output}
--format (Print the created units in specified format (json)) #Print unit files in the specified format --name (Use container/pod names instead of IDs) #Create a new container instead of using an existing container --new (Create a new container instead of starting an existing one) # (Skip header generation)
--no-header (Skip header generation)
--pod-prefix (Systemd unit name prefix for pods)
--restart-policy (Systemd restart-policy)
--separator (Systemd unit name separator between name/id and prefix)
--time (Stop timeout override)
[root@192 system]# podman generate systemd --name web --files --new
/etc/systemd/system/container-web.service

View the generated unit file

[root@192 system]# cat container-web.service 
# container-web.service
# autogenerated by Podman 3.3.0-dev # Tue Aug 17 13:03:13 CST 2021 # Tuesday, August 17 13:03:13 CST 2021                                                            
[Unit] #Unit Description=Podman container-web.service #Description Documentation=man:podman-generate-systemd(1) #Help and generated system Wants=network-online.target #Network After=network-online.target
RequiresMountsFor=%t/containers # Skip the previous one if it is not important [Service]
Environment=PODMAN_SYSTEMD_UNIT=%n                   
Restart=on-failure #Restart on failure TimeoutStopSec=70 #Timeout ExecStart=/usr/bin/podman run --sdnotify=conmon --cgroups=no-conmon --rm --replace --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx #Execution starts with /usr/bin/podman running the container just created Type=notify
NotifyAccess=all
[Install]
WantedBy=multi-user.target default.target

Delete the container just now

[root@podman ~]# podman rm web
910db3ab6bd1ef18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a
[root@podman ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES

Set up automatic startup

[root@192 ~]# systemctl daemon-reload 
[root@192 ~]# systemctl enable --now container-web.service 
Created symlink /etc/systemd/system/multi-user.target.wants/container-web.service → /etc/systemd/system/container-web.service.
Created symlink /etc/systemd/system/default.target.wants/container-web.service → /etc/systemd/system/container-web.service.
[root@192 user]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b0c7709cb00e docker.io/library/nginx:latest nginx -g daemon o... 15 seconds ago Up 16 seconds ago 0.0.0.0:8080->80/tcp web

Setting up a container in rootless mode is similar to the above method.

Use the systemctl command with --user

#You need to run the loginctl enable-linger command to enable the user service to start automatically when the server starts [containers@serverb ~]$ loginctl enable-linger

The above is the detailed content of the implementation process of Podman booting and self-starting containers. For more information about Podman booting and self-starting containers, please pay attention to other related articles on 123WORDPRESS.COM!

You may also be interested in:
  • Will the deprecated Docker be replaced by Podman?
  • Specific use of the podman container tool

<<:  The experience gained from comparing and analyzing the homepages of domestic social networking websites is shared with everyone (picture)

>>:  MySQL permissions and database design case study

Recommend

VMware implements the detailed process of PXE+kickstart unattended installation of Centos7 system

Table of contents PXE implements unattended batch...

How to query the minimum available id value in the Mysql table

Today, when I was looking at the laboratory proje...

AsyncHooks asynchronous life cycle in Node8

Async Hooks is a new feature of Node8. It provide...

7 ways to vertically center elements with CSS

【1】Know the width and height of the centered elem...

How to solve the problem of case insensitivity in MySQL queries

question Recently, when I was completing a practi...

Solution to MySQL restarting automatically

Preface Recently, a problem occurred in the test ...

Detailed explanation of the most reasonable way to partition the hard disk when installing Ubuntu Linux system

No matter you are installing Windows or Linux ope...

React native ScrollView pull down refresh effect

This article shares the specific code of the pull...

Writing a web calculator using javascript

This article mainly records the effect of using j...

How to distinguish MySQL's innodb_flush_log_at_trx_commit and sync_binlog

The two parameters innodb_flush_log_at_trx_commit...

A Deep Understanding of Angle Brackets in Bash (For Beginners)

Preface Bash has many important built-in commands...

Vue implements an example of pulling down and scrolling to load data

Table of contents Step 1: Installation Step 2: Ci...

Vue3 slot usage summary

Table of contents 1. Introduction to v-slot 2. An...

Perfectly install Mac OS10.14 under Win10 VM virtual machine (graphic tutorial)

I recently watched Apple's press conference a...

WeChat applet canvas implements signature function

In the WeChat applet project, the development mod...