1.Podman基础
1、什么是Podman?
Podman是一种开源的Linux原生工具,旨在根据开放容器倡议(Open Container Initiative,OCI)标准
开发、管理和运行容器和Pod。Podman是RedHat开发的一个用户友好的容器调度器,是RedHat 8和
CentOS 8中默认的容器引擎。
它是一款集合了命令集的工具,设计初衷是为了处理容器化进程的不同任务,可以作为一个模块化框架
工作。它的工具集包括:
- Podman:Pod和容器镜像管理器
- Buildah:容器镜像生成器
- Skopeo:容器镜像检查管理器
- Runc:容器运行器和特性构建器,并传递给Podman和Buildah
- Crun:可选运行时,为Rootless容器提供更大的灵活性、控制和安全性
2、Podman和Docker的区别
- docker需要使用root用户来创建容器,但是podman不需要 ,这点很友好
- docker启动的容器支持 --restart 策略,但是 podman不支持,如果在k8s中就不存在这个问题,可以设置pod的重启策略,在系统中我们可以采用编写systemd服务来完成自启动
- 启动容器的方式不同:
docker 需要在我们的系统上运行一个守护进程(docker daemon),而 podman 不需要
- docker cli 命令通过API跟 Docker Engine(引擎)交互告诉它我想创建一个container(容器),
然后docker Engine才会调用OCI container runtime(runc)来启动一个container。这代表
container的process(进程)不会是Docker CLI的child process(子进程),而是Docker
Engine(引擎)的child process(子进程)。 - Podman是直接给OCI containner runtime(runc)进行交互来创建容器的,所以
container(容器) process(进程)直接是podman的child process(子进程)。
图中所体现的事情是,podman不需要守护进程,而dorker需要守护进程。在这个图的示意中,
dorcker的containerd-shim与podman的common被归在Container一层。
##Podman的使用
3.Podman的安装
安装yum仓库
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS-Base.repo
[root@localhost yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2495 100 2495 0 0 3904 0 --:--:-- --:--:-- --:--:-- 3898
[root@localhost yum.repos.d]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
安装podman
[root@localhost ~]# yum -y install podman
[root@localhost ~]# podman version
Version: 3.3.1
API Version: 3.3.1
Go Version: go1.16.7
Built: Wed Nov 10 05:23:56 2021
OS/Arch: linux/amd64
配置加速器
这里使用的是阿里云加速器,获取方法见Docker基础用法
备份配置文件
[root@localhost ~]# cd /etc/containers/
[root@localhost containers]# ls
certs.d oci policy.json registries.conf registries.conf.d registries.d storage.conf
[root@localhost containers]# mv registries.conf registries.conf.backups
新建一个空的registries.conf文件,并进行配置
[root@localhost containers]# vim registries.conf
unqualified-search-registries = ["docker.io"]
[[registry]]
prefix = ""
location= "78r4hj7b.mirror.aliyuncs.com"
4.Podman常用命令
镜像
podman search #查找镜像
[root@localhost ~]# podman search httpd
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/library/httpd The Apache HTTP Server Project 4116 [OK]
docker.io docker.io/clearlinux/httpd httpd HyperText Transfer Protocol (HTTP) ser... 2
docker.io docker.io/centos/httpd-24-centos7 Platform for running Apache httpd 2.4 or bui... 44
docker.io docker.io/manageiq/httpd Container with httpd, built on CentOS for Ma... 1 [OK]
docker.io docker.io/centos/httpd-24-centos8 1
docker.io docker.io/dockerpinata/httpd
......
podman pull #获取镜像
[root@localhost ~]# podman pull busybox
Resolved "busybox" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/busybox:latest...
Getting image source signatures
Copying blob 50783e0dfb64 done
Copying config 7a80323521 done
Writing manifest to image destination
Storing signatures
7a80323521ccd4c2b4b423fa6e38e5cea156600f40cd855e464cc52a321a24dd
podman images #列出镜像
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
podman rmi #删除镜像
[root@localhost ~]# podman rmi busybox
Untagged: docker.io/library/busybox:latest
Deleted: 7a80323521ccd4c2b4b423fa6e38e5cea156600f40cd855e464cc52a321a24dd
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
podman inspect 获取镜像的详细信息
[root@localhost ~]# docker inspect 镜像名:标签
.....
podman tag 添加镜像别名,类似于别名
[root@localhost ~]# docker tag 镜像名:标签 新镜像名:新标签```
[root@localhost ~]# podman tag busybox:latest lxy:v1
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
localhost/lxy v1 7a80323521cc 2 weeks ago 1.47 MB
podman save #导出镜像
[root@localhost ~]# podman save > busybox.tar busybox
[root@localhost ~]# ls
anaconda-ks.cfg busybox.tar
podman load #导入镜像
[root@localhost ~]# podman load < busybox.tar
Getting image source signatures
Copying blob 084326605ab6 skipped: already exists
Copying config 7a80323521 done
Writing manifest to image destination
Storing signatures
Loaded image(s): docker.io/library/busybox:latest
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
- 容器
podman run #创建并启动容器
[root@localhost ~]# podman run -dit --name a1 httpd
6cd221e9b957318108adb350fb3fb5f9039546cba7f11281872e8cd0e444350d
podman create #创建容器
[root@localhost ~]# podman create httpd
podman ps # 查看容器
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6cd221e9b957 docker.io/lanmeishashou/httpd:v2 sh About a minute ago Up About a minute ago a1
podman start # 启动容器
[root@localhost ~]# podman start 6cd221
6cd221
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6cd221e9b957 docker.io/lanmeishashou/httpd:v2 sh 5 minutes ago Up 22 seconds ago a1
podman stop # 停止容器
[root@localhost ~]# podman stop a1
a1
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
podman restart # 重启容器
[root@localhost ~]# podman restart a1
6cd221e9b957318108adb350fb3fb5f9039546cba7f11281872e8cd0e444350d
podman rm # 删除容器
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6cd221e9b957 docker.io/lanmeishashou/httpd:v2 sh 13 minutes ago Up 5 minutes ago a1
[root@localhost ~]# podman rm -f a1
6cd221e9b957318108adb350fb3fb5f9039546cba7f11281872e8cd0e444350d
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
podman attach # 进入容器
[root@localhost ~]# podman attach a1
/ # ls
bin data dev etc home proc root run sys tmp usr var
podman exec # 进入容器
[root@localhost ~]# podman exec -it a2 /bin/sh
/ # ls
bin data dev etc home proc root run sys tmp usr var
podman export # 导出容器
[root@localhost ~]# podman export -o a1.tar a1
[root@localhost ~]# ls
a1.tar anaconda-ks.cfg busybox.tar
podman import # 导入容器快照
[root@localhost ~]# podman import a1.tar
Getting image source signatures
Copying blob b012d45ecfc6 done
Copying config 48b85c216c done
Writing manifest to image destination
Storing signatures
sha256:48b85c216c841d85365d263cf9fa02388e534db0bc1f6882f6f2adad6849cd65
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 48b85c216c84 About a minute ago 1.47 MB
docker.io/lanmeishashou/httpd v2 6b5cc1e1770f 6 days ago 1.47 MB
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
localhost/lxy v1 7a80323521cc 2 weeks ago 1.47 MB
###Podman镜像的拉取与推送
设置镜像别名,名称为lanmeishashou/runtime,版本为v2
[root@localhost ~]# podman tag docker.io/library/busybox:latest docker.io/lanmeibingsha/runtime:v2
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 48b85c216c84 7 minutes ago 1.47 MB
docker.io/lanmeishashou/httpd v2 6b5cc1e1770f 6 days ago 1.47 MB
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
localhost/lxy v1 7a80323521cc 2 weeks ago 1.47 MB
docker.io/lanmeibingsha/runtime v2 7a80323521cc 2 weeks ago 1.47 MB
登陆我们dockerhub账号
[root@localhost ~]# podman login
Username: lanmeishashou
Password:
Login Succeeded!
上传刚才修改的镜像
[root@localhost ~]# podman push docker.io/lanmeishashou/aa:v5
Getting image source signatures
Copying blob 084326605ab6 skipped: already exists
Copying config 7a80323521 done
Writing manifest to image destination
Storing signatures
从网上下载我们刚上传的镜像
[root@localhost ~]# podman pull lanmeishashou/aa:v5
Resolving "lanmeishashou/aa" using unqualified-search registries (/etc/containers/registries.conf)
Trying to pull docker.io/lanmeishashou/aa:v5...
Getting image source signatures
Copying blob 50783e0dfb64 [--------------------------------------] 0.0b / 0.0b
Copying config 7a80323521 done
Writing manifest to image destination
Storing signatures
7a80323521ccd4c2b4b423fa6e38e5cea156600f40cd855e464cc52a321a24dd
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 48b85c216c84 About an hour ago 1.47 MB
docker.io/lanmeishashou/httpd v2 6b5cc1e1770f 6 days ago 1.47 MB
docker.io/library/busybox latest 7a80323521cc 2 weeks ago 1.47 MB
localhost/lxy v1 7a80323521cc 2 weeks ago 1.47 MB
docker.io/lanmeibingsha/runtime v2 7a80323521cc 2 weeks ago 1.47 MB
docker.io/lanmeibingsha/hhh v8 7a80323521cc 2 weeks ago 1.47 MB
docker.io/lanmeishashou/aa v5 7a80323521cc 2 weeks ago 1.47 MB
版权声明:本文为m0_71618402原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。