Podman with Nginx

# Podman with Nginx ## ENV - OS Ubuntu 22.04.2 LTS - Nginx v1.25.3 - Podman v3.4.4 ## Install Podman on Ubuntu Reference: - https://podman.io/docs/installation ## Setup Podman registry from Docker.io ```bash sudo vim /etc/containers/registries.conf ``` #### registries.conf Settings ```bash # Registry from docker.io [[registry]] prefix="[docker.io](<http://docker.io/>)" location="internal.registry.mirror/docker" :wq! ``` ## Open port for non-root users Reference: - https://www.jianshu.com/p/b6e069297767 ```bash #临时 sysctl net.ipv4.ip_unprivileged_port_start=0 #或者 echo 0 >/proc/sys/net/ipv4/ip_unprivileged_port_start #永久 echo "net.ipv4.ip_unprivileged_port_start=0" >>/etc/sysctl.conf sysctl -p ``` ## Make volume folders ```bash cd ~ ~$ mkdir pmanserver ~$ cd pmanserver ~/pmanserver$ mkdir html ~/pmanserver$ mkdir conf ``` ## Install nginx with Podman ```bash podman run -d --name nginx --publish 443:443 --publish 80:80 --hostname 3.114.12.168 --volume ~/pmanserver/nginx/html:/usr/share/nginx/html --volume ~/pmanserver/nginx/conf:/etc/nginx/conf.d docker.io/library/nginx:latest ``` ## Generate System.service for OS Booting Format ```bash podman generate systemd <Container_Id> \ --files --restart-policy=always \ --new --name --time 60 ``` Procedure ```bash cd ~/pmanserver --- # actually is create a new container podman generate systemd nginx \ --files --restart-policy=always \ --new --name --time 60 --- sudo cp container-nginx.service /etc/systemd/system ``` ### Enable and Start service ```bash sudo systemctl enable --now container-nginx.service ``` ### Check service status ```bash sudo systemctl status container-nginx.service ``` ## **Finished!!!** --- # Other deploy method (其他佈署方式) ## Generate YAML from existed container Reference: - https://benjr.tw/103666 ```bash podman generate kube <container_name> -f <file_name>.yaml ``` ## Error rm pendding task container Reference: - https://github.com/containers/podman/issues/4478 ```bash podman pod ps --filter label=app=<your_app_name> -q | xargs podman pod rm -f podman play kube <file_name>.yaml ``` ## Fix k8s unknow problem Reference: - https://stackoverflow.com/questions/76814901/podman-play-kube-working-with-sudo-but-not-without ```bash podman pull k8s.gcr.io/pause:3.5 ``` ## Install by YAML ```bash podman play kube <file_name>.yaml ``` --- # Other Notes ## SSL Setting Reference: - https://blog.gtwang.org/linux/nginx-create-and-install-ssl-certificate-on-ubuntu-linux/ ## SFTP Setting Reference: - https://unix.stackexchange.com/questions/721606/ssh-server-gives-userauth-pubkey-key-type-ssh-rsa-not-in-pubkeyacceptedalgorit