PS > podman machine init
Downloading VM image: fedora-podman-amd64-v37.0.49.tar.xz: done
Extracting compressed file
Importing operating system into WSL (this may take a few minutes on a new WSL install)...
正在匯入，這可能需要幾分鐘的時間。
操作順利完成。
Configuring system...
Generating public/private ed25519 key pair.
Your identification has been saved in podman-machine-default
Your public key has been saved in podman-machine-default.pub
Machine init complete
To start your machine run:

        podman machine start

Starting Machine

完成初始化後，執行以下指令啟動Podman Machine

PS > podman machine start
Starting machine "podman-machine-default"

This machine is currently configured in rootless mode.***If your containers
require root permissions (e.g. ports < 1024)***, or if you run into compatibility
issues with non-podman clients, you can switch using the following command:

        podman machine set --rootful

API forwarding listening on: npipe:////./pipe/docker_engine

Docker API clients default to this address. You do not need to set DOCKER_HOST.
Machine "podman-machine-default" started successfully

Podman on MacOS

Install


$ brew install podman

Start Podman VM




































$ podman machine init
Extracting compressed file
Image resized.
Machine init complete
To start your machine run:

	podman machine start

$ podman machine start
Starting machine "podman-machine-default"
Waiting for VM ...
Mounting volume... /Users:/Users
Mounting volume... /private:/private
Mounting volume... /var/folders:/var/folders

This machine is currently configured in rootless mode. If your containers
require root permissions (e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command: 

	podman machine set --rootful

API forwarding listening on: /Users/stan/.local/share/containers/podman/machine/qemu/podman.sock

The system helper service is not installed; the default Docker API socket
address can not be used by podman. If you would like to install it run the
following commands:

	sudo /usr/local/Cellar/podman/4.5.1/bin/podman-mac-helper install
	podman machine stop; podman machine start

You can still connect Docker API clients by setting DOCKER_HOST using the
following command in your terminal session:

	export DOCKER_HOST='unix:///Users/stan/.local/share/containers/podman/machine/qemu/podman.sock'

Machine "podman-machine-default" started successfully

Stop Podman VM

$ podman machine stop
Machine "podman-machine-default" stopped successfully

Uninstall


$ brew uninstall podman

First Podman Command

接下來可以進行一個簡單的測試，執行以下指令

透過這個範例會運行一個基於UBI8 Micro Image的容器，並執行 date 命令，得到終端機回覆容器內的時間

$ podman run ubi8-micro date
Resolved "ubi8-micro" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull registry.access.redhat.com/ubi8-micro:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob sha256:07e0732da0346d7b04cccc63c31f85c8ed29becce6e84eccae660569cb568f4d
Copying config sha256:1de8feb0720bd6062160b7b0dd68593db13aa50614b9fcaf472d6c2d0856b5af
Writing manifest to image destination
Storing signatures
Thu Jul  6 06:18:58 UTC 2023

Command

$ podman login docker.io
Username: umohnani
Password:
Login Succeeded!

Stopping Container

$ podman stop <containerId>

Stopping Pod

$ podman pod stop <podId>

Stopping Machine

$ podman machine stop

Removing Container

$ podman rm <containerId or containerName>

Removing Pod

$ podman pod rm <podId or podName>

Removing Machine

$ podman machine rm <machineName>

Display container configuration

$ podman inspect <containerId>

Others

查詢所有Podman提供可用的指令

$ podman --help

查詢所有指令可用的參數

$ podman <command> --help

Trouble Shooting

Trouble Shooting with Podman

Download Nginx Image

在啟動Nginx之前，需要先將Nginx的映象檔下載到VM主機中，可以先執行以下指令

# 搜尋有nginx字眼的image
$ podman search nginx --filter=is-official
NAME                     DESCRIPTION
docker.io/library/nginx  Official build of Nginx.
docker.io/library/unit   Official build of NGINX Unit: Universal Web...

找到相關的映象檔，接著可以再執行指令下載映像檔

$ podman pull docker.io/library/nginx
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob sha256:f46d7b05649a846d7e24418b6ecea3b1efbdac88d361631e849e9c41917ba776
Copying blob sha256:76579e9ed380849b4d22696f292770963b5ea917a45ef77336a1a0a782b410b5
Copying blob sha256:faef57eae888cbe4a5613eca6741b5e48d768b83f6088858aee9a5a2834f8151
Copying blob sha256:cf707e2339551222cafe3bf835fddfb859f26bf59058b3487de2b7659309b6b7
Copying blob sha256:4b962717ba558b7dfabe88c40e20ac86844b132015b66002deac49010cc96be1
Copying blob sha256:91bb7937700d7d3496cf43cb0012e5f818064fecb766bd01041db23c127ab219
Copying blob sha256:103501419a0aecf94398ffcc7404f22931d9b89bbb6021391c2cd4a286f37ca9
Copying config sha256:021283c8eb95be02b23db0de7f609d603553c6714785e7a673c6594a624ffbda
Writing manifest to image destination
Storing signatures

Starting Nginx

啟動方式有兩種，分別如下

直接啟動Container
先建立Pod，再啟動Container到Pod內

TODO 待補充Pod與Container關係

Creating Pod

執行以下指令建立一個Pod

$ podman pod create --name nginxapp -p 8080:80

參數說明: --name nginxapp：設定Pod的名稱為"nginxapp"; -p 8080:80：設定端口轉發，將主機的8080端口映射到Pod內的80端口，這樣可以通過主機的8080端口訪問Pod內的應用

完成後可以執行以下指令，查詢剛建立名稱為nginxapp的Pod

# 以下指令與podman pod ls相同
$ podman pod ps
POD ID        NAME        STATUS      CREATED        INFRA ID      # OF CONTAINERS
5beb433d10fa  nginxapp    Created     9 seconds ago  21950aaa7dcd  1

Creating Container

若是直接啟動Container的話，請跳至直接建立並啟動Container章節；若是已有執行Creating Pod，則接下來要在nginxapp這個Pod中建立並啟動新的Container，請跳至已建立Pod後，啟動Container章節

直接建立並啟動Container

執行以下指令

$ podman run --name nginx-server -d nginx:latest

參數說明: --name：設定Container的名稱為"nginx-server"; -d：以分離模式運行容器，即容器在後台運行。; nginx:latest：指定要運行的容器映像，這裡使用的是nginx映像的最新版本

已建立Pod後，啟動Container

執行以下指令

$ podman run --pod nginxapp --name nginx-server -d nginx:latest

參數說明: --pod：將Container加到指定的Pod之中; --name：設定Container的名稱為"nginx-server"; -d：以分離模式運行容器，即容器在後台運行。; nginx:latest：指定要運行的容器映像，這裡使用的是nginx映像的最新版本

Check instance if its running

成功啟動Container後，執行以下指令，也可以直接開啟瀏覽器連上 http://localhost:8080 ，將會顯示Nginx預設網頁

$ podman ps
CONTAINER ID  IMAGE                                    COMMAND               CREATED         STATUS         PORTS               NAMES
e1c57fad24ce  localhost/podman-pause:4.5.0-1681486976                        About a minute ago  Up 7 seconds  0.0.0.0:8080->80/tcp  8e782f9df27b-infra
263bf9405062  docker.io/library/nginx:latest           nginx -g daemon o...  7 seconds ago       Up 7 seconds  0.0.0.0:8080->80/tcp  nginx-server

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

Adding Custom HTML file to be uploaded to Nginx

想要把靜態網頁加入容器中，有兩種方法:

透過Podman手動複製檔案
設定volume掛載到Container

在此之前需要先確認兩點，分別為

Nginx預設網頁路徑

透過指令進入Nginx容器，確認Nginx預設的網頁資料夾路徑在/usr/share/nginx/html
$ podman exec -it nginx-server bash
root@nginxapp:/# ls usr/share/nginx/html -lh
total 8.0K
-rw-r--r-- 1 root root 497 Jun 13 15:08 50x.html
-rw-r--r-- 1 root root 615 Jun 13 15:08 index.html

在Podman VM主機中靜態網頁的檔案路徑

PPodman VM(Podman Machine)在啟動時，會將硬碟掛載到根目錄底下的mnt之中，我們可以透過指令連進VM主機確認

$ podman machine ssh
Connecting to vm podman-machine-default. To close connection, use `~.` or `exit`
Warning: Permanently added '[localhost]:2549' (ECDSA) to the list of known hosts.
Last login: Fri Jul  7 15:22:15 2023 from 127.0.0.1
### 執行下面指令
[user@COMPUTERNAME ~]$ ls /mnt -lh
total 0
drwxrwxrwx 1 user user 4.0K Jul  3 15:58 c
drwxrwxrwt 2 root root   60 Jul  6 14:01 wsl
drwxrwxrwt 7 root root  300 Jul  6 14:02 wslg

透過Podman手動複製檔案

接下來我們就可以透過指令把檔案複製到Container之中

注意!目前仍在VM主機中

[user@COMPUTERNAME ~]$ podman cp /mnt/c/<檔案路徑>/<檔案名稱>.html <ContainerId>:usr/share/nginx/html

完成後再次開啟瀏覽器連上 http://localhost:8080/<檔案名稱>.html ，即可載入客製的靜態頁面

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

設定volume掛載到Container

範例以本機資料夾: D:\container\html掛載至Container內

PS > podman run -d -v d:/container/html:/usr/share/nginx/html -p 8080:80 --name nginx nginx

由於Windows GitBash會轉換路徑，導致無法找到對應的檔案或資料夾，所以請使用PowerShell來執行

疑問

設定Port Forwarding低於1024，如主機Port 80映射至Container Port 80

$ podman pod create --name nginxapp -p 80:80

$ podman run --pod nginxapp --name nginx-server -d nginx:latest
Error: starting some containers: internal libpod error

若跳出上面的錯誤訊息，根據啟動VM時的系統訊息

This machine is currently configured in rootless mode. If your containers
require root permissions ****(e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command:
podman machine set –rootful

原因為使用port低於1024時，必須將權限設為root，否則在啟動Container時將會發生錯誤

$ podman machine set --rootful

執行以上指令後，請重新建立Pod及Container，即可用 http://localhost:80 連到網站

Podman

Podman on Windows

Install with executable file

Install with Chocolatey

Initial VM(Podman Machine)