回到軟體工程分享頁面

此網站目的是希望透過大家在這邊可以找到需要的資料及工具,也歡迎大家一同加入共同筆記團隊,一同分享各式各項的資訊或工具,立刻申請加入HackMD團隊吧!!!

另外也建立Discord群組

,歡迎大家加入
Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Podman

https://podman.io

Apache License 2.0

Podman on Windows

Install with executable file

Document: https://github.com/containers/podman/blob/main/docs/tutorials/podman-for-windows.md

Install with Chocolatey

透過Chocolatey套件管理進行安裝,開啟Administrator權限的PowerShell,執行以下指令

> choco install podman-cli

Initial VM(Podman Machine)

Podman安裝完成後開啟PowerShell,直接在預設路徑(C:\Users\User)
執行以下指令,進行Podman Machine的初始化

PS > podman machine init
Downloading VM image: fedora-podman-amd64-v37.0.49.tar.xz: done
Extracting compressed file
Importing operating system into WSL (this may take a few minutes on a new WSL install)...
正在匯入,這可能需要幾分鐘的時間。
操作順利完成。
Configuring system...
Generating public/private ed25519 key pair.
Your identification has been saved in podman-machine-default
Your public key has been saved in podman-machine-default.pub
Machine init complete
To start your machine run:

        podman machine start

Starting Machine

完成初始化後,執行以下指令啟動Podman Machine

PS > podman machine start
Starting machine "podman-machine-default"

This machine is currently configured in rootless mode.***If your containers
require root permissions (e.g. ports < 1024)***, or if you run into compatibility
issues with non-podman clients, you can switch using the following command:

        podman machine set --rootful

API forwarding listening on: npipe:////./pipe/docker_engine

Docker API clients default to this address. You do not need to set DOCKER_HOST.
Machine "podman-machine-default" started successfully

Podman on MacOS

Install

$ brew install podman

Start Podman VM

$ podman machine init Extracting compressed file Image resized. Machine init complete To start your machine run: podman machine start $ podman machine start Starting machine "podman-machine-default" Waiting for VM ... Mounting volume... /Users:/Users Mounting volume... /private:/private Mounting volume... /var/folders:/var/folders This machine is currently configured in rootless mode. If your containers require root permissions (e.g. ports < 1024), or if you run into compatibility issues with non-podman clients, you can switch using the following command: podman machine set --rootful API forwarding listening on: /Users/stan/.local/share/containers/podman/machine/qemu/podman.sock The system helper service is not installed; the default Docker API socket address can not be used by podman. If you would like to install it run the following commands: sudo /usr/local/Cellar/podman/4.5.1/bin/podman-mac-helper install podman machine stop; podman machine start You can still connect Docker API clients by setting DOCKER_HOST using the following command in your terminal session: export DOCKER_HOST='unix:///Users/stan/.local/share/containers/podman/machine/qemu/podman.sock' Machine "podman-machine-default" started successfully

Stop Podman VM

$ podman machine stop
Machine "podman-machine-default" stopped successfully

Uninstall

$ brew uninstall podman

First Podman Command

接下來可以進行一個簡單的測試,執行以下指令

透過這個範例會運行一個基於UBI8 Micro Image的容器,並執行 date 命令,得到終端機回覆容器內的時間

$ podman run ubi8-micro date
Resolved "ubi8-micro" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull registry.access.redhat.com/ubi8-micro:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob sha256:07e0732da0346d7b04cccc63c31f85c8ed29becce6e84eccae660569cb568f4d
Copying config sha256:1de8feb0720bd6062160b7b0dd68593db13aa50614b9fcaf472d6c2d0856b5af
Writing manifest to image destination
Storing signatures
Thu Jul  6 06:18:58 UTC 2023

Command

$ podman login docker.io
Username: umohnani
Password:
Login Succeeded!

Stopping Container

$ podman stop <containerId>

Stopping Pod

$ podman pod stop <podId>

Stopping Machine

$ podman machine stop

Removing Container

$ podman rm <containerId or containerName>

Removing Pod

$ podman pod rm <podId or podName>

Removing Machine

$ podman machine rm <machineName>

Display container configuration

$ podman inspect <containerId>

Others

查詢所有Podman提供可用的指令

$ podman --help

查詢所有指令可用的參數

$ podman <command> --help

Trouble Shooting

Trouble Shooting with Podman


Download Nginx Image

在啟動Nginx之前,需要先將Nginx的映象檔下載到VM主機中,可以先執行以下指令

# 搜尋有nginx字眼的image
$ podman search nginx --filter=is-official
NAME                     DESCRIPTION
docker.io/library/nginx  Official build of Nginx.
docker.io/library/unit   Official build of NGINX Unit: Universal Web...

找到相關的映象檔,接著可以再執行指令下載映像檔

$ podman pull docker.io/library/nginx
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob sha256:f46d7b05649a846d7e24418b6ecea3b1efbdac88d361631e849e9c41917ba776
Copying blob sha256:76579e9ed380849b4d22696f292770963b5ea917a45ef77336a1a0a782b410b5
Copying blob sha256:faef57eae888cbe4a5613eca6741b5e48d768b83f6088858aee9a5a2834f8151
Copying blob sha256:cf707e2339551222cafe3bf835fddfb859f26bf59058b3487de2b7659309b6b7
Copying blob sha256:4b962717ba558b7dfabe88c40e20ac86844b132015b66002deac49010cc96be1
Copying blob sha256:91bb7937700d7d3496cf43cb0012e5f818064fecb766bd01041db23c127ab219
Copying blob sha256:103501419a0aecf94398ffcc7404f22931d9b89bbb6021391c2cd4a286f37ca9
Copying config sha256:021283c8eb95be02b23db0de7f609d603553c6714785e7a673c6594a624ffbda
Writing manifest to image destination
Storing signatures

Starting Nginx

啟動方式有兩種,分別如下

  1. 直接啟動Container
  2. 先建立Pod,再啟動Container到Pod內

TODO 待補充Pod與Container關係

Creating Pod

執行以下指令建立一個Pod

$ podman pod create --name nginxapp -p 8080:80
參數說明
--name nginxapp:設定Pod的名稱為"nginxapp"
-p 8080:80:設定端口轉發,將主機的8080端口映射到Pod內的80端口,這樣可以通過主機的8080端口訪問Pod內的應用

完成後可以執行以下指令,查詢剛建立名稱為nginxapp的Pod

# 以下指令與podman pod ls相同
$ podman pod ps
POD ID        NAME        STATUS      CREATED        INFRA ID      # OF CONTAINERS
5beb433d10fa  nginxapp    Created     9 seconds ago  21950aaa7dcd  1

Creating Container

若是直接啟動Container的話,請跳至直接建立並啟動Container章節;若是已有執行Creating Pod,則接下來要在nginxapp這個Pod中建立並啟動新的Container,請跳至已建立Pod後,啟動Container章節

直接建立並啟動Container

執行以下指令

$ podman run --name nginx-server -d nginx:latest
參數說明
--name:設定Container的名稱為"nginx-server"
-d:以分離模式運行容器,即容器在後台運行。
nginx:latest:指定要運行的容器映像,這裡使用的是nginx映像的最新版本

已建立Pod後,啟動Container

執行以下指令

$ podman run --pod nginxapp --name nginx-server -d nginx:latest
參數說明
--pod:將Container加到指定的Pod之中
--name:設定Container的名稱為"nginx-server"
-d:以分離模式運行容器,即容器在後台運行。
nginx:latest:指定要運行的容器映像,這裡使用的是nginx映像的最新版本

Check instance if its running

成功啟動Container後,執行以下指令,也可以直接開啟瀏覽器連上 http://localhost:8080 ,將會顯示Nginx預設網頁

$ podman ps
CONTAINER ID  IMAGE                                    COMMAND               CREATED         STATUS         PORTS               NAMES
e1c57fad24ce  localhost/podman-pause:4.5.0-1681486976                        About a minute ago  Up 7 seconds  0.0.0.0:8080->80/tcp  8e782f9df27b-infra
263bf9405062  docker.io/library/nginx:latest           nginx -g daemon o...  7 seconds ago       Up 7 seconds  0.0.0.0:8080->80/tcp  nginx-server

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

Adding Custom HTML file to be uploaded to Nginx

想要把靜態網頁加入容器中,有兩種方法:

  1. 透過Podman手動複製檔案
  2. 設定volume掛載到Container

在此之前需要先確認兩點,分別為

  1. Nginx預設網頁路徑

透過指令進入Nginx容器,確認Nginx預設的網頁資料夾路徑在/usr/share/nginx/html

$ podman exec -it nginx-server bash
root@nginxapp:/# ls usr/share/nginx/html -lh
total 8.0K
-rw-r--r-- 1 root root 497 Jun 13 15:08 50x.html
-rw-r--r-- 1 root root 615 Jun 13 15:08 index.html
  1. 在Podman VM主機中靜態網頁的檔案路徑

PPodman VM(Podman Machine)在啟動時,會將硬碟掛載到根目錄底下的mnt之中,我們可以透過指令連進VM主機確認

$ podman machine ssh
Connecting to vm podman-machine-default. To close connection, use `~.` or `exit`
Warning: Permanently added '[localhost]:2549' (ECDSA) to the list of known hosts.
Last login: Fri Jul  7 15:22:15 2023 from 127.0.0.1
### 執行下面指令
[user@COMPUTERNAME ~]$ ls /mnt -lh
total 0
drwxrwxrwx 1 user user 4.0K Jul  3 15:58 c
drwxrwxrwt 2 root root   60 Jul  6 14:01 wsl
drwxrwxrwt 7 root root  300 Jul  6 14:02 wslg 

透過Podman手動複製檔案

接下來我們就可以透過指令把檔案複製到Container之中

注意!目前仍在VM主機中

[user@COMPUTERNAME ~]$ podman cp /mnt/c/<檔案路徑>/<檔案名稱>.html <ContainerId>:usr/share/nginx/html 

完成後再次開啟瀏覽器連上 http://localhost:8080/<檔案名稱>.html ,即可載入客製的靜態頁面

Image Not Showing Possible Reasons
  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted
Learn More →

設定volume掛載到Container

範例以本機資料夾: D:\container\html掛載至Container內

PS > podman run -d -v d:/container/html:/usr/share/nginx/html -p 8080:80 --name nginx nginx

由於Windows GitBash會轉換路徑,導致無法找到對應的檔案或資料夾,所以請使用PowerShell來執行

疑問

設定Port Forwarding低於1024,如主機Port 80映射至Container Port 80

$ podman pod create --name nginxapp -p 80:80
$ podman run --pod nginxapp --name nginx-server -d nginx:latest
Error: starting some containers: internal libpod error

若跳出上面的錯誤訊息,根據啟動VM時的系統訊息

This machine is currently configured in rootless mode. If your containers
require root permissions ****(e.g. ports < 1024)
, or if you run into compatibility
issues with non-podman clients, you can switch using the following command:
podman machine set rootful

原因為使用port低於1024時,必須將權限設為root,否則在啟動Container時將會發生錯誤

$ podman machine set --rootful

執行以上指令後,請重新建立Pod及Container,即可用 http://localhost:80 連到網站