Breadcrumb
Podman Environment Help
What podman is
Podman is a self-described daemonless container engine for developing and running OCI containers on you linux system. Builds a virtual version of a linux distro inside an SSD or HD.
Use cases
Podman is geared towards running non-native or incompatible software (different distributions Ubuntu/Debian) on CentOS systems. Podman is typically not used to run server type applications that require open ports and writing to log files (Apache web servers or databases).
Why use it
- Hackers can take advantage of VMs running older versions of Linux with known security vulnerabilities.
- Simplifies the consumption of applications – some legacy applications may not play nice with newer versions/ flavors of linux.
- Because it’s awesome AND open source; It has a great UI and simple to use API.
- You can combine this with buildah to make your own images.
Prerequisites
This tutorial assumes that you have podman io installed on your linux machine. The instructions for such a task can be found here: https://podman.io/getting-started/installation if not already done.
How to Use it:
Now that your motivated to learn, let’s start with a gentle introduction to the podman API.
Let’s check if there are any images installed –[user@localhost ~]$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE |
Well, we don't have any images to play with, so let's pull an image off a repository:[user@localhost ~] podman pull quay.io/roboxes/centos8
Check images again:[user@localhost ~] podman images
REPOSITORY TAG IMAGE ID CREATED SIZE quay.io/roboxes/centos8 latest uniqueID today 908 MB |
Now we will test our new environment. First, let’s look at something –[user@localhost ~] podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAME |
The table is empty because we haven’t created any containers yet. Let’s create one:[user@localhost ~] podman run quay.io/roboxes/centos8 /bin/bash
You should see a new prompt:[root@randomID ~]
While we are here let’s look at the redhat release version:[root@randomID ~] cat /etc/redhat-release
CentOS Linux release 8.2.2004 (Core) |
Let’s exit the container now:[root@randomID ~] exit
exit |
[user@localhost ~] cat /etc/redhat-release
__Release version of the operating system on your computer__ |
Finally, lets check the session history again:[user@localhost ~] podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAME Unique_id quay.io/roboxes/centos:latest /bin/bash how_long_ago Exited (0) long_ago. Random_name |
Summary
There you have it – you should now know how to pull an image, run and exit the container, check which images you have containerized, and check what processes you’ve run. In the next section, we will talk about building container images from scratch using buildah.
Building an Image from scratch
Okay, now that we know how to run containers using docker/ podman, we will also gain some familiarity with the buildah api. As a simple model, if you're familiar with object oriented programming, you can think of images as the class, and containers as an object of that class. source: https://github.com/containers/buildah/blob/master/docs/tutorials/01-intr...
First, let’s check something[user@localhost ~]$ buildah images
REPOSITORY TAG IMAGE ID CREATED SIZE |
There are no images because we haven't made one yet - lets create one using a docker file:[user@localhost ~] vim Dockerfile
Strike i for insert mode and copy and paste the following:
FROM ubuntu:xenial
ENV LANG=C.UTF-8 LC_ALL=C.UTF-8
RUN apt-get update --fix-missing && \
apt-get install -y wget bzip2 ca-certificates curl git python-dev gcc build-essential gnupg lsb-release apt-file && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
ENV TINI_VERSION v0.16.1
RUN wget --quiet https://github.com/krallin/tini/releases/download/v0.16.1/tini -O /usr/bin/tini
# ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /usr/bin/tini
RUN chmod +x /usr/bin/tini
COPY dockerDemo.py /usr/local/bin/dockerDemo.py
# ENTRYPOINT [ "/usr/bin/tini", "--" ]
ENTRYPOINT ["python", "/usr/local/bin/dockerDemo.py"]
CMD [ "/bin/bash" ]
Strike esc key and then hit type :wq
Now we'd like to make an example program that prints something so we know it's running inside an image.
[user@localhost ~] vim dockerDemo.py
print("I'm running from inside the container."
)
Now we can build the image using buildah(enter computers host id for localhost at the end of the command).[user@localhost ~] buildah --format=docker bud -t localhost/dockerdemo
When your build completes, try running the buildah command we did at the beginning again[user@localhost ~] buildah images
REPOSITORY TAG IMAGE ID CREATED SIZE localhost/yourlocalhost/dockerdemo latest yourimageID __ seconds ago ___ MB docker.io/library/ubuntu xenial 2ndimageID ___ long ago __ MB. |
To run the newly created image, simply run the following buildah command with what was under IMAGE ID for TAG latest:[user@localhost ~] buildah run -it __yourimageID__
I'm running from inside the container |
And you're done! Congrats, you just built your first image and ran a python script from inside a container of that image.
Wrapping up
You should now be able to create images using buildah, docker, and test them using simple python scripts.