标签:target service 命令 基础 podman nginx root localhost
podman基础命令
podman cp 在容器和本地文件系统之间 复制文件/文件夹
//将本地文件传输到容器中
[root@localhost ~]# podman ps -a
C0ONTAINER ID IMAGE COMMAND CREATED
STATUS PORTS NAMES
9471fdc1f3b6 docker.io/library/httpd:latest httpd-foreground 23 second s ago Up 2 seconds ago wqe
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# podman cp anaconda-ks.cfg wqe:/tmp/
[root@localhost ~]# podman exxec -it wqe /bin/bash
Error: unknown shorthand flag: 'i' in -it
[root@localhost ~]# podman exec -it wqe /bin/bash root@9471fdc1f3b6:/usr/local/apache2# cd /tmp/
root@9471fdc1f3b6:/tmp# ls anaconda-ks.cfg
//将容器中备份数据传输到主机
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# rm -rf anaconda-ks.cfg
[root@localhost ~]# ls
//备份
root@9471fdc1f3b6:/tmp# ls
anaconda-ks.cfg
[root@localhost ~]# podman cp wqe:/tmp/anaconda-ks.cfg .
[root@localhost ~]# ls
anaconda-ks.cfg //成功
podman events 显示容器事件
//创建个容器
[root@localhost ~]# podman run -d httpd
248b6747cc3c50f88eb431559d2f3fa060b2758fa8777f3911e44f34eb4dc988
[root@localhost ~]# podman events
2022-08-16 17:23:54.423946966 +0800 CST container create 258b6747cc3c40f89eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e (image=docker.io/librar y/httpd:latest, name=flamboyant_noyce)
2022-08-16 17:23:54.315246854 +0800 CST image pull httpd
2022-08-16 17:23:55.607816877 +0800 CST container init 258b6747cc3c40f89e
b43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e (image=docker.io/library/httpd:latest, name=flamboyant_noyce)
2022-08-16 17:23:55.621392428 +0800 CST container start 258b6747cc3c40f89 eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e
(image=docker.io/library/httpd:latest, name=flamboyant_noyce)
diff 检查容器文件系统上的更改
//查看这个容器发生了哪些改变
[root@localhost ~]# podman diff wqe
C /usr
C /usr/local
C /usr/local/apache2
C /usr/local/apache2/logs
A /usr/local/apache2/logs/httpd.pid //添加
C /etc
C /tmp
A /tmp/anaconda-ks.cfg
export 将容器的文件系统内容导出为 tar 存档
[root@localhost ~]# podman export -o web.tar web1
[root@localhost ~]# ls
anaconda-ks.cfg busybox.tar web.tar
podman import # 导入容器快照
[root@localhost ~]# podman import web.tar
Getting image source signatures
Copying blob f8c5231b85bd done
Copying config 4166d975be done
Writing manifest to image destination
Storing signatures
sha256:4166d975beffdcb17b6a87b7f6b0878594b8e4d4d972e487c70fe60626b07724
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 4166d975beff 5 minutes ago 147 MB
docker.io/library/httpd latest f2a976f932ec 11 days ago 149 MB
podman-generate 生成结构化数据,将容器生成一个数据
//拉取一个镜像
[root@localhost ~]# podman pull nginx
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest b692a91e4e15 2 weeks ago 146 MB
[root@localhost ~]# podman run -d --name nginx -p 1314:80 nginx
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREAT
c6b30c7a6800 docker.io/library/nginx:latest nginx -g daemon o... 5 sec onds ago Up 5 seconds ago 0.0.0.0:1314->80/tcp nginx
[root@localhost ~]# cd /etc/systemd/system/
[root@localhost system]# ls
basic.target.wants network-online.target.wants
ctrl-alt-del.target sockets.target.wants
dbus-org.fedoraproject.FirewallD1.service sysinit.target.wants
dbus-org.freedesktop.nm-dispatcher.service syslog.service
default.target timers.target.wants
getty.target.wants vmtoolsd.service.requires
multi-user.target.wants
[root@localhost system]# podman generate systemd --files --name nginx
/etc/systemd/system/container-nginx.service
[root@localhost system]# ls
basic.target.wants multi-user.target.wants
container-nginx.service network-online.target.wants
ctrl-alt-del.target sockets.target.wants
dbus-org.fedoraproject.FirewallD1.service sysinit.target.wants
dbus-org.freedesktop.nm-dispatcher.service syslog.service
default.target timers.target.wants
getty.target.wants vmtoolsd.service.requires
//修改当前配置
[root@localhost system]# vim container-nginx.service
[root@localhost system]# cat container-nginx.service
# container-nginx.service
# autogenerated by Podman 3.3.1
# Tue Aug 16 18:54:54 CST 2022
[unit]
Description=Podman Nginx Service
After=network.target
After=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/podman start -a nginx ExecStop=/usr/bin/podman stop -t 10 nginx
Restart=always
[Install]
WantedBy=multi-user.target
//重启服务
[root@localhost system]# systemctl daemon-reload [root@localhost system]# systemctl enable --now container-nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/container-ngi nx.service → /etc/systemd/system/container-nginx.service
[root@localhost system]# systemctl status container-nginx.service
● container-nginx.service
Loaded: loaded (/etc/systemd/system/container-nginx.service; enabled; vend>
Active: active (running) since Tue 2022-08-16 18:58:48 CST; 4s ago
Main PID: 21928 (podman) //成功
Tasks: 6 (limit: 23460)
Memory: 20.8M
CGroup: /system.slice/container-nginx.service
└─21928 /usr/bin/podman start -a nginx
Aug 16 18:58:48 localhost.localdomain systemd[1]: Started container-ngin x.ser
history用于查看镜像信息操作
[root@localhost ~]# podman history busybox
ID CREATED CREATED BY SIZE COMMENT
beae173ccac6 7 months ago /bin/sh -c #(nop) CMD ["sh"] 0 B
<missing> 7 months ago /bin/sh -c #(nop) ADD file:6db446a57cbd2b7... 1.46 MB
info输出podma详细信息
[root@localhost ~]# podman info
host:
arch: amd64
buildahVersion: 1.22.3
cgroupControllers:
- cpuset
- cpu
- cpuacct
- blkio
- memory
- devices
- freezer
- net_cls
- perf_event
- net_prio
- hugetlb
- pids
- rdma
cgroupManager: systemd
cgroupVersion: v1
conmon:
package: conmon-2.0.29-1.module_el8.5.0+890+6b136101.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.29, commit: 84384406047fae626269133e1951c4b92eed7603'
cpus: 1
init初始化容器,初始化一个或多个容器,例如之前在容器中做了挂载、修改文件系统,这时需要初始化容器配置才会生效
//必须先停止在初始化
[root@localhost ~]# podman stop hh
hh
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago Exited (0) 16 seconds ago hh
[root@localhost ~]# podman init hh
a03f744e298754a75a02538d5d2b94e18b7b640deed8003b2b5affec73e32351
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago created hh
[root@localhost ~]# podman start hh
hh
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago Up 2 seconds ago hh
[hh@localhost ~]$ cd /tmp/
[hh@localhost tmp]$ ll
total 141436
drwx------. 3 hh hh 24 Aug 15 16:50 containers-user-1000
drwx------. 6 hh hh 63 Aug 15 17:09 podman-run-1000
port查看印射的80端口
[hh@localhost tmp]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbf856602146 docker.io/library/httpd:latest httpd-foreground 8 hours ago Up 24 minutes ago 0.0.0.0:81->80/tcp web
[hh@localhost tmp]$ podman port
Error: you must supply a running container name or id
[hh@localhost tmp]$ podman port web
80/tcp -> 0.0.0.0:81
Podman 远程启动连接
介绍
Podman远程客户端的目的是允许用户在单独的客户端上与Podman“后端”进行交互。远程客户端的命令行界面与常规 Podman 命令完全相同,只是删除了一些标志,因为它们不适用于远程客户端。
远程客户端利用客户端-服务器模型。您需要在运行 SSH 守护程序的 Linux 机器或虚拟机上安装 Podman。在本地操作系统上,当您执行 Podman 命令时,Podman 通过 SSH 连接到服务器。然后,它通过使用 systemd 套接字激活并点击我们的 Rest API 连接到 Podman 服务。Podman 命令在服务器上执行。从客户的角度来看,Podman似乎在本地运行。
root用户启动套接字
[root@localhost ~]# systemctl start podman //启动podman也就相对应套接字也随之启动
[root@localhost ~]# systemctl status podman.socket
● podman.socket - Podman API Socket
Loaded: loaded (/usr/lib/systemd/system/podman.socket; disabled; vendor pr>
Active: active (listening) since Mon 2022-08-15 16:41:46 CST; 24h ago
Docs: man:podman-system-service(1)
Listen: /run/podman/podman.sock (Stream)
Tasks: 0 (limit: 23460)
Memory: 0B
CGroup: /system.slice/podman.socket
Aug 15 16:41:46 localhost.localdomain systemd[1]: Listening on Podman API Soc>
lines 1-10/10 (END)
普通用户启动方式
在服务器机器上启用 Podman 服务。
在执行任何 Podman 客户端命令之前,必须在 Linux 服务器上启用 podman.sock SystemD 服务。在这些示例中,我们将 Podman 作为普通的非特权用户(也称为无根用户)运行。缺省情况下,无根套接字侦听 。您可以使用以下命令永久启用此套接字:/run/user/${UID}/podman/podman.sock
systemctl --user enable --now podman.socket
podman网络管理
注意:启动一个容器后,会出现cni-poman0网卡,容器启动时,默认会连接podman网络
[root@localhost ~]# ip a show cni-podman0
3: cni-podman0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether ae:fa:0b:90:77:8e brd ff:ff:ff:ff:ff:ff
inet 10.88.0.1/16 brd 10.88.255.255 scope global cni-podman0
valid_lft forever preferred_lft forever
inet6 fe80::acfa:bff:fe90:778e/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]#
查看容器网路
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
断开网络(disconnect)
[root@localhost ~]# podman network disconnect podman2 nginx2
重启容器网络(reload)
[root@localhost ~]# podman network reload nginx2
b926e6a2a1b16b8275fa59813d30139c03ab6678933219fd551acc7105e8c742
删除podman网络(rm)
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]# podman network rm newnet1 newnet2
newnet1
newnet2
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
标签:target,service,命令,基础,podman,nginx,root,localhost 来源: https://www.cnblogs.com/loronoa/p/16598049.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。