脚本宝典收集整理的这篇文章主要介绍了Podman开机自启容器实现过程及与Docker对比,脚本宝典觉得挺不错的,现在分享给大家,也给大家做个参考。
podman之前是CRI-O项目的一部分,后被分离成独立的项目libpod,libpod是一个创建容器pod的工具和库,podman是个无守护程序容器引擎,以root用户或无根模式运行,简而言之podman提供了一个docker-CLI的命令行,管理着容器
docker劣势一:
docker大家都知道,其守护程序在多个核心上占用差不多高达100%cpu资源,采用C/S模型
podman优势一:
podman不需要守护进程,不需要root权限组,而且利用着用户命名空间(namespace)模拟容器中的root运行,采用fork/exec模型。
fork/exec模型相比C/S模型优势:
docker的功能大部分podman都是兼容的,也可以使用别名(alias)来写成docker的命令
/usr/lib/systemd/user:优先级最低,会被优先级高的同名 unIT 覆盖 ~/.local/share/systemd/user
/etc/systemd/user:全局共享的用户级 unit[s]
~/.config/systemd/user:优先级最高
#默认centos源 [root@slave02 ~]# yum -y module install container-tools #容器工具基于模块 [root@slave02 ~]# yum -y install podman-docker #安装docker兼容包(可选)
[root@slave02 ~]# podman -v podman version 3.3.0-dev
官方仓库:registry.access.redhat.com
第三方仓库:docker.io
[root@slave02 ~]# podman help|head -15 Manage pods, containers and images usage: podman [options] [command] Available Commands: attach Attach to a running container auto-update Auto update containers according to their auto-update policy build Build an image using instructions From Containerfiles commit Create new image based on the changed container #基于修改的容器创建新的容器 container Manage containers cp Copy files/folders between a container and the local filesystem create Create but do not start a container diff Display the changes to the object's file system events Show podman events ....
修改配置文件:/etc/containers/registries.conf 即可
注意:不能带有httpds//:url格式
[root@slave02 ~]# cp /etc/containers/registries.conf /backup/registries.conf.back #备份一下 [root@slave02 ~]# vim /etc/containers/registries.conf unqualified-seArch-registries = ["docker.io"] #非限定搜索登记处 [[registry]] PRefix = "docker.io" location = "x" #x是阿里加速镜像地址
[root@slave02 ~]# podman pull nginx
#准备htML页面内容 [root@192 ~]# cat /opt/webhtml/index.html Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition #运行一个守护web容器进程,将/opt/webhtml目录内容映射到容器的/usr/share/nginx/html存放网页的位置 [root@192 ~]# podman run -d --name web -p 8888:80 -v /opt/webhtml:/usr/share/nginx/html nginx 3528e6d5148bCF980f0DF5708a82419d3485a33d1d16d722db3e880cc103cd2c [root@podman ~]# curl 192.168.136.129:8888 Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambition #容器的ip [root@podman ~]# podman insPEct web|grep IPAddress "IPAddress": "10.88.0.6", "IPAddress": "10.88.0.6", #宿主机的ip [root@podman ~]# ip r 192.168.136.0/24 dev ens33 proto kernel scope link src 192.168.136.129 metric 100 #由于进行了端口绑定,所以直接 curl 192.168.136.129:8888即可访问
进入后台web容器,查看服务状态
[root@podman ~]# podman exec -it web bash root@3528e6d5148b:/# service nginx status [ ok ] nginx is running. #运行中
修改容器业务内容
#修改宿主机/opt/webhtml/index.html即可 [root@podman ~]# cat /opt/webhtml/index.html Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS RHCE RHCA #进行访问 [root@podman ~]# curl 192.168.136.129:8888 Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS RHCE RHCA #进入容器查看内容是否修改 [root@podman ~]# podman exec -it web bash root@3528e6d5148b:/# cat /usr/share/nginx/html/index.html Go your own way, see your own scenery, surpass others without complacency, and be surpassed without losing ambitionRHCAS RHCE RHCA
#暂停 [root@podman ~]# podman stop web web [root@podman ~]# podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 3528e6d5148b docker.io/library/nginx:latest nginx -g daemon o... 25 minutes ago Exited (0) 16 seconds ago 0.0.0.0:8888->80/tcp web #删除 [root@podman ~]# podman rm web 3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c #或强制删除运行中的容器 [root@podman ~]# podman rm -f web 3528e6d5148bcf980f0df5708a82419d3485a33d1d16d722db3e880cc103cd2c
[root@podman ~]# podman run --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx 910db3ab6bd1eF18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a
基于web容器,在优先级一般的/etc/systemd/system内
[root@192 ~]# cd /etc/systemd/system/
[root@podman user]# podman generate systemd --
--container-prefix (Systemd unit name prefix for containers)
--files {生成.service文件,而不是打印到标准输出}
--format (Print the created units in specified format (json)) #以指定的格式打印单元文件
--name (Use container/pod names instead of IDs) #创建新容器,而不是使用现有的容器
--new (Create a new container instead of starting an existing one)#(跳过标头生成)
--no-header (Skip header generation)
--pod-prefix (Systemd unit name prefix for pods)
--restart-policy (Systemd restart-policy)
--separator (Systemd unit name separator between name/id and prefix)
--time (Stop timeout override)
[root@192 system]# podman generate systemd --name web --files --new
/etc/systemd/system/container-web.service
[root@192 system]# cat container-web.service # container-web.service # autogenerated by Podman 3.3.0-dev #podman 3.3.0-dev自动生成 # Tue Aug 17 13:03:13 CST 2021 #8月17日星期二13:03:13 CST 2021 [Unit] #单元 Description=Podman container-web.service #描述 Documentation=man:podman-generate-systemd(1) #帮助以及生成的系统 Wants=network-online.target #网络 After=network-online.target RequiresmountsFor=%t/containers #前面不重要直接跳过 [Service] environment=PODMAN_SYSTEMD_UNIT=%n Restart=on-failure #故障时重新启动 TimeoutStopSec=70 #超时时间 ExecStart=/usr/bin/podman run --sdnotify=conmon --cgroups=no-conmon --rm --replace --name web -d -p 8080:80 -v /opt/webhtml:/usr/shar/nginx/html nginx #执行开始为/usr/bin/podman 运行刚才创建的容器 Type=notify NotifyAccess=all [Install] WantedBy=multi-user.target default.target
[root@podman ~]# podman rm web 910db3ab6bd1ef18e5fd0afe1844912f0b89334b7b8ab758353a948a1b55282a [root@podman ~]# podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@192 ~]# systemctl daemon-reload [root@192 ~]# systemctl enable --now container-web.service Created symlink /etc/systemd/system/multi-user.target.wants/container-web.service → /etc/systemd/system/container-web.service. Created symlink /etc/systemd/system/default.target.wants/container-web.service → /etc/systemd/system/container-web.service. [root@192 user]# podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b0c7709cb00e docker.io/library/nginx:latest nginx -g daemon o... 15 seconds ago Up 16 seconds ago 0.0.0.0:8080->80/tcp web
无根root模式设置容器和上面这种方式大同小异
使用systemctl命令带上 --user 即可
以上就是Podman开机自启容器实现过程的详细内容,更多关于Podman开机自启容器的资料请关注脚本宝典其它相关文章!
以上是脚本宝典为你收集整理的Podman开机自启容器实现过程及与Docker对比全部内容,希望文章能够帮你解决Podman开机自启容器实现过程及与Docker对比所遇到的问题。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。