【Podman】podman入门学习 | Docker替代品

简介: 【Podman】podman入门学习 | Docker替代品

一、什么是Podman?


Podman 是一种无守护程序、开源的 Linux 原生工具,旨在使用 Open Containers Initiative (OCI) 容器和容器映像轻松查找、运行、构建、共享和部署应用程序。 Podman 提供了任何使用过 Docker容器引擎的人都熟悉的命令行界面 (CLI)。 大多数用户可以简单地将 Docker 别名为 Podman(别名 docker=podman)而不会出现任何问题。 与其他常见的容器引擎(Docker、CRI-O、containerd)类似,Podman 依赖于符合 OCI 的容器运行时(runc、crun、runv 等)来与操作系统交互并创建正在运行的容器。 这使得 Podman 创建的正在运行的容器与任何其他常见容器引擎创建的容器几乎没有区别。


Podman 控制下的容器可以由 root 或非特权用户运行


Podman 使用 libpod 库管理整个容器生态系统,包括 pod、容器、容器映像和容器卷。

Podman 专注于帮助维护和修改 OCI 容器镜像的所有命令和功能,例如拉取和标记。

允许在生产环境中创建、运行和维护这些容器和容器映像。


有一个 RESTFul API 来管理容器。还有一个可以与 RESTFul 服务交互的远程 Podman 客户端。


目前支持 Linux、Mac 和 Windows 上的客户端。 RESTFul 服务仅在 Linux 上受支持。


二、podman与docker之间的区别联系


在上手程度上:Podman 的操作方式与 Docker 高度兼容,很适合docker用户转型使用podman。使用命令几乎和docker相同


在安全方面上: Docker 与 Podman 之间的一个重大区别涉及到安全问题。Docker 守护进程需要 root 权限;Podman 可以以非特权用户启动容器。


在运行方式上: Docker需要依赖于守护进程,Podman 不需要守护进程


Podman 的使用方式及命令和 Docker 完全一致。


Docker 和 Podman 都使用 CLI 作为主要管理界面。


Podman 和 Docker 都符合 OCI 镜像标准。



三、基于centos系统安装podman


执行命令


# 使用YUM源搜索podman
yum provides podman
yum list | grep podman


执行命令结果


# 使用YUM源搜索podman
[root@podman ~]# yum provides podman
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
podman-1.4.4-2.el7.centos.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.4.4-4.el7.centos.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-16.el7_8.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-18.el7_8.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-22.el7_9.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-27.el7_9.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-29.el7_9.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
podman-1.6.4-32.el7_9.x86_64 : Manage Pods, Containers and Container Images
Repo        : extras
[root@podman ~]# yum list | grep podman                                      
podman.x86_64                               1.6.4-32.el7_9             extras
podman-docker.noarch                        1.6.4-32.el7_9             extras
podman-remote.x86_64                        1.6.4-32.el7_9             extras
podman-tests.x86_64                         1.6.4-32.el7_9             extras


安装podman


yum install -y podman


执行命令结果


[root@podman ~]# rpm -qa podman
podman-1.6.4-32.el7_9.x86_64



配置阿里云镜像加速器


vim /etc/containers/registries.conf
# 编辑以下内容,这里使用阿里云的镜像加速器。
unqualified-search-registries = ["w2kavmmf.mirror.aliyuncs.com"]



搜索hello-world镜像


# 搜索hello-world镜像
podman search hello-world



下载hello-world镜像


[root@podman ~]# podman pull hello-world
Trying to pull registry.access.redhat.com/hello-world...
  name unknown: Repo not found
Trying to pull registry.redhat.io/hello-world...
  unable to retrieve auth token: invalid username/password: unauthorized: Please login to the Red Hat Registry using your Customer Portal credentials. Further instructions can be found here: https://access.redhat.com/RegistryAuthentication
Trying to pull docker.io/library/hello-world...
Getting image source signatures
Copying blob 2db29710123e done
Copying config feb5d9fea6 done
Writing manifest to image destination
Storing signatures
feb5d9fea6a5e9606aa995e879d862b825965ba48de054caab5ef356dc6b3412
[root@podman ~]#


运行hello-wolrd镜像


podman run --rm hello-world



四、使用podman相关命令


查看podman版本信息podman version


[root@podman ~]# podman version
Version:            1.6.4
RemoteAPI Version:  1
Go Version:         go1.12.12
OS/Arch:            linux/amd64
[root@podman ~]#


查看podman详细信息podman info


[root@podman ~]# podman info
host:
  BuildahVersion: 1.12.0-dev
  CgroupVersion: v1
  Conmon:
    package: conmon-2.0.8-1.el7.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.8, commit: f85c8b1ce77b73bcd48b2d802396321217008762'
  Distribution:
    distribution: '"centos"'
    version: "7"
  MemFree: 3363446784
  MemTotal: 4122746880
  OCIRuntime:
    name: runc
    package: runc-1.0.0-69.rc10.el7_9.x86_64
    path: /usr/bin/runc
    version: 'runc version spec: 1.0.1-dev'
  SwapFree: 2147479552
  SwapTotal: 2147479552
  arch: amd64
  cpus: 2
  eventlogger: journald
  hostname: podman
  kernel: 3.10.0-1160.66.1.el7.x86_64
  os: linux
  rootless: false
  uptime: 46m 6.46s
registries:
  blocked: null
  insecure: null
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  ConfigFile: /etc/containers/storage.conf
  ContainerStore:
    number: 0
  GraphDriverName: overlay
  GraphOptions: {}
  GraphRoot: /var/lib/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 0
  RunRoot: /var/run/containers/storage
  VolumePath: /var/lib/containers/storage/volumes
[root@podman ~]#


查看镜像


[root@podman ~]# podman images
REPOSITORY                      TAG      IMAGE ID       CREATED        SIZE
docker.io/library/hello-world   latest   feb5d9fea6a5   7 months ago   19.9 kB
[root@podman ~]#


运行hello-wolrd镜像


[root@podman ~]# podman run --rm hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/
For more examples and ideas, visit:
 https://docs.docker.com/get-started/
[root@podman ~]#


五、使用podman部署Nginx


# 搜索nginx镜像
podman search nginx
# 拉取nginx镜像
podman pull docker.io/library/nginx
# 查看nginx镜像
podman images
# 运行nginx镜像
podman run -d -it --name nginx-xybdiy -p 8088:80 docker.io/library/nginx:latest
# 查看正在运行的容器
podman ps
# 查看nginx-xybdiy容器的详细信息
podman inspect nginx-xybdiy
# 测试是否能够访问nginx
curl http://192.168.200.11:8088
# 查看podman网络信息参数
podman network ls
# 显示容器运行进程
podman top nginx-xybdiy
# 进入正在运行的容器内
podman exec -it nginx-xybdiy /bin/bash


# 搜索nginx镜像
[root@podman ~]# podman search nginx
INDEX        NAME                                                           DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
******省略内容******
docker.io    docker.io/library/nginx                                        Official build of Nginx.                          16812   [OK]
docker.io    docker.io/bitnami/nginx                                        Bitnami nginx Docker Image                        126                [OK]
docker.io    docker.io/bitnami/nginx-ingress-controller                     Bitnami Docker Image for NGINX Ingress Contr...   18                 [OK]
******省略内容******
[root@podman ~]#
# 拉取nginx镜像
[root@podman ~]# podman pull docker.io/library/nginx
Trying to pull docker.io/library/nginx...
Getting image source signatures
Copying blob 56fbf79cae7a done
Copying blob 66eec13bb714 done
Copying blob c4547ad15a20 done
Copying blob d31373136b98 done
Copying blob 17cb812420e3 done
Copying blob 214ca5fb9032 done
Copying config de2543b943 done
Writing manifest to image destination
Storing signatures
de2543b9436b7b0e2f15919c0ad4eab06e421cecc730c9c20660c430d4e5bc47
# 查看nginx镜像
[root@podman ~]# podman images
REPOSITORY                      TAG      IMAGE ID       CREATED        SIZE
docker.io/library/nginx         latest   de2543b9436b   2 days ago     146 MB
docker.io/library/hello-world   latest   feb5d9fea6a5   7 months ago   19.9 kB
[root@podman ~]#
# 运行nginx镜像
[root@podman ~]# podman run -d -it --name nginx-xybdiy -p 8088:80 docker.io/library/nginx:latest
52bf996c92fc959a24c2153b6da8a23741f38bac976e2d310221978838a1f40e
# 查看正在运行的容器
[root@podman ~]# podman ps
CONTAINER ID  IMAGE                           COMMAND               CREATED        STATUS            PORTS                 NAMES
52bf996c92fc  docker.io/library/nginx:latest  nginx -g daemon o...  7 seconds ago  Up 7 seconds ago  0.0.0.0:8088->80/tcp  nginx-xybdiy
# 测试是否能够访问nginx
[root@podman ~]# curl http://192.168.200.11:8088
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@podman ~]#



# 查看nginx-xybdiy容器的详细信息
[root@podman ~]# podman inspect nginx-xybdiy
[
    {
        "Id": "52bf996c92fc959a24c2153b6da8a23741f38bac976e2d310221978838a1f40e",
        "Created": "2022-05-20T22:36:17.527099929+08:00",
        "Path": "/docker-entrypoint.sh",
        "Args": [
            "nginx",
            "-g",
            "daemon off;"
        ],
        "State": {
            "OciVersion": "1.0.1-dev",
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 15128,
            "ConmonPid": 15117,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2022-05-20T22:36:17.792384959+08:00",
            "FinishedAt": "0001-01-01T00:00:00Z",
            "Healthcheck": {
                "Status": "",
                "FailingStreak": 0,
                "Log": null
            }
        },
******省略内容******


# 查看podman网络信息参数
[root@podman ~]# podman network ls
NAME     VERSION   PLUGINS
podman   0.4.0     bridge,portmap,firewall
[root@podman ~]# podman network inspect podman
[
        {
                "cniVersion": "0.4.0",
                "name": "podman",
                "plugins": [
                        {
                                "bridge": "cni-podman0",
                                "ipMasq": true,
                                "ipam": {
                                        "ranges": [
                                                [
                                                        {
                                                                "gateway": "10.88.0.1",
                                                                "subnet": "10.88.0.0/16"
                                                        }
                                                ]
                                        ],
                                        "routes": [
                                                {
                                                        "dst": "0.0.0.0/0"
                                                }
                                        ],
                                        "type": "host-local"
                                },
                                "isGateway": true,
                                "type": "bridge"
                        },
                        {
                                "capabilities": {
                                        "portMappings": true
                                },
                                "type": "portmap"
                        },
                        {
                                "type": "firewall"
                        }
                ]
        }
]
[root@podman ~]#


显示容器运行进程


[root@podman ~]# podman top nginx-xybdiy                                                                
USER    PID   PPID   %CPU    ELAPSED           TTY     TIME   COMMAND                                   
root    1     0      0.000   7m15.694064578s   pts/0   0s     nginx: master process nginx -g daemon off;
nginx   30    1      0.000   7m15.69421228s    pts/0   0s     nginx: worker process                     
nginx   31    1      0.000   7m15.694257445s   pts/0   0s     nginx: worker process                     


进入正在运行的容器


[root@podman ~]# podman exec -it nginx-xybdiy /bin/bash
root@52bf996c92fc:/# ls -l
total 12
drwxr-xr-x   2 root root 4096 May  9 00:00 bin
drwxr-xr-x   2 root root    6 Mar 19 13:46 boot
drwxr-xr-x   5 root root  360 May 20 14:36 dev
drwxr-xr-x   1 root root   41 May 17 22:36 docker-entrypoint.d
-rwxrwxr-x   1 root root 1202 May 17 22:35 docker-entrypoint.sh
drwxr-xr-x   1 root root   32 May 20 14:36 etc
drwxr-xr-x   2 root root    6 Mar 19 13:46 home
drwxr-xr-x   1 root root   45 May  9 00:00 lib
drwxr-xr-x   2 root root   34 May  9 00:00 lib64
drwxr-xr-x   2 root root    6 May  9 00:00 media
drwxr-xr-x   2 root root    6 May  9 00:00 mnt
drwxr-xr-x   2 root root    6 May  9 00:00 opt
dr-xr-xr-x 124 root root    0 May 20 14:36 proc
drwx------   1 root root   27 May 20 14:47 root
drwxr-xr-x   1 root root   59 May 20 14:36 run
drwxr-xr-x   2 root root 4096 May  9 00:00 sbin
drwxr-xr-x   2 root root    6 May  9 00:00 srv
dr-xr-xr-x  13 root root    0 May 20 14:47 sys
drwxrwxrwt   1 root root    6 May 17 22:35 tmp
drwxr-xr-x   1 root root   66 May  9 00:00 usr
drwxr-xr-x   1 root root   19 May  9 00:00 var
root@52bf996c92fc:/# exit
exit
[root@podman ~]#


停止并删除容器


[root@podman ~]# podman stop 52bf996c92fc
52bf996c92fc959a24c2153b6da8a23741f38bac976e2d310221978838a1f40e
[root@podman ~]# podman rm 52bf996c92fc
52bf996c92fc959a24c2153b6da8a23741f38bac976e2d310221978838a1f40e
[root@podman ~]#


六、参考链接


https://podman.io/

相关文章
|
9天前
|
存储 虚拟化 数据中心
|
2天前
|
Shell iOS开发 Docker
|
9天前
|
Ubuntu 应用服务中间件 Shell
Docker入门
Docker入门
32 0
|
9天前
|
存储 Ubuntu Linux
Docker 从入门到实践:Docker介绍
Docker 从入门到实践:Docker介绍
|
9天前
|
应用服务中间件 持续交付 nginx
【Docker专栏】Docker入门指南:快速构建你的第一个容器
【5月更文挑战第7天】Docker 入门指南:容器化应用利器。了解 Docker 核心概念——镜像、容器和仓库。安装 Docker 后,运行官方 `hello-world` 验证安装,再尝试运行 `nginx` Web 服务器。通过端口映射访问容器内服务,学习管理容器命令。创建自定义镜像,编写 Dockerfile,实现 Python Web 应用容器化。Docker 助力高效开发与运维,探索更多自动化部署与微服务场景。
【Docker专栏】Docker入门指南:快速构建你的第一个容器
|
9天前
|
安全 Linux 数据库
Docker 入门详解
通过遵循这些步骤,你将能够快速入门 Docker 并开始探索容器化的世界,关注 V 哥,技术之路一起成长。
|
9天前
|
存储 Apache Swift
无限套娃_docker入门(镜像、容器、仓库)
无限套娃_docker入门(镜像、容器、仓库)
38 0
|
9天前
|
Linux 虚拟化 Docker
docker入门
docker入门
24 2
|
9天前
|
存储 运维 Docker
Docker从入门到精通:Docker 容器数据卷详解
Docker 数据卷是持久化容器数据的关键机制,允许跨容器或主机共享,即使容器删除数据仍保留。创建数据卷可通过命令行或容器启动时指定,挂载到容器目录以读写。使用 `docker volume` 命令可管理数据卷,适用于持久化存储、数据共享及备份场景。了解和善用数据卷能优化 Docker 应用程序的运维。
28 0
|
9天前
|
监控 Docker 容器
Docker从入门到精通:Docker log 命令学习
了解 Docker 日志管理对容器监控至关重要。`docker logs` 命令用于查看和管理容器日志,例如,`docker logs &lt;container_name&gt;` 显示容器日志,`-f` 或 `--follow` 实时跟踪日志,`--tail` 显示指定行数,`--timestamps` 添加时间戳,`--since` 按日期筛选。Docker 支持多种日志驱动,如 `syslog`,可通过 `--log-driver` 配置。有效管理日志能提升应用程序的稳定性和可维护性。
88 0