Podman - Running our first container - Part 3
Time to get our first container up and running, here we will talk a litte about repositories that is a essential part of running containers.
make sure you logged in via ssh with the user we created in part 2 before you continue.
Repositories
Repositories is where you get all of the images you use when you create and run a container, there are a few options to where you can get these images, but some of the common ones are Docker Hub and Red Hat Quay. There are other ones like Amazon EXR and Google Container Registry, but these are more locked in towards their own services.
Without the file .config/containers/registries.conf in place we would need to give full path to any repository we want to do a search against since it do not know where to search.
$ podman search docker.io/ubuntu
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/library/ubuntu Ubuntu is a Debian-based Linux operating sys... 16314 [OK]
docker.io docker.io/library/websphere-liberty WebSphere Liberty multi-architecture images ... 296 [OK]
docker.io docker.io/library/open-liberty Open Liberty multi-architecture images based... 61 [OK]
docker.io docker.io/library/neurodebian NeuroDebian provides neuroscience research s... 103 [OK]
docker.io docker.io/library/ubuntu-debootstrap DEPRECATED; use "ubuntu" instead 52 [OK]
docker.io docker.io/library/ubuntu-upstart DEPRECATED, as is Upstart (find other proces... 115 [OK]
...
if we would just write like this with an empty regristries.conf it would return a empty result back.
You may even use two or more repositories to fetch images from and would'nt it be nice to not have to point to a specific repository when looking for an image.
Here comes the .config/containers/registries.conf to the rescue, in this file we can add our repositories and set the search and download order they should be in.
So edit the file.
Add these lines and save.This files has more options but above is a good start, here i choose docker.io as first to check when searching, but that is only because i have images there and have experimented with docker before, you can put them in any order you want, but for this guide keep it as above for now.
To do a deep dive into what you can configure in this file, you can head over to Red Hat where you will find a good article that dives into many of the options for this file.
When we added above and saved the file we can try to do a search like this.
It will show a lot of lines, much like these.
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/library/ubuntu Ubuntu is a Debian-based Linux operating sys... 16314 [OK]
quay.io quay.io/libpod/ubuntu 2020-12-08 used in buildah tests This image ... 0
quay.io quay.io/bedrock/ubuntu 0
You can still use the full name in searching to narrow it down, this just opens up a way to search in more than one repository at the same time.
When having two or more repositories and you do a pull without the respository name it asks you from which repository you want to get the image from.
$ podman pull ubuntu
? Please select an image:
▸ docker.io/library/ubuntu:latest
quay.io/ubuntu:latest
You could use full path when you want to pull an image and not for it to ask, so the option still remains if needed.
First container
Now that we have set up some repository data it is time to get our first image downloaded.
There are three ways to download an image, the first one is via the podman pull command, second one is via podman create and the third one is via podman run, the difference is that pull only downloads the image and the create downloads and creates your container, but do not actually run it, the third one, run downloads, creates and then runs the container, all at once. You can do a pull on a image before you create a container, but it is not required.
We will use two images, the first one is a Hello-World, this one pretty much print a message and then exits. The other one is nginx a web server the we will continue to use in later parts.
Hello-World
We start by downloading hello-world, this one we will be using the pull command.
$ podman pull docker.io/hello-world:latest
Trying to pull docker.io/library/hello-world:latest...
Getting image source signatures
Copying blob 719385e32844 done
Copying config 9c7a54a9a4 done
Writing manifest to image destination
Storing signatures
9c7a54a9a43cca047013b82af109fe963fde787f63f9e016fdc3384500c2823d
Now the image is downloaded, but it is not connected to any container yet since the pull only downloads the image and nothing else.
We will use the parameter --name in our commands for running the containers, this is to give each container a name so it's easier to find them.
Now we will create and start it, when creating and running a container, the image to use must always be last in the command line, otherwise if you put anything after, it is interpreted as a command to pass into the container. Note that run is only used to create and run a container first time, never to start or stop it after it is created.
$ podman run --name HelloWorld hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
As you can see it printed a message and to verify that it is not running you can run the following command, this command list all running containers.
Reason for this is that when an image is built the last command in the build file is always a service within the image that keeps the container running, and hello-world do not have that, we will talk more about it in Part 9.
ningx
Now we will download and run the nginx image with one command line directly, note the --detach parameter, this tells podman that we should start it in a detached process, if we where not to use it, the container would start in a so called attached process, outputting everything to the console and you would not be able to do anything while it is running, your console would lock up with no way of getting out of it.
If you would like to see what happens in a container use the -it after it is created and is up and running , this will attach in an interactive mode and here you can use the default keys "CTRL-P + CTRL-Q in that order to exit the container, the container will continue to run in it's own background process when you exit interactive mode.
We even tell podman to publish port 8080 with the --publish=8080:80/tcp parameter on the outside so we can reach and test that we successfully started the server.
Now run the following command and see it download the image and start it.
$ podman run --name MyWebServer --publish=8080:80/tcp --detach docker.io/nginx:latest
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob 52d2b7f179e3 done
Copying blob a7c4092be904 done
Copying blob e3b6889c8954 done
Copying blob 96576293dd29 done
Copying blob fd9f026c6310 done
Copying blob 055fa98b4363 done
Copying blob da761d9a302b done
Copying config eea7b3dcba done
Writing manifest to image destination
Storing signatures
db2dbb81348ab156343b769bfea8902eb97e5a172b12ccae7986254d4a4f213c
Important to note, only use the run when your intention is to download, create and run a container first time, when starting and stopping a container after that we use start and stop to do that.
Now if you run podman ps again you should se something like this.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
eb75d6ce41d6 docker.io/library/nginx:latest nginx -g daemon o... 3 seconds ago Up 4 seconds ago 0.0.0.0:8080->80/tcp MyWebServer
If you look all the way to the right you should see the name we gave it and that it is up and running.
You can now try to connect to it in your browser, the IP of the container is same as the host IP where you are running podman, and if you run podman on the same machine as your sitting on with a gui, you should even be able to try http://127.0.0.1:8080 and see if that works.
I got this when connection to the server.
Welcome to nginx!
If you see this page, the nginx web server is successfully installed and working. Further configuration is required.
For online documentation and support please refer to nginx.org.
Commercial support is available at nginx.com.
Thank you for using nginx.
The create command is pretty much equal to the run command with some parameters removed.
The difference is that we do not use the --detach parameter as it only used with the run command.
To stop a container you run the following command.
When the container is stopped it returns the name we used when stopping it, if we would skip giving the container a name it would return an unique container id instead, and we would not be able to use a name when referring to it, which is a bit more tedious.And to start you use the following command.
Recap
Now we have gone through how to configure the basics in registries.conf, search for images and to start them. Next we will cover the commands used a little bit more before continue on with volumes, pods and network settings.