Podman 介绍

发布时间: 更新时间: 总字数:1002 阅读时间:2m 作者: 分享 复制网址

Podman(Pod Manager tool) 是一个开源的容器项目,它可以管理和运行任何符合 OCI(Open Container Initiative) 规范的容器和镜像

什么是Podman

  • 可以跨平台使用,支持大多数 Linux、Mac、Windows
  • Podman 运行不需要守护进程,并可以在非 root 权限下运行
  • Podman 与 Docker 功能相似,并兼容 Docker Cli (约 85%+ 的命令是相似的),可以管理 Docker 镜像,也可以配置 alias docker=podman 使用 docker 命令

安装 Remote Client

  • Fedora,Centos
sudo yum -y install podman
  • MacOS
brew install podman
brew link podman

Help

podman--help
$ podman --help
Manage pods, containers and images

Usage:
  podman [options] [command]

Available Commands:
  attach      Attach to a running container
  build       Build an image using instructions from Containerfiles
  commit      Create new image based on the changed container
  container   Manage containers
  cp          Copy files/folders between a container and the local filesystem
  create      Create but do not start a container
  diff        Display the changes to the object's file system
  events      Show podman events
  exec        Run a process in a running container
  export      Export container's filesystem contents as a tar archive
  generate    Generate structured data based on containers, pods or volumes.
  healthcheck Manage health checks on containers
  help        Help about any command
  history     Show history of a specified image
  image       Manage images
  images      List images in local storage
  import      Import a tarball to create a filesystem image
  info        Display podman system information
  init        Initialize one or more containers
  inspect     Display the configuration of object denoted by ID
  kill        Kill one or more running containers with a specific signal
  load        Load image(s) from a tar archive
  login       Login to a container registry
  logout      Logout of a container registry
  logs        Fetch the logs of one or more containers
  machine     Manage a virtual machine
  manifest    Manipulate manifest lists and image indexes
  network     Manage networks
  pause       Pause all the processes in one or more containers
  play        Play containers, pods or volumes from a structured file.
  pod         Manage pods
  port        List port mappings or a specific mapping for the container
  ps          List containers
  pull        Pull an image from a registry
  push        Push an image to a specified destination
  rename      Rename an existing container
  restart     Restart one or more containers
  rm          Remove one or more containers
  rmi         Removes one or more images from local storage
  run         Run a command in a new container
  save        Save image(s) to an archive
  search      Search registry for image
  secret      Manage secrets
  start       Start one or more containers
  stats       Display a live stream of container resource usage statistics
  stop        Stop one or more containers
  system      Manage podman
  tag         Add an additional name to a local image
  top         Display the running processes of a container
  unpause     Unpause the processes in one or more containers
  untag       Remove a name from a local image
  version     Display the Podman Version Information
  volume      Manage volumes
  wait        Block on one or more containers

Options:
  -c, --connection string   Connection to use for remote Podman service
      --help                Help for podman
      --identity string     path to SSH identity file, (CONTAINER_SSHKEY)
      --log-level string    Log messages above specified level (trace, debug, info, warn, warning, error, fatal, panic) (default "warn")
      --url string          URL to access Podman service (CONTAINER_HOST) (default "unix:/var/folders/ql/nw5zyrg905z78mq4kwmq1lg00000gn/T/podman-run--1/podman/podman.sock")
  -v, --version             version for podman

配置

镜像

  • $HOME/.config/containers/registries.conf
unqualified-search-registries = ['docker.io', 'k8s.gcr.io', 'quay.io']

[[registry]]
prefix = "docker.io"
location = "hub-mirror.c.163.com"

[[registry.mirror]]
prefix = "docker.io"
location = "dockerhub.azk8s.cn"

[[registry]]
prefix = "k8s.gcr.io"
location = "gcr.azk8s.cn/google_containers"

[[registry]]
prefix = "quay.io"
location = "quay.azk8s.cn"

启动 Podman-managed VM

Mac 中需要在虚拟机中启动 podman

podman-machine--help
$ podman machine --help
Manage a virtual machine

Description:
  Manage a virtual machine. Virtual machines are used to run Podman.

Usage:
  podman machine [command]

Available Commands:
  init        Initialize a virtual machine
  list        List machines
  rm          Remove an existing machine
  ssh         SSH into an existing machine
  start       Start an existing machine
  stop        Stop an existing machine

启动 Podman-managed VM

# 下载 fedora-coreos-xxx-qemu.x86_64.qcow2.xz,并启动
podman machine init
podman machine start

# info
podman info
$ podman machine list
NAME                     VM TYPE     CREATED         LAST UP
podman-machine-default*  qemu        10 minutes ago  12 seconds ago
$ podman machine stop
$ podman machine start podman-machine-default
Waiting for VM ...
$ podman machine ssh podman-machine-default

使用

镜像

  • 拉取 docker 镜像
$ podman pull alpine
$ podman pull
$ podman pull centos:7
Resolved "centos" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull quay.io/centos/centos:7...
Getting image source signatures
Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc
Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc
Copying config sha256:8652b9f0cb4c0599575e5a003f5906876e10c1ceb2ab9fe1786712dac14a50cf
Writing manifest to image destination
Storing signatures
8652b9f0cb4c0599575e5a003f5906876e10c1ceb2ab9fe1786712dac14a50cf
podman run -it -d --name git \
-v /Users/xiexianbin/work/code/github.com/KiwiNetworkOrg:/data \
centos:7

由于 Podman 的命令和 Docker 很类似,参考:Docker Client

FAQ

获取镜像异常

  • 错误日志
$ podman pull centos:7
{
Error: failed to parse "X-Registry-Auth" header for /v3.2.3/libpod/images/pull?alltags=false&arch=&authfile=&os=&password=&policy=always&quiet=false&reference=centos%3A7&username=&variant=: error storing credentials in temporary auth file (server: "https://index.docker.io/v1/", user: ""): key https://index.docker.io/v1/ contains http[s]:// prefix
  • 解决方法

删除 ~/.docker/config.jsonauths 中的内容为:"auths": {}

Home Archives Categories Tags Statistics
本文总阅读量 次 本站总访问量 次 本站总访客数