Podman(Pod Manager tool)
是一个开源的容器项目,它可以管理和运行任何符合 OCI(Open Container Initiative)
规范的容器和镜像
什么是Podman
- 可以跨平台使用,支持大多数 Linux、Mac、Windows
- Podman 运行不需要守护进程,并可以在非
root
权限下运行
- Podman 与 Docker 功能相似,并兼容 Docker Cli (约 85%+ 的命令是相似的),可以管理 Docker 镜像,也可以配置
alias docker=podman
使用 docker
命令
安装 Remote Client
sudo yum -y install podman
brew install podman
brew link podman
Help
$ podman --help
Manage pods, containers and images
Usage:
podman [options] [command]
Available Commands:
attach Attach to a running container
build Build an image using instructions from Containerfiles
commit Create new image based on the changed container
container Manage containers
cp Copy files/folders between a container and the local filesystem
create Create but do not start a container
diff Display the changes to the object's file system
events Show podman events
exec Run a process in a running container
export Export container's filesystem contents as a tar archive
generate Generate structured data based on containers, pods or volumes.
healthcheck Manage health checks on containers
help Help about any command
history Show history of a specified image
image Manage images
images List images in local storage
import Import a tarball to create a filesystem image
info Display podman system information
init Initialize one or more containers
inspect Display the configuration of object denoted by ID
kill Kill one or more running containers with a specific signal
load Load image(s) from a tar archive
login Login to a container registry
logout Logout of a container registry
logs Fetch the logs of one or more containers
machine Manage a virtual machine
manifest Manipulate manifest lists and image indexes
network Manage networks
pause Pause all the processes in one or more containers
play Play containers, pods or volumes from a structured file.
pod Manage pods
port List port mappings or a specific mapping for the container
ps List containers
pull Pull an image from a registry
push Push an image to a specified destination
rename Rename an existing container
restart Restart one or more containers
rm Remove one or more containers
rmi Removes one or more images from local storage
run Run a command in a new container
save Save image(s) to an archive
search Search registry for image
secret Manage secrets
start Start one or more containers
stats Display a live stream of container resource usage statistics
stop Stop one or more containers
system Manage podman
tag Add an additional name to a local image
top Display the running processes of a container
unpause Unpause the processes in one or more containers
untag Remove a name from a local image
version Display the Podman Version Information
volume Manage volumes
wait Block on one or more containers
Options:
-c, --connection string Connection to use for remote Podman service
--help Help for podman
--identity string path to SSH identity file, (CONTAINER_SSHKEY)
--log-level string Log messages above specified level (trace, debug, info, warn, warning, error, fatal, panic) (default "warn")
--url string URL to access Podman service (CONTAINER_HOST) (default "unix:/var/folders/ql/nw5zyrg905z78mq4kwmq1lg00000gn/T/podman-run--1/podman/podman.sock")
-v, --version version for podman
配置
镜像
- $HOME/.config/containers/registries.conf
unqualified-search-registries = ['docker.io', 'k8s.gcr.io', 'quay.io']
[[registry]]
prefix = "docker.io"
location = "hub-mirror.c.163.com"
[[registry.mirror]]
prefix = "docker.io"
location = "dockerhub.azk8s.cn"
[[registry]]
prefix = "k8s.gcr.io"
location = "gcr.azk8s.cn/google_containers"
[[registry]]
prefix = "quay.io"
location = "quay.azk8s.cn"
启动 Podman-managed VM
Mac 中需要在虚拟机中启动 podman
。
$ podman machine --help
Manage a virtual machine
Description:
Manage a virtual machine. Virtual machines are used to run Podman.
Usage:
podman machine [command]
Available Commands:
init Initialize a virtual machine
list List machines
rm Remove an existing machine
ssh SSH into an existing machine
start Start an existing machine
stop Stop an existing machine
启动 Podman-managed VM
:
# 下载 fedora-coreos-xxx-qemu.x86_64.qcow2.xz,并启动
podman machine init
podman machine start
# info
podman info
$ podman machine list
NAME VM TYPE CREATED LAST UP
podman-machine-default* qemu 10 minutes ago 12 seconds ago
$ podman machine stop
$ podman machine start podman-machine-default
Waiting for VM ...
$ podman machine ssh podman-machine-default
使用
镜像
$ podman pull alpine
$ podman pull
$ podman pull centos:7
Resolved "centos" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull quay.io/centos/centos:7...
Getting image source signatures
Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc
Copying blob sha256:2d473b07cdd5f0912cd6f1a703352c82b512407db6b05b43f2553732b55df3bc
Copying config sha256:8652b9f0cb4c0599575e5a003f5906876e10c1ceb2ab9fe1786712dac14a50cf
Writing manifest to image destination
Storing signatures
8652b9f0cb4c0599575e5a003f5906876e10c1ceb2ab9fe1786712dac14a50cf
podman run -it -d --name git \
-v /Users/xiexianbin/work/code/github.com/KiwiNetworkOrg:/data \
centos:7
由于 Podman
的命令和 Docker
很类似,参考:Docker Client
FAQ
获取镜像异常
$ podman pull centos:7
{
Error: failed to parse "X-Registry-Auth" header for /v3.2.3/libpod/images/pull?alltags=false&arch=&authfile=&os=&password=&policy=always&quiet=false&reference=centos%3A7&username=&variant=: error storing credentials in temporary auth file (server: "https://index.docker.io/v1/", user: ""): key https://index.docker.io/v1/ contains http[s]:// prefix
删除 ~/.docker/config.json
中 auths
中的内容为:"auths": {}