podman容器开机自启(root用户与普通用户)
2024-04-12 05:24:00
文章目录
- podman容器开机自启(root用户与普通用户)
- 1.运行容器
- 2.配置开机自启动文件
- 3.重新加载并启动查看
- 4.podman普通用户的使用
- 5.podman网络设置
- 6.podman网络管理
podman容器开机自启(root用户与普通用户)
1.运行容器
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest f652ca386ed1 13 days ago 146 MB
[root@localhost ~]# podman run -d --name nginx -p 1314:80 f652ca386ed1
c3869a4f0282c9492a0c35daed7af24d7eb7857c040d0b89a46fecdeb8c33c3f
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c3869a4f0282 docker.io/library/nginx:latest nginx -g daemon o... 9 seconds ago Up 10 seconds ago 0.0.0.0:1314->80/tcp nginx
[root@localhost ~]#
2.配置开机自启动文件
[root@localhost ~]# cat /etc/systemd/system/nginx_conteainer.service
[Unit]
Description=Podman Nginx Service
After=network.target
After=network-online.target[Service]
Type=simple
ExecStart=/usr/bin/podman start -a nginx
ExecStop=/usr/bin/podman stop -t 10 nginx
Restart=always[Install]
WantedBy=multi-user.target
[root@localhost ~]#
3.重新加载并启动查看
[root@localhost ~]# systemctl daemon-reload
[root@localhost ~]# systemctl enable --now nginx_conteainer.service
Created symlink /etc/systemd/system/multi-user.target.wants/nginx_conteainer.service → /etc/systemd/system/nginx_conteainer.service.
[root@localhost ~]# systemctl status nginx_conteainer.service
● nginx_conteainer.service - Podman Nginx ServiceLoaded: loaded (/etc/systemd/system/nginx_conteainer.service; enabled; vendor preset: disabled)Active: active (running) since Wed 2021-12-15 06:19:09 EST; 54s agoMain PID: 2648 (podman)Tasks: 6 (limit: 4743)Memory: 21.7MCGroup: /system.slice/nginx_conteainer.service└─2648 /usr/bin/podman start -a nginx12月 15 06:19:09 localhost.localdomain systemd[1]: Started Podman Nginx Service.
[root@localhost ~]#
4.podman普通用户的使用
用户切换
[root@localhost ~]# useradd shuaige
[root@localhost ~]# id shuaige
uid=1000(shuaige) gid=1000(shuaige) 组=1000(shuaige)
[root@localhost ~]# su - shuaige
[shuaige@localhost ~]$
拉取镜像
[shuaige@localhost ~]$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
[shuaige@localhost ~]$ podman pull nginx
✔ docker.io/library/nginx:latest
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob e5ae68f74026 done
Copying blob 77700c52c969 done
Copying blob 881ff011f1c9 done
Copying blob 21e0df283cd6 done
Copying blob 44be98c0fab6 done
Copying blob ed835de16acd done
Copying config f652ca386e done
Writing manifest to image destination
Storing signatures
f652ca386ed135a4cbe356333e08ef0816f81b2ac8d0619af01e2b256837ed3e
[shuaige@localhost ~]$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest f652ca386ed1 13 days ago 146 MB
[shuaige@localhost ~]$
启动容器
[shuaige@localhost ~]$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest f652ca386ed1 13 days ago 146 MB
[shuaige@localhost ~]$ podman run -d --name nginx1 f652ca386ed1
7719240f82c4ce0de783191283b714752a37ceac6367bd735ec23c3662d78442
[shuaige@localhost ~]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
6faf5d5d5f88 docker.io/library/nginx:latest nginx -g daemon o... About a minute ago Created 0.0.0.0:1314->80/tcp nginx
7719240f82c4 docker.io/library/nginx:latest nginx -g daemon o... 4 seconds ago Up 4 seconds ago nginx1
[shuaige@localhost ~]$
生成配置文件
[shuaige@localhost ~]$ mkdir -p .config/systemd/sb
[shuaige@localhost ~]$ cd .config/systemd/sb/
[shuaige@localhost sb]$ podman generate systemd --files --name nginx
/home/shuaige/.config/systemd/sb/container-nginx.service
[shuaige@localhost sb]$ cat container-nginx.service
# container-nginx.service
# autogenerated by Podman 3.4.1-dev
# Wed Dec 15 06:25:39 EST 2021[Unit]
Description=Podman container-nginx.service
Documentation=man:podman-generate-systemd(1)
Wants=network-online.target
After=network-online.target
RequiresMountsFor=/tmp/podman-run-1000/containers[Service]
Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70
ExecStart=/usr/bin/podman start nginx
ExecStop=/usr/bin/podman stop -t 10 nginx
ExecStopPost=/usr/bin/podman stop -t 10 nginx
PIDFile=/tmp/podman-run-1000/containers/overlay-containers/6faf5d5d5f88d3cf44e9bee36e03c3cb5f8808c22d8e3d82524acd7470a3f759/userdata/conmon.pid
Type=forking[Install]
WantedBy=multi-user.target default.target
[shuaige@localhost sb]$
给刚刚创建的用户设置密码
[root@localhost ~]# passwd shuaige
更改用户 shuaige 的密码 。
新的 密码:
无效的密码: 密码是一个回文
重新输入新的 密码:
passwd:所有的身份验证令牌已经成功更新。
[root@localhost ~]#
远程连接刚刚创建的shuaige用户
[root@localhost ~]# ssh shuaige@localhost
The authenticity of host 'localhost (::1)' can't be established.
ECDSA key fingerprint is SHA256:oDBGQcnlTFVTQKBmNb4NuYln0Z9TDf2WhJo9gHNvbGs.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
shuaige@localhost's password:
Last login: Wed Dec 15 06:28:18 2021
[shuaige@localhost ~]$
设置开机自启动
[shuaige@localhost sb]$ systemctl --user enable --now container-nginx.service
Created symlink /home/shuaige/.config/systemd/user/multi-user.target.wants/container-nginx.service → /home/shuaige/.config/systemd/sb/container-nginx.service.
Created symlink /home/shuaige/.config/systemd/user/default.target.wants/container-nginx.service → /home/shuaige/.config/systemd/sb/container-nginx.service.
[shuaige@localhost sb]$ systemctl --user status container-nginx.service
● container-nginx.service - Podman container-nginx.serviceLoaded: loaded (/home/shuaige/.config/systemd/sb/container-nginx.service; enabled; vendor preset: enabled)Active: active (running) since Wed 2021-12-15 07:25:24 EST; 3min 24s agoDocs: man:podman-generate-systemd(1)Main PID: 7978 (conmon)CGroup: /user.slice/user-1000.slice/user@1000.service/container-nginx.service├─7972 /usr/bin/slirp4netns --disable-host-loopback --mtu=65520 --enable-sandbox --enable-seccomp -c -e 3 -r 4 --netns>├─7975 /usr/bin/fuse-overlayfs -o ,lowerdir=/home/shuaige/.local/share/containers/storage/overlay/l/UBB5BCEQLHQ2G7RFOR>├─7978 /usr/bin/conmon --api-version 1 -c 7ed9063a90a9c3b48096ee8fcec60e799c6103fb8fe8ae9226bf8e7d5eee1591 -u 7ed9063a>├─7981 nginx: master process nginx -g daemon off;└─8000 nginx: worker process
lines 1-11/11 (END)
5.podman网络设置
指定网络并运行一个容器
创建podman2网络
[root@localhost ~]# podman network create podman2
/etc/cni/net.d/podman2.conflist
[root@localhost ~]#
–subnet指定subnet创建网络
podman network create --sunet 网段 创建的网络名
[root@localhost ~]# podman network create --subnet 192.6.0.0/16 newnet
/etc/cni/net.d/newnet.conflist
[root@localhost ~]#
–gateway 指定网关
podman network create --subnet 网段 --gateway 网关地址 newnet1
[root@localhost ~]# podman network create --subnet 192.168.13.0/24 --gateway 192.168.13.2 newnet1
/etc/cni/net.d/newnet1.conflist
[root@localhost ~]#
–ip-range 指定ip起始地址
[root@localhost ~]# podman network create --subnet 192.168.14.0/24 --ip-range 192.168.14.13/25 newnet2
/etc/cni/net.d/newnet2.conflist
[root@localhost ~]#
查看刚刚创建的网络
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
使用刚刚创建的网络,并运行一个容器
格式: podman run --name 容器名 --network 网络名称 镜像名
[root@localhost ~]# podman run -dt --name nginx2 --network podman2 nginx:latest
b926e6a2a1b16b8275fa59813d30139c03ab6678933219fd551acc7105e8c742
[root@localhost ~]#
查看改容器的网络IP
[root@localhost ~]# podman inspect nginx | grep IP"IPAddress": "10.88.0.3","IPPrefixLen": 16,"IPv6Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"LinkLocalIPv6Address": "","LinkLocalIPv6PrefixLen": 0,"IPAddress": "10.88.0.3","IPPrefixLen": 16,"IPv6Gateway": "","GlobalIPv6Address": "","GlobalIPv6PrefixLen": 0,"IPAMConfig": null,
[root@localhost ~]#
6.podman网络管理
注意:启动一个容器后,会出现cni-poman0网卡,容器启动时,默认会连接podman网络
[root@localhost ~]# ip a show cni-podman0
3: cni-podman0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000link/ether ae:fa:0b:90:77:8e brd ff:ff:ff:ff:ff:ffinet 10.88.0.1/16 brd 10.88.255.255 scope global cni-podman0valid_lft forever preferred_lft foreverinet6 fe80::acfa:bff:fe90:778e/64 scope link valid_lft forever preferred_lft forever
[root@localhost ~]#
查看容器网路
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
断开网络(disconnect)
[root@localhost ~]# podman network disconnect podman2 nginx2
[root@localhost ~]#
重启容器网络(reload)
[root@localhost ~]# podman network reload nginx2
b926e6a2a1b16b8275fa59813d30139c03ab6678933219fd551acc7105e8c742
[root@localhost ~]#
删除podman网络(rm)
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]# podman network rm newnet1 newnet2
newnet1
newnet2
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
podman容器开机自启(root用户与普通用户)相关推荐
- docker mysql开机自启动_Docker学习4-学会如何让容器开机自启服务【坑】
前言 小龙亲测重启服务器后 docker 容器没跑起来,相信有不少小伙伴在用docker部署容器的时候也发现每次开机服务就没有自启了,需要手动去执行把容器服务开启起来,但有没有可以让它开机自启呢?显然 ...
- docker mysql开机自启动_Docker 学会让容器开机自启服务
广深小龙亲测重启服务器后 docker 容器没跑起来,相信有不少小伙伴在用 docker 部署容器的时候也发现每次开机服务就没有自启了,需要手动去执行把容器服务开启起来,但有没有可以让它开机自启呢?显 ...
- podman容器的开机自启
podman容器的开机自启 [root@cxr ~]# podman pull busybox Resolved "busybox" as an alias (/etc/conta ...
- podman 开机自启
一,配置加速器 [root@localhost ~]# vim /etc/containers/registries.confunqualified-search-registries = [&quo ...
- Docker、Podman 容器“扫盲“ 学习笔记【与云原生的故事】
[摘要] 笔记内容:由理论和具体docker常用操作构成.这篇博文笔记的定位是:温习,查阅,不适合新手学习.你拥有青春的时候,就要感受它,不要虚掷你的黄金时代,不要去倾听... 写在前面 笔记内容:由 ...
- Docker、Podman 容器“扫盲“ 学习笔记
写在前面 之前只是做毕业设计时,接触一点,用DockFile在阿里云上部署了毕设.后来docker端口问题,机器被植入木马,拉去挖矿,cup天天爆满,百度半天删了好多文件不管用,后来恢复镜像了,之后在 ...
- podman设置开机启动
查看httpd状态 [root@nextcloud ~]# systemctl status httpd ● httpd.service - The Apache HTTP ServerLoaded: ...
- Inno Setup打包实现安装自启和开机自启
本文章主要介绍下,如何使用Inno Setup制作一个可以安装自启和开机自启的安装包. 直接贴下打包脚本 #define MyAppName "自启动安装测试包"[setup]; ...
- Win11系统怎么禁止OneDrive开机自启操作分享
Win11系统怎么禁止OneDrive开机自启操作分享.有用户不需要使用win11系统自带的OneDrive软件,想要将它进行开机禁止启动.因为这个软件每次开机的时候都会自动启动,占用了我们的运行内存 ...
最新文章
- 我的天,你工作5年了,连Java agent都不知道...
- 机器视觉------- SciSmart图像定位-ROI校正算法
- 支持国内版Office 365的PowerShell模块现已发布
- 论如何寻找万一的川财证券开户渠道
- CVPR 2021 双目图像压缩最新进展
- StringBuffer类的说明
- 动态添加JavaScript
- Apache Jserv protocol
- Mongodb -(3) replica set+sharding
- php输入多少数值自动乘,报表数据填报中的自动计算
- 多次字符串相加一定要用StringBuilder而不用 + 吗?
- 网上购物系统问题陈述、词汇表与领域类图
- (10万+浏览量)语句覆盖、条件覆盖(分支覆盖)、判定覆盖、条件-判定覆盖、组合覆盖、路径覆盖 的区别
- docker 安装完成后测试hello-world出现问题(Unable to find image 'hello-world:latest' locally)
- 微信公众平台订阅号、服务号和企业号三者之间的区别与联系
- 中国人为什么这么爱面子?
- 【小5聊】winform窗体之最小化事件捕捉以及最小化到任务栏功能
- calendar -- 日历相关│Python标准库
- Shiro-Principal
- 差分隐私(Differential Privacy)