Centos8安装podman,自定义修改镜像,保存本地容器到私有仓库 |
| 发表者:admin分类:云计算容器2019-10-12 21:38:25 阅读[3640] |
Centos8安装podman,自定义修改镜像,保存本地容器为镜像,上传本地镜像到私有仓库
podman是一个用于处理容器的开源Linux工具。RHEL8开始,系统中的容器已经更换成podman。
我这里系统是centos8,下载好centos8_boot.iso后,找个国内源的地址,开始通过网络下载基础软件包,来安装centos8.具体就不说了。
然后在系统中安装了podman 容器,想装docker,也找不到软件包。
本次测试,就是将镜像中的tomcat7为基础镜像,修改镜像后,运行镜像后,修改运行的容器,然后修改容器配置,
再将运行中的容器,保存了为本地镜像,最后将本地镜像上传到私有仓库中。
刚开始在网上找了一些文章,毛病多,全是坑。
这里我自己整理下,其它很简单。
podman的命令说明与实例说明,请看这里 https://www.mankier.com/1/podman-push
https://www.mankier.com/package/podman-manpages 非常有用。
[root@k8s ~]# dnf -y install podman
[root@k8s ~]# yum module install -y container-tools
安装podman工具很简单,其它软件包会自动安装。
这里我先搭建个私有仓库,可参考这里 https://www.micoder.cc/blog/2148.html
将下面的命令docker 换成podman
[root@k8s ~]# docker pull webhippie/registry
Using default tag: latest
Trying to pull repository docker.io/webhippie/registry ...
latest: Pulling from docker.io/webhippie/registry
b8141ae1f663: Pull complete
13567e09b640: Pull complete
aaeefa8fabe4: Pull complete
b83abbbdca23: Pull complete
2314799e1038: Pull complete
4fc129cc61df: Pull complete
44b981355f00: Pull complete
e04c698eb149: Pull complete
401e5b270728: Pull complete
Digest: sha256:bba865b672c066f0276725f8c617bf824fbade6ec59764143b4e68919e4f3a80
Status: Downloaded newer image for docker.io/webhippie/registry:latest
运行docker私有仓库
[root@k8s ~]# docker run -d -v /registry:/var/lib/registry -p 5000:5000 --privileged=true --name registry webhippie/registry:latest
8e91fd9ab3c7801792c7e3e6388021f93989872d545754faf9b21afea6135d58
docker容器的命令,一些参数,podman并不支持。
下面对这条命令的部分内容做下说明。
/registry表示宿主机目录,该目录如果不存在会自动创建。这里podman 不会创建,需要手工创建一个目录。
docker -v 宿主机目录:容器目录
在网上看到的解释:
把宿主机的目录挂载到容器中或者
把docker 容器中某目录的数据 加载到 宿主机的某个目录
这样做的目的是为了防止docker私有仓库这个容器被删除时,仓库里的镜像也会被删除。
3.在客户端制作镜像
[root@k8s ~]# podman search tomcat[root@k8s ~]# podman pull docker.io/consol/tomcat-7.0
拉取基础镜像包,这里以tomcat7为例。
[root@k8s ~]# podman run -d -p 8080:8080 --name tomcat7-8080 docker.io/consol/tomcat-7.0
创建一个容器,外部访问端口8080,tomcat的web登陆账号与密码都是admin,
我这里就将密码修改成92ctocom为例。
[root@k8s ~]# podman exec tomcat7-8080 sed -i 's/password="admin"/password="tomcatpwd"/g' /opt/tomcat/conf/tomcat-users.xml
找到运行容器中的配置文件然后再修改,然后就可以将运行中的容器实例名,保存为本地镜像。
[root@k8s ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
42c6d6ff7c0a docker.io/library/registry:latest /entrypoint.sh /e... About an hour ago Up About an hour ago 0.0.0.0:5000->5000/tcp registry
384c06d11e1e docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... About an hour ago Up About an hour ago 0.0.0.0:8080->8080/tcp tomcat7-8080
dccb2b8b6102 docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... 2 hours ago Up 2 hours ago 0.0.0.0:8088->8080/tcp tomcat7-8088
保存容器为本地镜像。
[root@k8s ~]# podman commit dccb2b8b6102 tomcat7-admin:v1
Getting image source signatures
Skipping blob c5cc83103be7 (already present): 124.93 MiB / 124.93 MiB [=====] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 55aabb022b6a (already present): 43.13 MiB / 43.13 MiB [=======] 1s
Skipping blob 34ab461be6c6 (already present): 120.44 MiB / 120.44 MiB [=====] 1s
Skipping blob c900a3fbdb49 (already present): 801.00 KiB / 801.00 KiB [=====] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 78b32d65e0a5 (already present): 286.33 MiB / 286.33 MiB [=====] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 0bab0fa4ed5a (already present): 3.50 KiB / 3.50 KiB [=========] 1s
Skipping blob 14c44f9f4a1a (already present): 404.50 KiB / 404.50 KiB [=====] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob d1a571b7eec9 (already present): 13.46 MiB / 13.46 MiB [=======] 1s
Skipping blob 9e5189be98a8 (already present): 5.00 KiB / 5.00 KiB [=========] 1s
Skipping blob 936f772feac2 (already present): 3.00 KiB / 3.00 KiB [=========] 1s
Skipping blob 89607351ec26 (already present): 3.50 KiB / 3.50 KiB [=========] 1s
Skipping blob ee3d91310d77 (already present): 3.50 KiB / 3.50 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [=========] 1s
Copying blob 38cdb17ab8ca: 44.89 MiB / 44.89 MiB [==========================] 1s
Copying config 9dda8f0be965: 7.47 KiB / 7.47 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
9dda8f0be965ae6459be647bba76999846a67b25a9a133c21a1b72bf57af6360
查看镜像文件可发现已经多了一个本地的。
[root@k8s ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/tomcat7-admin v1 9dda8f0be965 About an hour ago 665 MB
daocloud.io/library/nginx latest 98ebf73aba75 2 months ago 113 MB
docker.io/library/registry latest f32a97de94e1 7 months ago 26.4 MB
docker.io/0809/centos7.6 latest d9ccaf2d05a5 9 months ago 507 MB
docker.io/4kerccc/centos6.9-ssh latest 71a9706d72f8 19 months ago 562 MB
docker.io/consol/tomcat-7.0 latest 7c34bafd1150 4 years ago 618 MB
最后可以本地上传到私有仓库。
[root@k8s ~]# docker push tomcat7-admin:v1 docker://127.0.0.1:5000/tomcat7-admin:v1
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
Getting image source signatures
Copying blob c5cc83103be7: 124.93 MiB / 124.93 MiB [=======================] 53s
Copying blob 5f70bf18a086: 1.00 KiB / 1.00 KiB [===========================] 53s
Copying blob 55aabb022b6a: 43.13 MiB / 43.13 MiB [=========================] 53s
Copying blob 34ab461be6c6: 120.44 MiB / 120.44 MiB [=======================] 53s
Copying blob c900a3fbdb49: 801.00 KiB / 801.00 KiB [=======================] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Copying blob 78b32d65e0a5: 286.33 MiB / 286.33 MiB [=======================] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Copying blob 0bab0fa4ed5a: 3.50 KiB / 3.50 KiB [===========================] 53s
Copying blob 14c44f9f4a1a: 404.50 KiB / 404.50 KiB [=======================] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Copying blob d1a571b7eec9: 13.46 MiB / 13.46 MiB [=========================] 53s
Copying blob 9e5189be98a8: 5.00 KiB / 5.00 KiB [===========================] 53s
Copying blob 936f772feac2: 3.00 KiB / 3.00 KiB [===========================] 53s
Copying blob 89607351ec26: 3.50 KiB / 3.50 KiB [===========================] 53s
Copying blob ee3d91310d77: 3.50 KiB / 3.50 KiB [===========================] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Skipping blob 5f70bf18a086 (already present): 1.00 KiB / 1.00 KiB [========] 53s
Copying blob 38cdb17ab8ca: 44.89 MiB / 44.89 MiB [=========================] 53s
Copying config 9dda8f0be965: 7.47 KiB / 7.47 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
注意需要修改镜像仓库配置文件, 修改完后,就可以直接运行podman命令,不用重启什么服务或进程 。
podman的镜像在线搜索配置文件在这个目录 里。
[root@k8s ~]# cat /etc/containers/registries.conf
# This is a system-wide configuration file used to
# keep track of registries for various container backends.
# It adheres to TOML format and does not support recursive
# lists of registries.
# The default location for this configuration file is /etc/containers/registries.conf.
# The only valid categories are: 'registries.search', 'registries.insecure',
# and 'registries.block'.
[registries.search]
registries = ['registry.redhat.io', 'quay.io', 'docker.io', 'docker.mirrors.ustc.edu.cn', '127.0.0.1:5000']
# If you need to access insecure registries, add the registry's fully-qualified name.
# An insecure registry is one that does not have a valid SSL certificate or only does HTTP.
[registries.insecure]
registries = ['registry.docker-cn.com', 'hub-mirror.c.163.com', 'docker.mirrors.ustc.edu.cn', '127.0.0.1:5000']
# If you need to block pull access from a registry, uncomment the section below
# and add the registries fully-qualified name.
#
# Docker only
[registries.block]
registries = []
registries.search 为镜像仓库搜索地址,registries.insecure是可以添加仓库信息,只支持http。
测试下,搜索镜像tomcat7-admin,可以发现有本地仓库中的镜像了。
[root@k8s ~]# podman search tomcat7-admin
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
quay.io quay.io/riotkit/uptime-admin-board 0
quay.io quay.io/radiantsolutions/omar-admin-server 0
quay.io quay.io/apollo-technologies/admin-ui 0
quay.io quay.io/app-sre/dedicated-admin-operator main dedicated-admin-operator container 0
quay.io quay.io/basis-company/tarantool-admin tarantool database web gui https://github... 0
quay.io quay.io/unixfox/powerdns-admin Auto build image from the official [PowerDNS... 0
quay.io quay.io/deisci/store-admin 0
quay.io quay.io/app-sre/dedicated-admin-operator-registry dedicated-admin-operator-registry for olm ca... 0
quay.io quay.io/openshift/origin-dedicated-admin-operator 0
quay.io quay.io/blockstack/gaia-admin 0
quay.io quay.io/ortoo/govhub-admin 0
quay.io quay.io/pusher/admin-builder 0
quay.io quay.io/api-platform/admin 0
quay.io quay.io/areafiftylan/lancie-admin 0
quay.io quay.io/radanalyticsio/spark-operator # spark-operator [: 51.91 MiB / 51.91 MiB [=======] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 98ef328273d8 (already present): 19.02 MiB / 19.02 MiB [=======] 0s
Skipping blob 6f7e6e3bae28 (already present): 43.20 MiB / 43.20 MiB [=======] 0s
Skipping blob 22a6f272225c (already present): 313.98 KiB / 313.98 KiB [=====] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 610ce59e53a3 (already present): 139.49 MiB / 139.49 MiB [=====] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 0ef986dc1b03 (already present): 620 B / 620 B [===============] 0s
Skipping blob f239a7259385 (already present): 372.22 KiB / 372.22 KiB [=====] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 516180a32e41 (already present): 8.67 MiB / 8.67 MiB [=========] 0s
Skipping blob 72617fc26f47 (already present): 1.00 KiB / 1.00 KiB [=========] 0s
Skipping blob dbab78b616c1 (already present): 227 B / 227 B [===============] 0s
Skipping blob ec3020067a5a (already present): 508 B / 508 B [===============] 0s
Skipping blob a0781f095372 (already present): 235 B / 235 B [===============] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Skipping blob 1dbcab28ce46 (already present): 48 B / 48 B [=================] 0s
Copying blob 50d89525fb69: 37.39 MiB / 37.39 MiB [==========================] 0s
Copying config 9dda8f0be965: 7.47 KiB / 7.47 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
9dda8f0be965ae6459be647bba76999846a67b25a9a133c21a1b72bf57af6360
再次查看本机镜像信息。
[root@k8s ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
127.0.0.1:5000/tomcat7-admin v1 9dda8f0be965 About an hour ago 665 MB
daocloud.io/library/nginx latest 98ebf73aba75 2 months ago 113 MB
docker.io/library/registry latest f32a97de94e1 7 months ago 26.4 MB
docker.io/0809/centos7.6 latest d9ccaf2d05a5 9 months ago 507 MB
docker.io/4kerccc/centos6.9-ssh latest 71a9706d72f8 19 months ago 562 MB
docker.io/consol/tomcat-7.0 latest 7c34bafd1150 4 years ago 618 MB
[root@k8s ~]#
[root@k8s ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
42c6d6ff7c0a docker.io/library/registry:latest /entrypoint.sh /e... 2 hours ago Up 2 hours ago 0.0.0.0:5000->5000/tcp registry
384c06d11e1e docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... 2 hours ago Up 2 hours ago 0.0.0.0:8080->8080/tcp tomcat7-8080
dccb2b8b6102 docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... 2 hours ago Up 2 hours ago 0.0.0.0:8088->8080/tcp tomcat7-8088
[root@k8s ~]#
运行容器,将容器实例的外网端口8099打开,转到容器tomcat内网的8080端口 。
[root@k8s ~]# podman run -d -p 8099:8080 --name tomcat7-8099 127.0.0.1:5000/tomcat7-admin
Trying to pull 127.0.0.1:5000/tomcat7-admin...Failed
unable to pull 127.0.0.1:5000/tomcat7-admin: unable to pull image: Error determining manifest MIME type for docker://127.0.0.1:5000/tomcat7-admin:latest: Error reading manifest latest in 127.0.0.1:5000/tomcat7-admin: manifest unknown: manifest unknown
[root@k8s ~]# podman run -d -p 8099:8080 --name tomcat7-8099 127.0.0.1:5000/tomcat7-admin:v1
3bd3a4901a2d917e373565a30de68f02f1804a2a8e88828036bf6098a4e63c69
[root@k8s ~]#
[root@k8s ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3bd3a4901a2d 127.0.0.1:5000/tomcat7-admin:v1 /bin/sh -c /opt/t... 12 seconds ago Up 10 seconds ago 0.0.0.0:8099->8080/tcp tomcat7-8099
42c6d6ff7c0a docker.io/library/registry:latest /entrypoint.sh /e... 2 hours ago Up 2 hours ago 0.0.0.0:5000->5000/tcp registry
384c06d11e1e docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... 2 hours ago Up 2 hours ago 0.0.0.0:8080->8080/tcp tomcat7-8080
dccb2b8b6102 docker.io/consol/tomcat-7.0:latest /bin/sh -c /opt/t... 2 hours ago Up 2 hours ago 0.0.0.0:8088->8080/tcp tomcat7-8088
测试容器实例的外网端口,访问正常。
[root@k8s ~]# curl -I 127.0.0.1:8099
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Sat, 12 Oct 2019 13:57:04 GMT
使用firefox找开地址: http://192.168.137.18:8099/manager/html
输入账号admin 密码为修改过的tomcatpwd,测试登陆正常。
并且tomat中新部署的WAR包实例也在tomcat里面。
转载请标明出处【Centos8安装podman,自定义修改镜像,保存本地容器到私有仓库】。
《www.micoder.cc》
虚拟化云计算,系统运维,安全技术服务.
| Tags: | [阅读全文...] |
最新评论