This document provides instructions on managing containers using tools like podman and skopeo on Red Hat Enterprise Linux 8. It covers objectives like searching and pulling container images, running containers, configuring containers to start at boot, and running containers as non-root users. Specifically, it includes steps to download and run an Apache web server container, configure it as a systemd service, pull and run a MariaDB database container, and run a rootless container as a regular user.
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Mihai Criveti
Friday Brunch - a Kubernetes Story - Day 2: Build containers with Buildah, Skopeo and Quay.io https://www.youtube.com/watch?v=ygJrzMIZiWQ
In this workshop you'll learn how to build and manage containers, publish images to Quay, then install and deploy containers onto OpenShift.
Experience new tools to build, manage and deploy containerized applications following best practices. Learn how to build containers locally with podman, skopeo and buildah, publish and scan containers for vulnerabilities - and deploy containerized applications locally or on cloud using Kubernetes and OpenShift!
Mihai will take you through the process of:
Day 1 = Build: Building and running container images locally with podman, skopeo and buildah. Building containers for years or just getting started? Check out these new tools that help you build and run containers locally, and how they can help you get started with Kubernetes and OpenShift.
Learn some of the best practices on how you can build containers that run as regular users and how to automate the container build process using buildah. Learn about the Universal Base Image and how you can start your image builds from a known, trusted source.
and then over the next two Fridays the story will evolve as follows...
Day 2 = Publish: Publishing container images to quay.io and scanning containers for vulnerabilities and container best practices
Day 3 = Deploy: Getting started with OpenShift using CodeReady Containers or OKD and deploying containers on a Kubernetes Platform (Red Hat OpenShift / OKD / CRC)
Kubernetes Story - Day 1: Build and Manage Containers with PodmanMihai Criveti
OpenShift Workshop Day 1: https://www.youtube.com/watch?v=3IuaZu8-fsY - Build and Manage Containers with Podman
In this workshop you'll learn how to build and manage containers, publish images to Quay, then install and deploy containers onto OpenShift.
In addition to authorization policies that control what a user can do, OpenShift Container Platform gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting pods and securing their cluster.
Default security context may be too restrictive for containers pulled down from DockerHub, thorugh this talk we'll explore the various steps to execute for enabling required permissions on selected OpenShift's pods.
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Mihai Criveti
Friday Brunch - a Kubernetes Story - Day 2: Build containers with Buildah, Skopeo and Quay.io https://www.youtube.com/watch?v=ygJrzMIZiWQ
In this workshop you'll learn how to build and manage containers, publish images to Quay, then install and deploy containers onto OpenShift.
Experience new tools to build, manage and deploy containerized applications following best practices. Learn how to build containers locally with podman, skopeo and buildah, publish and scan containers for vulnerabilities - and deploy containerized applications locally or on cloud using Kubernetes and OpenShift!
Mihai will take you through the process of:
Day 1 = Build: Building and running container images locally with podman, skopeo and buildah. Building containers for years or just getting started? Check out these new tools that help you build and run containers locally, and how they can help you get started with Kubernetes and OpenShift.
Learn some of the best practices on how you can build containers that run as regular users and how to automate the container build process using buildah. Learn about the Universal Base Image and how you can start your image builds from a known, trusted source.
and then over the next two Fridays the story will evolve as follows...
Day 2 = Publish: Publishing container images to quay.io and scanning containers for vulnerabilities and container best practices
Day 3 = Deploy: Getting started with OpenShift using CodeReady Containers or OKD and deploying containers on a Kubernetes Platform (Red Hat OpenShift / OKD / CRC)
Kubernetes Story - Day 1: Build and Manage Containers with PodmanMihai Criveti
OpenShift Workshop Day 1: https://www.youtube.com/watch?v=3IuaZu8-fsY - Build and Manage Containers with Podman
In this workshop you'll learn how to build and manage containers, publish images to Quay, then install and deploy containers onto OpenShift.
In addition to authorization policies that control what a user can do, OpenShift Container Platform gives its administrators the ability to manage a set of security context constraints (SCCs) for limiting pods and securing their cluster.
Default security context may be too restrictive for containers pulled down from DockerHub, thorugh this talk we'll explore the various steps to execute for enabling required permissions on selected OpenShift's pods.
Docker Essentials Workshop— Innovation Labs July 2020CloudHero
This presentation was the foundation of our Docker Essentials workshop hosted by CloudHero CEO & founder Andrei Manea for the Innovation Labs team on the 23rd of July 2020.
This presentation covers the following topics:
-Getting started with containers
-A bit of history about orchestration
-Introduction to services (what they are, how to create and scale them).
To find out more about this topic, check https://cloudhero.io/
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
In this workshop the basics about container use in the development environment are presented. Then we go further by describing how to leverage containers in the CI server, using Jenkins and Pipelines.
Dockerizing Symfony2 application. Why Docker is so cool And what is Docker? And what are Containers? How they works? What are the ecosystem of Docker? And how to dockerize your web application (can be based on Symfony2 framework)?
"Docker best practice", Станислав Коленкин (senior devops, DataArt)DataArt
Docker best practice
про Docker, лучшие практики в написании Dockerfile, проблемы большого количества слоев (Layers) в images и подходы по оптимизации Layers в images, функционал multi-stage builds, подходы к безопастности контейнеров и Hosts системе, подходы дебагинга и мониторинга.
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Do any VM's contain a particular indicator of compromise? E.g. Run a YARA signature over all executables on my virtual machines and tell me which ones match.
Docker for Developers talk from the San Antonio Web Dev Meetup in Aug 2023
Never used Docker? This is perfect for you!
New to Docker? You'll learn something for sure!
Links included for all slides, code, and examples
Go from no Docker experience to a fully running web app in one slide deck!
Docker introduction.
References : The Docker Book : Containerization is the new virtualization
http://www.amazon.in/Docker-Book-Containerization-new-virtualization-ebook/dp/B00LRROTI4/ref=sr_1_1?ie=UTF8&qid=1422003961&sr=8-1&keywords=docker+book
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Docker Essentials Workshop— Innovation Labs July 2020CloudHero
This presentation was the foundation of our Docker Essentials workshop hosted by CloudHero CEO & founder Andrei Manea for the Innovation Labs team on the 23rd of July 2020.
This presentation covers the following topics:
-Getting started with containers
-A bit of history about orchestration
-Introduction to services (what they are, how to create and scale them).
To find out more about this topic, check https://cloudhero.io/
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
In this workshop the basics about container use in the development environment are presented. Then we go further by describing how to leverage containers in the CI server, using Jenkins and Pipelines.
Dockerizing Symfony2 application. Why Docker is so cool And what is Docker? And what are Containers? How they works? What are the ecosystem of Docker? And how to dockerize your web application (can be based on Symfony2 framework)?
"Docker best practice", Станислав Коленкин (senior devops, DataArt)DataArt
Docker best practice
про Docker, лучшие практики в написании Dockerfile, проблемы большого количества слоев (Layers) в images и подходы по оптимизации Layers в images, функционал multi-stage builds, подходы к безопастности контейнеров и Hosts системе, подходы дебагинга и мониторинга.
Docker is an open-source project to easily create lightweight, portable, self-sufficient containers from any application. The same container that a developer builds and tests on a laptop can run at scale, in production, on VMs, bare metal, OpenStack clusters, public clouds and more.
Do any VM's contain a particular indicator of compromise? E.g. Run a YARA signature over all executables on my virtual machines and tell me which ones match.
Docker for Developers talk from the San Antonio Web Dev Meetup in Aug 2023
Never used Docker? This is perfect for you!
New to Docker? You'll learn something for sure!
Links included for all slides, code, and examples
Go from no Docker experience to a fully running web app in one slide deck!
Docker introduction.
References : The Docker Book : Containerization is the new virtualization
http://www.amazon.in/Docker-Book-Containerization-new-virtualization-ebook/dp/B00LRROTI4/ref=sr_1_1?ie=UTF8&qid=1422003961&sr=8-1&keywords=docker+book
Synthetic Fiber Construction in lab .pptxPavel ( NSTU)
Synthetic fiber production is a fascinating and complex field that blends chemistry, engineering, and environmental science. By understanding these aspects, students can gain a comprehensive view of synthetic fiber production, its impact on society and the environment, and the potential for future innovations. Synthetic fibers play a crucial role in modern society, impacting various aspects of daily life, industry, and the environment. ynthetic fibers are integral to modern life, offering a range of benefits from cost-effectiveness and versatility to innovative applications and performance characteristics. While they pose environmental challenges, ongoing research and development aim to create more sustainable and eco-friendly alternatives. Understanding the importance of synthetic fibers helps in appreciating their role in the economy, industry, and daily life, while also emphasizing the need for sustainable practices and innovation.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
The Roman Empire A Historical Colossus.pdfkaushalkr1407
The Roman Empire, a vast and enduring power, stands as one of history's most remarkable civilizations, leaving an indelible imprint on the world. It emerged from the Roman Republic, transitioning into an imperial powerhouse under the leadership of Augustus Caesar in 27 BCE. This transformation marked the beginning of an era defined by unprecedented territorial expansion, architectural marvels, and profound cultural influence.
The empire's roots lie in the city of Rome, founded, according to legend, by Romulus in 753 BCE. Over centuries, Rome evolved from a small settlement to a formidable republic, characterized by a complex political system with elected officials and checks on power. However, internal strife, class conflicts, and military ambitions paved the way for the end of the Republic. Julius Caesar’s dictatorship and subsequent assassination in 44 BCE created a power vacuum, leading to a civil war. Octavian, later Augustus, emerged victorious, heralding the Roman Empire’s birth.
Under Augustus, the empire experienced the Pax Romana, a 200-year period of relative peace and stability. Augustus reformed the military, established efficient administrative systems, and initiated grand construction projects. The empire's borders expanded, encompassing territories from Britain to Egypt and from Spain to the Euphrates. Roman legions, renowned for their discipline and engineering prowess, secured and maintained these vast territories, building roads, fortifications, and cities that facilitated control and integration.
The Roman Empire’s society was hierarchical, with a rigid class system. At the top were the patricians, wealthy elites who held significant political power. Below them were the plebeians, free citizens with limited political influence, and the vast numbers of slaves who formed the backbone of the economy. The family unit was central, governed by the paterfamilias, the male head who held absolute authority.
Culturally, the Romans were eclectic, absorbing and adapting elements from the civilizations they encountered, particularly the Greeks. Roman art, literature, and philosophy reflected this synthesis, creating a rich cultural tapestry. Latin, the Roman language, became the lingua franca of the Western world, influencing numerous modern languages.
Roman architecture and engineering achievements were monumental. They perfected the arch, vault, and dome, constructing enduring structures like the Colosseum, Pantheon, and aqueducts. These engineering marvels not only showcased Roman ingenuity but also served practical purposes, from public entertainment to water supply.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
The French Revolution, which began in 1789, was a period of radical social and political upheaval in France. It marked the decline of absolute monarchies, the rise of secular and democratic republics, and the eventual rise of Napoleon Bonaparte. This revolutionary period is crucial in understanding the transition from feudalism to modernity in Europe.
For more information, visit-www.vavaclasses.com
2. Objectives
Find and retrieve container images from a remote registry
Inspect container images
Perform container management using commands such as podman and skopeo
Perform basic container management such as running, starting, stopping, and listing running containers
Run a service inside a container
Configure a container to start automatically as a systemd service
Attach persistent storage to a container
PRINCE BAJAJ 2
3. Brief Introduction to Containers
Container is nothing but running code in its own isolated environment. All files , settings, tools and resources needed to run
container are provided through image called container image.
Container is launched from container image and can not exist without image.
Virtual machines are example of virtualization at Infra level, but containers are example of virtualization at OS level. Different
containers running on machine share the same operating system but VM’s don’t.
PRINCE BAJAJ
Infrastructure
Host Operating System
Hypervisor
Infrastructure
Host Operating System
VM VM VM
Container Engine
Container Container Container
OS OS OS APP APP
APP
Layered VM Architecture Layered Container Example
3
4. Docker Engine is example of popular container engine and containers launched by Docker Engine are usually called Docker
containers.
RedHat does not support Docker in RHEL-8 and built its own daemon less tools to manage individual containers, usually called
Linux containers(LXC).
Also RedHat developed OpenShift for multi node deployments to run multiple containers in different groups known as pods.
Red Hat Enterprise Linux implements Linux Containers using core technologies such as Control Groups (Cgroups) for Resource
Management, Namespaces for Process Isolation.
For RHCSA exam, You are expected to know how to manage individual Linux containers using set of tools and you don’t need
to know about Docker Engine and OpenShift Platform.
podman , buildah, skopeo and runc are tools developed by RedHat to manage individual containers. We will mainly discuss
about podman and skopeo which is expected at RHCSA level.
podman : Pod Manager for managing pods and container images.
skopeo : For copying, inspecting, deleting and signing images.
PRINCE BAJAJ 4
5. Searching and Retrieving Container images
To search container images in different container registries ,podman search command line is used.
Now what are container registries ?
A container registry is a collection of repositories made to store container images which is normally located on some remote
server. You can search image in different registries and pull the image to your machine using podman pull command line.
You can find list of registries in /etc/containers/registries.conf config file.
There are there sections in this file :
[registries.search] - By default podman search searches registries defined in this section in given order.
[registries.insecure] - Insecure registries which does not use TLS are added in this section.
[registries.block] - Registries defined in this section are not allowed access from your local system.
As root user, you can edit the file /etc/containers/registries.conf to change system-wide search settings but as regular user you
can create your own registries.conf file in your home directory $HOME/.config/containers/registries.conf to override system wide
settings.
PRINCE BAJAJ 5
6. Installing Container tools and Getting podman help
To work with individual containers, We need to install container tools.
Install container tools with following command:
dnf module install -y container-tools
We can work with containers as root user as well as regular users(rootless users),functionality available form RHEL 8.1. By setting
rootless users, system admin limit potential damage to containers from regular users.
After installing container tools, we will walk through podman man page and help.
Link for RedHat Documentation for Containers :
https://access.redhat.com/documentation/en-
us/red_hat_enterprise_linux/8/html/building_running_and_managing_containers/starting-with-containers_building-running-
and-managing-containers
Note: Practice Containers Objectives on RHEL 8.2 or CentOS 8.2 because on addition of these objectives ,RedHat changed the
exam version to RHEL 8.2.
PRINCE BAJAJ 6
7. Download Apache Web Sever Container image (httpd 2.4) on your System and inspect the container image.
• Check the Exposed ports in container image configurations.
• Authenticate using your RedHat credentials to download image if needed.
PRINCE BAJAJ
PRINCE BAJAJ
Command Action/Description
podman search httpd To search Apache image httpd 2.4 in configured Registries
podman login REGISTRY_PATH Authenticating to download image
podman pull IMAGE_PATH Downloading Container Image
podman inspect --format ‘{{ .Config.ExposedPorts }}’ IMAGE_PATH Displaying Configurations and checking Exposed ports
man podman To display man page for podman
podman pull --help Displaying help for podman pull
7
8. Run the httpd Container in background from image downloaded in previous task.
• Assign name myweb to this container.
• Verify using podman ps if container is running.
• Stop the container and verify again if container is stopped.
• Delete the container and container image.
PRINCE BAJAJ
Command Action/Description
podman run --name myweb -d IMAGE_PATH To run webserver container in background
podman ps Listing running containers
podman stop myweb Stopping container
podman rm myweb Deleting container
podman rmi IMAGE_PATH Deleting container image
8
9. Pull Apache Web server image (httpd 2.4) and run the container with name webserver.
• Configure webserver to display content “Welcome to container-based web server”.
• Port 3333 should be used on host machine to receive http requests.
• Start bash shell in container to verify configurations.
PRINCE BAJAJ
Command Action/Description
podman search httpd Searching httpd 2.4 container image
podman pull IMAGE_PATH Pulling/downloading image to local System
podman inspect IMAGE_PATH Displaying config info contained in Image
podman run --name webserver -d -p 3333:EXPOSED_PORT -v
/var/www/html:ORIG_DATA_PATH IMAGE_PATH
Running container and publishing port(s)
vim /var/www/html/index.html
Welcome to container-based web server
:wq
Creating index.html on host and adding message to be displayed.
podman restart webserver Restarting container webserver
curl http://system.example.com:3333 Verifying if webserver serves index.html
podman run --help Getting help for podman command line
9
10. Configure System to start webserver container at boot as SYSTEMD service.
• Start/enable SYSTEMD service to make sure container will start at boot.
• Reboot System and verify if container is running as expected.
PRINCE BAJAJ
Command Action/Description
podman generate systemd webserver Generating systemd unit file for container
vim /etc/systemd/system/httpd-container.service
#Paste generated systemdd unit file contents here#
:wq
Creating service unit file with name httpd-container.service
systemctl daemon-reload Reloading systemd to make changes effective
systemctl start httpd-container.service Starting httpd-container.service service
systemctl enable httpd-container.service Enabling httpd-container.service service
systemctl status httpd-container.service Displaying status of httpd-container.service service
systemctl reboot Reboot System
systemctl status httpd-container.service Displaying status of httpd-container.service service again to verify
service is Active(running).
man systemd.service To display man page for systemd service units
10
11. Pull Mariadb Server image to your System.
• Run container mariadb from the image and publish Exposed port.
• Set root password for mariadb service as mysql.
• Verify if you can login as root from local host.
PRINCE BAJAJ
Command Action/Description
podman search mariadb Searching mariadb image
podman login REGISTRY_PATH Authenticating to pull image
podman pull REGISTRY_PATH/IMAGE_NAME Downloading image to System
podman inspect IMAGE_PATH Displaying configs inside image e.g. Exposed Ports
podman run --name mariadb -d -p 3306:3306 -e MYSQL_ROOT_PASSWORD=mysql
-v /var/lib/mysql:PREFIX/var/lib/mysql IMAGE_PATH
Running mariadb Container and publishing
Exposed port.
dnf install mysql Installing mysql on System Host
podman inspect --format ‘{{ NetworkSettings.IPAddress }}’ mariadb Listing IP address assigned
mysql -h IPAddress -u root -p Connecting to mariadb database
11
12. Opening Privileges to Host
There is possibility to run privileged or non-privileged containers using podman. They behave and act differently on the Host.
Below are features that can be opened from a container to host .
• Privileges : A privileged container ( --privileged) runs applications on host as root user. So, you can delete files/directories
mounted from host to container even if they are owned by root.
• Process Tables: A non-privileged containers can see only processes running inside container but can not see processes running
on host. Privileged container (--pid=host) on the other hand can see all processes (use ps -e) running on host as well.
• Network Interfaces : By default, container has one external network interface and one loop back interface, but privileged
container ( --net=host) allows to access all network interfaces directly from container.
• Inter-process communications: A privileged container can use IPC facility to see information about active messages queues
,shared memory segments etc.
To explore different options , check podman run --help or man podman-run.
PRINCE BAJAJ 12
13. Running Containers Using Runlabels
Some Special RedHat container images come with labels which provide pre-defined command lines to work with those images.
To run the pre-set command line in IMAGE, we need to use below command:
podman container runlabel <label> IMAGE
Different Labels include:
• install : Sets up host system to run the container. It creates different files and directories on host that container will user later .
• run : Run the container with different command line options. Normally it opens privileges to host and mount the filesystems
from host to container.
• uninstall: Cleans up the host system when container has been run.
Example of RedHat image which includes runlabels is rsyslog. In next task, we will run rsyslog container using runlabels.
PRINCE BAJAJ 13
14. Pull rsyslog image (registry.redhat.io/rhel8/rsyslog) to your System.
• Run container as root user using runlabels defined within the container image.
• Verify working of container and create systemd unit file to start container at boot.
PRINCE BAJAJ
Command Action/Description
podman login registry.redhat.io Authenticating to registry
podman pull registry.redhat.io/rhel8/rsyslog Pulling image to System
podman container runlabel install --display
registry.redhat.io/rhel8/rsyslog
Displaying install runlabel
podman container runlabel install registry.redhat.io/rhel8/rsyslog Running install runlabel
podman container runlabel run --display registry.redhat.io/rhel8/rsyslog Displaying run runlabel
podman container runlabel run registry.redhat.io/rhel8/rsyslog Running run runlabel
podman generate systemd -f rsyslog Execute this command at path /etc/systemd/system to create
unit file
systemctl start *.service and systemctl enable *.service Starting and enabling service to start container at boot
14
15. Running Rootless Containers
podman allows us to run rootless containers (as normal user) which is good feature and provides more security. To run rootless
containers, execute below steps as root user.
• Install podman and slirp4netns packages (If not installed already):
dnf install podman slirp4netns -y
• Increase Username spaces in Kernel : User namespaces isolate security related identifiers e.g., User IDs and Group IDs.
echo “user.max_user_namespaces=28633” > /etc/sysctl.d/userns.conf
sysctl -p /etc/sysctl.d/userns.conf
For more information, check manual page, man user_namespaces
PRINCE BAJAJ 15
16. Run rootless httpd container with name web as user rhcsa using image (registry.redhat.io/rhel8/httpd-24).
• Pull image to system and inspect the image.
• Use same index.html file we used earlier and port 3400 should be used on host to receive http requests
• Create user rhcsa and set password as password.
Note: As normal user you must use port number greater than 1024.
PRINCE BAJAJ
Command Action/Description
useradd rhcsa Creating user
passwd rhcsa Setting password
podman login registry.redhat.io Authenticating login to Registry (execute command as user rhcsa)
podman pull registry.redhat.io/rhel8/httpd-24 Pulling image (execute command as user rhcsa)
podman run -d --name web -p 3400:EXPOSED_PORT -v
/var/www:HTTPD_DATA_ORIG_PATH IMAGE
Running container (execute command as user rhcsa)
podman ps Verify if container is running
curl http://localhost:3400 Verifying working of httpd service
16
17. Configure System to start container web at boot.
• Create system unit file with name web-container.service for same purpose.
• You must perform this action as user rhcsca.
Note : Comment out PIDFile directive in unit file if service does not start. Also replace multi-user.target with default.target
You might need to add line export XDG_RUNTIME_DIR=/run/user/$(id -u) in .bashrc file for rhcsa user.
PRINCE BAJAJ
Command Action/Description
mkdir -p /home/rhcsa/.config/systemd/user Creating Directory Path
podman generate systemd web Generate systemd unit file and put the contents in
/home/rhcsa/.config/systemd/user/web-container.service file
loginctl enable-linger rhcsa Enabling lingering capability for user to start service at boot with
systemd user service manager.
systemctl --user daemon-reload
systemctl --user start web-container.service
Starting service using user instance of systemd
systemctl --user start web-container.service Enabling service using user instance of systemd
systemctl --user status web-container.service Checking status of containerized service
systemctl reboot Rebooting system to verify if containerized service is started at
boot (as root user)
17