Containers Flashcards
Explain what a container is and how to use one
A container is a set of one or more processes that are isolated from the rest of the system.
What 3 core technologies make up a container?
‣ Control Groups (cgroups) for resource management
‣ Namespaces for process isolation
‣ SELinux and Seccomp (Secure Computing mode) to enforce security boundaries
What are the 3 primary container tools used to manage, inspect and create containers?
‣ podman - directly manages containers and container images
‣ skopeo - inspects, copy, deletes and signs images
‣ buildah - creates new container images
Install container management tools and run a simple rootless container
yum module install container-tools
Start a rootless container
$ podman login registry.lab.example.com
$ podman pull registry.access.redhat.com/ubi8:latest
$ podman images
$ podman run -it registry.access.redhat.com/ubi8/ubi:latest
(-t is for –tty meaning pseudo-terminal)
(-i is for –interactive which means it accepts input)
(-d is for –detach which runs in the background)
Start a container named rhel8 with a bash terminal inside
$ podman run -it –name=rhel8 registry.access.redhat.com/ubi8/ubi /bin/bash
Run a container that removes itself once the command is completed
$ podman run –rm registry.access.redhat.com/ubi8/ubi cat /etc/os-release
Display container registry configuration
$ cat /etc/containers/registries.conf
or rootless is:
$ cat $HOME/.config/containers
(rootless settings override system)
Display podman configuration info
$ podman info
Find container images that start with “ubi” within a container registry
$ podman search registry.redhat.io/rhel8/ubi
or for longer descriptions:
$ podman search –notruc registry.access.redhat.com/rhel8/ubi
What is the offical Red Hat container catalog
https://access.redhat.com/containers
Inspect a remote container image
$ skopeo inspect docker://registry.redhat.io/rhel8/python-36
List locally stored container images
$ podman images
Inspect a locally stored container image
$ podman inspect registry.redhat.io/rhel8/python-38
Remove a locally stored container image
$ podman rmi registry.redhat.io/rhel8/python-36:latest
Create a detached container named mydb, publish port 3306, & declare file variables.
$ podman run -d –name mydb -e MYSQL_USER=user1 -e MYSQL_PASSWORD=redhat -e MYSQL_DATABASE=items -e MYSQL_ROOT_PASSWORD=redhat -p 3306:3306 registry.lab.example.com/rhel8/mariadb-103:1-102
Confirm which containers are running
$ podman ps
Connect to a premade mysql container & confirm the running databases
$ mysql -u user1 -p –port=3306 –host=127.0.0.1
mariadb[]> show databases;
Stop a container
$ podman stop mydb
Create a container running an Apache HTTP Server that starts an interactive bash shell
$ podman run –name myweb -it registry.lab.example.com/rhel8/httpd-24:1-105 /bin/bash
Connect to a container and display the linux kernel release version
$ podman exec mysecondweb uname -sr
Connect to a container using a previously used container ID & display the system load average
$ podman exec -l uptime
Create a container named myquickweb that lists the contents of /etc/redhat-release & then auto- exits/deletes the container
$ podman run –name myquickweb –rm registry.lab.example.com/rhel8/httpd-24:1-105 cat /etc/redhat-release
Stop & delete ALL containers
$ podman stop -a
$ podman rm -a
$ podman ps -a
