Buildah: is used to build Open Container Initiative (OCI) format or Docker format container images without the need for a daemon.
Podman: provides the ability to directly run container images without a daemon. Podman can pull container images from a container registry, if they are not available locally.
Skopeo: offers features for pulling and pushing containers to registries. Moving containers between registries is supported. Container image inspection is also offered and some introspective capabilities can be performed, without first downloading the container itself.
1wsl --set-version Ub22 2
1sudo mount --make-rshared /
1# Set CA cert for Podman
2sudo mkdir /etc/containers/certs.d/my-registry.example.com/
3openssl s_client -showcerts -connect my-registry.example.com:443 </dev/null 2>/dev/null|openssl x509 -outform PEM > /etc/containers/certs.d/my-registry.example.com/ca.crt
4
5# Login
6podman login --get-login
7podman login -u init -p xxxxxxxxxxxxxx quay.example.com:8443
8podman login -u registry-admin -p <PWD> registry.k3s.example.com
9
10# Check podman context
11podman info
1# List containers
2podman ps -a
3
4# List images
5podman images
1# Kill containers
2podman kill $(podman ps -q)
3
4# remove containers
5podman rm $(podman ps -qa)
6
7# remove all images
8podman rmi $(podman images -qa) -f
9
10# Remove everything
11podman system reset
1# Export and Load an image
2podman pull docker.io/gitea/gitea:1-rootless
3podman save docker.io/gitea/gitea:1-rootless -o gitea-rootless.tar
4podman load < gitea-rootless.tar
5
6# Import in registry
7podman load < kibana.tar
8podman tag docker.elastic.co/kibana/kibana:8.5.3 quay.example.com:8443/kibana/kibana:8.5.3
9podman push quay.example.com:8443/kibana/kibana:8.5.3
10podman pull quay.example.com:8443/kibana/kibana:8.5.3
1podman run --rm -it registry.access.redhat.com/rhel7 /bin/bash # run image and kill once you exit (just for test purpose)
2podman run --rm -it rhel7 /usr/sbin/ip a # the ip command does not exist in the conteneur
3podman run -v /usr/sbin:/usr/sbin --rm -it rhel7 /usr/sbin/ip a # so map /usr/sbin inside destination /usr/sbin then you get the ip command
4
5# Web app in workdir /opt
6podman run -d -p 8080:8000 --name="python_web" \
7 -w /opt \
8 -v /opt/rhel_data:/var/www/html ubi8/python-39 \
9 -- python -m http.server -d /var/www/html
1# Get the IP
2sudo podman inspect --format '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' gitea-db
3
4# State / Started At
5podman inspect -f {{.State.StartedAt}} python_web
1# Follow logs since 10 min
2podman logs -f --since 10m <ContainerID>
3
4# mount log
5podman run -v /dev/log:/dev/log --rm ubi8 logger Testing logging to the host
6journalctl | grep "Testing logging"
1skopeo inspect docker://registry.access.redhat.com/ubi8