[RHCSA] 10 – Manage containers

10.1 – Find and retrieve container images from a remote registry

Overview

Container images are stored in remote registries, such as Docker Hub or Red Hat Container Catalog. Retrieving these images is essential for deploying and managing containers. This guide covers how to find and retrieve container images using tools like podman and docker.

Using podman to Find and Retrieve Container Images

Step 1: Search for Container Images

Use the podman search command to search for container images in a remote registry.

Syntax

podman search <image_name>

Example

1. Search for an Nginx Image:

podman search nginx

Sample Output:

INDEX       NAME                                        DESCRIPTION                                      STARS   OFFICIAL  AUTOMATED
docker.io   docker.io/library/nginx                     Official build of Nginx.                         1500    [OK]
docker.io   docker.io/jwilder/nginx-proxy               Automated Nginx reverse proxy for docker con...  150     [OK]
docker.io   docker.io/richarvey/nginx-php-fpm           Container running Nginx + PHP-FPM capable of...  80      [OK]

Step 2: Pull Container Images

Use the podman pull command to retrieve container images from a remote registry.

Syntax

podman pull <image_name>

Example

1. Pull the Official Nginx Image:

podman pull docker.io/library/nginx

Sample Output:

Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob sha256:...
Copying config sha256:...
Writing manifest to image destination
Storing signatures

Step 3: List Pulled Images

Use the podman images command to list the images that have been pulled.

Syntax

podman images

Example

1. List Pulled Images:

podman images

Sample Output:

REPOSITORY                TAG         IMAGE ID      CREATED       SIZE
docker.io/library/nginx   latest      sha256:...    2 weeks ago   133 MB

Using docker to Find and Retrieve Container Images

Step 1: Search for Container Images

Use the docker search command to search for container images in a remote registry.

Syntax

docker search <image_name>

Example

1. Search for an Nginx Image:

docker search nginx

Sample Output:

NAME                                        DESCRIPTION                                      STARS     OFFICIAL   AUTOMATED
nginx                                       Official build of Nginx.                         1500      [OK]
jwilder/nginx-proxy                         Automated Nginx reverse proxy for docker con...  150       [OK]
richarvey/nginx-php-fpm                     Container running Nginx + PHP-FPM capable of...  80        [OK]

Step 2: Pull Container Images

Use the docker pull command to retrieve container images from a remote registry.

Syntax

docker pull <image_name>

Example

1. Pull the Official Nginx Image:

docker pull nginx

Sample Output:

Using default tag: latest
latest: Pulling from library/nginx
Digest: sha256:...
Status: Downloaded newer image for nginx:latest

Step 3: List Pulled Images

Use the docker images command to list the images that have been pulled.

Syntax

docker images

Example

1. List Pulled Images:

docker images

Sample Output:

REPOSITORY                TAG         IMAGE ID      CREATED       SIZE
nginx                     latest      sha256:...    2 weeks ago   133 MB

Practical Examples

Example 1: Find and Retrieve an Nginx Image Using podman

1. Search for an Nginx Image:

podman search nginx

1. Pull the Official Nginx Image:

podman pull docker.io/library/nginx

1. List Pulled Images:

podman images

Example 2: Find and Retrieve an Nginx Image Using docker

1. Search for an Nginx Image:

docker search nginx

1. Pull the Official Nginx Image:

docker pull nginx

1. List Pulled Images:

docker images

Additional Tips

• Specify Image Tags:When pulling images, you can specify a tag to pull a specific version.

podman pull docker.io/library/nginx:1.19
docker pull nginx:1.19

• Remove Images:Use the podman rmi or docker rmi command to remove images.

podman rmi <image_id>
docker rmi <image_id>

• Inspect Images:Use the podman inspect or docker inspect command to view detailed information about an image.

podman inspect <image_id>
docker inspect <image_id>

• Login to a Private Registry:Use the podman login or docker login command to authenticate with a private registry.

podman login <registry_url>
docker login <registry_url>

• Pull Images from a Private Registry:Specify the registry URL when pulling images from a private registry.

podman pull <registry_url>/<image_name>
docker pull <registry_url>/<image_name>

Conclusion

Finding and retrieving container images from a remote registry is essential for deploying and managing containers. Mastery of these tasks ensures that you can efficiently work with container images, which is crucial for the RHCSA exam.

These notes should help you understand how to find and retrieve container images from a remote registry for the RHCSA exam.

10.2 – Inspect container images

Overview

Inspecting container images provides detailed information about the image, including its configuration, layers, and metadata. This information is essential for understanding the contents and behavior of the image. This guide covers how to inspect container images using tools like podman and docker.

Using podman to Inspect Container Images

Step 1: List Available Images

Use the podman images command to list the images available on your system.

Syntax

podman images

Example

1. List Available Images:

podman images

Sample Output:

REPOSITORY                TAG         IMAGE ID      CREATED       SIZE
docker.io/library/nginx   latest      sha256:...    2 weeks ago   133 MB

Step 2: Inspect a Container Image

Use the podman inspect command to view detailed information about a container image.

Syntax

podman inspect <image_id_or_name>

Example

1. Inspect the Nginx Image:

podman inspect docker.io/library/nginx

Sample Output (truncated for brevity):

[
    {
        "Id": "sha256:...",
        "RepoTags": [
            "docker.io/library/nginx:latest"
        ],
        "RepoDigests": [
            "docker.io/library/nginx@sha256:..."
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2023-09-01T12:00:00Z",
        "ContainerConfig": {
            "Hostname": "...",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "nginx",
                "-g",
                "daemon off;"
            ],
            "Image": "sha256:...",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
        "DockerVersion": "20.10.7",
        "Author": "",
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 133000000,
        "VirtualSize": 133000000,
        "GraphDriver": {
            "Data": {
                "LowerDir": "...",
                "MergedDir": "...",
                "UpperDir": "...",
                "WorkDir": "..."
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:...",
                "sha256:..."
            ]
        },
        "Metadata": {
            "LastTagTime": "2023-09-01T12:00:00Z"
        }
    }
]

Step 3: Filter Specific Information

Use the --format option with podman inspect to filter specific information.

Syntax

podman inspect --format '<template>' <image_id_or_name>

Example

1. Get the Image ID:

podman inspect --format '{{.Id}}' docker.io/library/nginx

Sample Output:

sha256:...

1. Get the Exposed Ports:

podman inspect --format '{{.ContainerConfig.ExposedPorts}}' docker.io/library/nginx

Sample Output:

map[80/tcp:{}]

Using docker to Inspect Container Images

Step 1: List Available Images

Use the docker images command to list the images available on your system.

Syntax

docker images

Example

1. List Available Images:

docker images

Sample Output:

REPOSITORY                TAG         IMAGE ID      CREATED       SIZE
nginx                     latest      sha256:...    2 weeks ago   133 MB

Step 2: Inspect a Container Image

Use the docker inspect command to view detailed information about a container image.

Syntax

docker inspect <image_id_or_name>

Example

Inspect the Nginx Image:

docker inspect nginx

Sample Output (truncated for brevity):

[
    {
        "Id": "sha256:...",
        "RepoTags": [
            "nginx:latest"
        ],
        "RepoDigests": [
            "nginx@sha256:..."
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2023-09-01T12:00:00Z",
        "ContainerConfig": {
            "Hostname": "...",
            "Domainname": "",
            "User": "",
            "AttachStdin": false,
            "AttachStdout": false,
            "AttachStderr": false,
            "ExposedPorts": {
                "80/tcp": {}
            },
            "Tty": false,
            "OpenStdin": false,
            "StdinOnce": false,
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "nginx",
                "-g",
                "daemon off;"
            ],
            "Image": "sha256:...",
            "Volumes": null,
            "WorkingDir": "",
            "Entrypoint": null,
            "OnBuild": null,
            "Labels": {}
        },
        "DockerVersion": "20.10.7",
        "Author": "",
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 133000000,
        "VirtualSize": 133000000,
        "GraphDriver": {
            "Data": {
                "LowerDir": "...",
                "MergedDir": "...",
                "UpperDir": "...",
                "WorkDir": "..."
            },
            "Name": "overlay2"
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:...",
                "sha256:..."
            ]
        },
        "Metadata": {
            "LastTagTime": "2023-09-01T12:00:00Z"
        }
    }
]

Step 3: Filter Specific Information

Use the --format option with docker inspect to filter specific information.

Syntax

docker inspect --format '<template>' <image_id_or_name>

Example

1. Get the Image ID:

docker inspect --format '{{.Id}}' nginx

Sample Output:

sha256:...

1. Get the Exposed Ports:

docker inspect --format '{{.ContainerConfig.ExposedPorts}}' nginx

Sample Output:

map[80/tcp:{}]

Practical Examples

Example 1: Inspect an Nginx Image Using podman

1. List Available Images:

podman images

1. Inspect the Nginx Image:

podman inspect docker.io/library/nginx

1. Get the Image ID:

podman inspect --format '{{.Id}}' docker.io/library/nginx

1. Get the Exposed Ports:

podman inspect --format '{{.ContainerConfig.ExposedPorts}}' docker.io/library/nginx

Example 2: Inspect an Nginx Image Using docker

1. List Available Images:

docker images

1. Inspect the Nginx Image:

docker inspect nginx

1. Get the Image ID:

docker inspect --format '{{.Id}}' nginx

1. Get the Exposed Ports:

docker inspect --format '{{.ContainerConfig.ExposedPorts}}' nginx

Additional Tips

• Inspect Running Containers:Use the podman inspect or docker inspect command to inspect running containers.

podman inspect <container_id_or_name>
docker inspect <container_id_or_name>

• Inspect Specific Layers:Use the podman history or docker history command to view the history of an image, including its layers.

podman history <image_id_or_name>
docker history <image_id_or_name>

• Save and Load Images:Use the podman save and podman load or docker save and docker load commands to save and load images.

podman save -o <file_name> <image_id_or_name>
podman load -i <file_name>

docker save -o <file_name> <image_id_or_name>
docker load -i <file_name>

• Remove Images:Use the podman rmi or docker rmi command to remove images.

podman rmi <image_id_or_name>
docker rmi <image_id_or_name>

Conclusion

Inspecting container images provides detailed information about the image, including its configuration, layers, and metadata. Mastery of these tasks ensures that you can efficiently work with container images, which is crucial for the RHCSA exam.

These notes should help you understand how to inspect container images for the RHCSA exam.

10.3 – Perform container management using commands such as podman and skopeo

Overview

Container management involves creating, running, stopping, and managing containers and images. podman is a tool for managing containers and images, while skopeo is used for inspecting and transferring container images. This guide covers essential container management tasks using podman and skopeo.

Using podman for Container Management

Installing podman

Ensure podman is installed on your system.

sudo yum install podman

Basic podman Commands

Pulling Images

Use the podman pull command to retrieve container images from a remote registry.

podman pull <image_name>

Example:

podman pull docker.io/library/nginx

Listing Images

Use the podman images command to list the images available on your system.

podman images

Example:

podman images

Running Containers

Use the podman run command to create and start a new container.

podman run [options] <image_name> [command]

Example:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1 vulnerability

Listing Containers

Use the podman ps command to list running containers.

podman ps

Example:

podman ps

Use the podman ps -a command to list all containers, including stopped ones.

podman ps -a

Example:

podman ps -a

Stopping Containers

Use the podman stop command to stop a running container.

podman stop <container_id_or_name>

Example:

podman stop mynginx

Removing Containers

Use the podman rm command to remove a stopped container.

podman rm <container_id_or_name>

Example:

podman rm mynginx

Inspecting Containers

Use the podman inspect command to view detailed information about a container.

podman inspect <container_id_or_name>

Example:

podman inspect mynginx

Practical Examples

Example 1: Pull and Run an Nginx Container

1. Pull the Nginx Image:

podman pull docker.io/library/nginx

1. Run the Nginx Container:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1. List Running Containers:

podman ps

1. Inspect the Nginx Container:

podman inspect mynginx

1. Stop the Nginx Container:

podman stop mynginx

1. Remove the Nginx Container:

podman rm mynginx

Using skopeo for Image Management

Installing skopeo

Ensure skopeo is installed on your system.

sudo yum install skopeo

Basic skopeo Commands

Inspecting Remote Images

Use the skopeo inspect command to inspect remote images without pulling them.

skopeo inspect docker://<registry>/<image_name>

Example:

skopeo inspect docker://docker.io/library/nginx

Copying Images

Use the skopeo copy command to copy images between different locations.

skopeo copy <source> <destination>

Example:

skopeo copy docker://docker.io/library/nginx:latest dir:/tmp/nginx

Deleting Images

Use the skopeo delete command to delete images from a remote registry.

skopeo delete docker://<registry>/<image_name>

Example:

skopeo delete docker://docker.io/library/nginx:latest

Practical Examples

Example 1: Inspect a Remote Nginx Image

1. Inspect the Nginx Image:

skopeo inspect docker://docker.io/library/nginx

Example 2: Copy an Image from Docker Hub to a Local Directory

1. Copy the Nginx Image:

skopeo copy docker://docker.io/library/nginx:latest dir:/tmp/nginx

Example 3: Delete an Image from a Remote Registry

1. Delete the Nginx Image:

skopeo delete docker://docker.io/library/nginx:latest

Additional Tips

• Login to a Private Registry:Use the podman login or skopeo login command to authenticate with a private registry.

podman login <registry_url>
skopeo login <registry_url>

• Tagging Images:Use the podman tag command to tag images.

podman tag <image_id_or_name> <new_tag>

• Example:

podman tag docker.io/library/nginx:latest myregistry.com/mynginx:latest

• Pushing Images:Use the podman push command to push images to a remote registry.

podman push <image_id_or_name> <registry_url>/<image_name>

Example:

podman push myregistry.com/mynginx:latest

• Remove Images:Use the podman rmi command to remove images.

podman rmi <image_id_or_name>

Example:

podman rmi docker.io/library/nginx

• Check Container Logs:Use the podman logs command to view container logs.

podman logs <container_id_or_name>

Example:

podman logs mynginx

Conclusion

Performing container management using podman and skopeo involves creating, running, stopping, and managing containers and images. Mastery of these tasks ensures that you can efficiently work with containers and images, which is crucial for the RHCSA exam.

These notes should help you understand how to perform container management using commands such as podman and skopeo for the RHCSA exam.

10.4 – Perform basic container management such as running, starting, stopping, and listing running containers

Overview

Basic container management involves running, starting, stopping, and listing containers. This guide covers how to perform these tasks using podman, a popular container management tool.

Using podman for Basic Container Management

Installing podman

Ensure podman is installed on your system.

sudo yum install podman

Running Containers

Use the podman run command to create and start a new container.

Syntax

podman run [options] <image_name> [command]

Examples

1. Run a Container in the Foreground:

podman run docker.io/library/nginx

1. Run a Container in Detached Mode:

podman run -d --name mynginx docker.io/library/nginx

1. Run a Container with Port Mapping:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

Starting Containers

Use the podman start command to start a stopped container.

Syntax

podman start <container_id_or_name>

Example

1. Start a Stopped Container:

podman start mynginx

Stopping Containers

Use the podman stop command to stop a running container.

Syntax

podman stop <container_id_or_name>

Example

1. Stop a Running Container:

podman stop mynginx

Listing Containers

Use the podman ps command to list running containers.

Syntax

podman ps

Example

1. List Running Containers:

podman ps

Sample Output:

CONTAINER ID  IMAGE                            COMMAND               CREATED        STATUS            PORTS               NAMES
abc123        docker.io/library/nginx:latest   nginx -g daemon off;  2 minutes ago  Up 2 minutes ago  0.0.0.0:8080->80/tcp  mynginx

Use the podman ps -a command to list all containers, including stopped ones.

Syntax

podman ps -a

Example

1. List All Containers:

podman ps -a

Sample Output:

CONTAINER ID  IMAGE                            COMMAND               CREATED        STATUS                     PORTS               NAMES
abc123        docker.io/library/nginx:latest   nginx -g daemon off;  2 minutes ago  Up 2 minutes ago           0.0.0.0:8080->80/tcp  mynginx
def456        docker.io/library/nginx:latest   nginx -g daemon off;  5 minutes ago  Exited (0) 3 minutes ago   0.0.0.0:8080->80/tcp  mynginx2

Removing Containers

Use the podman rm command to remove a stopped container.

Syntax

podman rm <container_id_or_name>

Example

1. Remove a Stopped Container:

podman rm mynginx

Practical Examples

Example 1: Run and Manage an Nginx Container

1. Run the Nginx Container in Detached Mode:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1. List Running Containers:

podman ps

1. Stop the Nginx Container:

podman stop mynginx

1. Start the Nginx Container:

podman start mynginx

1. List All Containers:

podman ps -a

1. Remove the Nginx Container:

podman rm mynginx

Example 2: Run a Container with a Custom Command

1. Run an Alpine Container with a Custom Command:

podman run --name myalpine alpine echo "Hello, World!"

1. List All Containers:

podman ps -a

1. Remove the Alpine Container:

podman rm myalpine

Additional Tips

• Check Container Logs:Use the podman logs command to view container logs.

podman logs <container_id_or_name>

Example:

podman logs mynginx

• Inspect Containers:Use the podman inspect command to view detailed information about a container.

podman inspect <container_id_or_name>

Example:

podman inspect mynginx

• Execute Commands in Running Containers:Use the podman exec command to execute commands in a running container.

podman exec -it <container_id_or_name> <command>

Example:

podman exec -it mynginx /bin/bash

• Remove All Stopped Containers:Use the podman rm command with the -a option to remove all stopped containers.

podman rm -a

• Run Containers with Environment Variables:Use the -e option with podman run to set environment variables.

podman run -d --name mynginx -e NGINX_PORT=8080 docker.io/library/nginx

Conclusion

Performing basic container management tasks such as running, starting, stopping, and listing containers is essential for managing containerized applications. Mastery of these tasks ensures that you can efficiently work with containers, which is crucial for the RHCSA exam.

These notes should help you understand how to perform basic container management tasks for the RHCSA exam.

10.5 – Run a service inside a container

Overview

Running a service inside a container involves creating a container from an image that includes the service, configuring the container, and starting the service. This guide covers how to run a service inside a container using podman.

Using podman to Run a Service Inside a Container

Step 1: Pull the Required Image

Use the podman pull command to retrieve the container image that includes the service you want to run.

Syntax

podman pull <image_name>

Example

1. Pull the Nginx Image:

podman pull docker.io/library/nginx

Step 2: Run the Container

Use the podman run command to create and start a new container with the service.

Syntax

podman run [options] <image_name> [command]

Examples

1. Run the Nginx Container in Detached Mode:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1. Run the Nginx Container with a Custom Configuration:

podman run -d --name mynginx -p 8080:80 -v /path/to/nginx.conf:/etc/nginx/nginx.conf:ro docker.io/library/nginx

Step 3: Verify the Service is Running

Use the podman ps command to list running containers and verify that the service is running.

Syntax

podman ps

Example

1. List Running Containers:

podman ps

Sample Output:

CONTAINER ID  IMAGE                            COMMAND               CREATED        STATUS            PORTS               NAMES
abc123        docker.io/library/nginx:latest   nginx -g daemon off;  2 minutes ago  Up 2 minutes ago  0.0.0.0:8080->80/tcp  mynginx

Step 4: Access the Service

Access the service running inside the container using a web browser or a command-line tool like curl.

Example

1. Access the Nginx Service Using a Web Browser:Open a web browser and navigate to http://localhost:8080.
2. Access the Nginx Service Using curl:

curl http://localhost:8080

Sample Output:

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p>
</body>
</html>

Practical Examples

Example 1: Run an Nginx Web Server Inside a Container

1. Pull the Nginx Image:

podman pull docker.io/library/nginx

1. Run the Nginx Container in Detached Mode:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1. List Running Containers:

podman ps

• Access the Nginx Service Using a Web Browser:Open a web browser and navigate to http://localhost:8080.
• Access the Nginx Service Using curl:

curl http://localhost:8080

Example 2: Run an Apache HTTP Server Inside a Container

1. Pull the Apache HTTP Server Image:

podman pull docker.io/library/httpd

1. Run the Apache HTTP Server Container in Detached Mode:

podman run -d --name myhttpd -p 8081:80 docker.io/library/httpd

1. List Running Containers:

podman ps

• Access the Apache HTTP Server Using a Web Browser:Open a web browser and navigate to http://localhost:8081.
• Access the Apache HTTP Server Using curl:

curl http://localhost:8081

Example 3: Run a MySQL Database Server Inside a Container

1. Pull the MySQL Image:

podman pull docker.io/library/mysql

1. Run the MySQL Container with Environment Variables:

podman run -d --name mymysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -p 3306:3306 docker.io/library/mysql

1. List Running Containers:

podman ps

1. Access the MySQL Database Server:Use a MySQL client to connect to the database server.

mysql -h 127.0.0.1 -P 3306 -u root -p

Additional Tips

• Check Container Logs:Use the podman logs command to view container logs.

podman logs <container_id_or_name>

Example:

podman logs mynginx

• Inspect Containers:Use the podman inspect command to view detailed information about a container.

podman inspect <container_id_or_name>

Example:

podman inspect mynginx

• Execute Commands in Running Containers:Use the podman exec command to execute commands in a running container.

podman exec -it <container_id_or_name> <command>

Example:

podman exec -it mynginx /bin/bash

• Remove Containers:Use the podman rm command to remove stopped containers.

podman rm <container_id_or_name>

Example:

podman rm mynginx

• Remove Images:Use the podman rmi command to remove images.

podman rmi <image_id_or_name>

Example:

podman rmi docker.io/library/nginx

Conclusion

Running a service inside a container involves creating a container from an image that includes the service, configuring the container, and starting the service. Mastery of these tasks ensures that you can efficiently deploy and manage containerized services, which is crucial for the RHCSA exam.

These notes should help you understand how to run a service inside a container for the RHCSA exam.

10.6 – Configure a container to start automatically as a systemd service

Overview

Configuring a container to start automatically as a systemd service ensures that the container is managed by systemd and starts at boot. This guide covers how to create a systemd service unit file for a container managed by podman.

Prerequisites

Ensure podman is installed on your system.

sudo yum install podman

Steps to Configure a Container as a Systemd Service

Step 1: Create a Podman Container

First, create and run the container using podman.

Example

1. Pull the Nginx Image:

podman pull docker.io/library/nginx

1. Run the Nginx Container:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

Step 2: Generate a Systemd Service Unit File

Use the podman generate systemd command to generate a systemd service unit file for the container.

Syntax

podman generate systemd --name <container_name> --files --new

Example

1. Generate a Systemd Service Unit File for the Nginx Container:

podman generate systemd --name mynginx --files --new

This command generates a service unit file named container-mynginx.service in the current directory.

Step 3: Move the Service Unit File to the Systemd Directory

Move the generated service unit file to the systemd directory.

Example

1. Move the Service Unit File:

sudo mv container-mynginx.service /etc/systemd/system/

Step 4: Enable and Start the Systemd Service

Use the systemctl command to enable and start the systemd service.

Syntax

sudo systemctl enable <service_name>
sudo systemctl start <service_name>

Example

1. Enable the Nginx Container Service:

sudo systemctl enable container-mynginx.service

1. Start the Nginx Container Service:

sudo systemctl start container-mynginx.service

Step 5: Verify the Service

Use the systemctl status command to verify that the service is running.

Syntax

systemctl status <service_name>

Example

1. Check the Status of the Nginx Container Service:

systemctl status container-mynginx.service

Sample Output:

● container-mynginx.service - Podman container-mynginx.service
   Loaded: loaded (/etc/systemd/system/container-mynginx.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2023-10-01 12:00:00 UTC; 1h 30min ago
 Main PID: 1234 (podman)
    Tasks: 1 (limit: 4915)
   Memory: 5.0M
   CGroup: /system.slice/container-mynginx.service
           └─1234 /usr/bin/podman start --attach mynginx

Practical Examples

Example 1: Configure an Nginx Container to Start Automatically as a Systemd Service

1. Pull the Nginx Image:

podman pull docker.io/library/nginx

1. Run the Nginx Container:

podman run -d --name mynginx -p 8080:80 docker.io/library/nginx

1. Generate a Systemd Service Unit File:

podman generate systemd --name mynginx --files --new

1. Move the Service Unit File:

sudo mv container-mynginx.service /etc/systemd/system/

1. Enable the Nginx Container Service:

sudo systemctl enable container-mynginx.service

1. Start the Nginx Container Service:

sudo systemctl start container-mynginx.service

1. Check the Status of the Nginx Container Service:

systemctl status container-mynginx.service

Example 2: Configure an Apache HTTP Server Container to Start Automatically as a Systemd Service

1. Pull the Apache HTTP Server Image:

podman pull docker.io/library/httpd

1. Run the Apache HTTP Server Container:

podman run -d --name myhttpd -p 8081:80 docker.io/library/httpd

1. Generate a Systemd Service Unit File:

podman generate systemd --name myhttpd --files --new

1. Move the Service Unit File:

sudo mv container-myhttpd.service /etc/systemd/system/

1. Enable the Apache HTTP Server Container Service:

sudo systemctl enable container-myhttpd.service

1. Start the Apache HTTP Server Container Service:

sudo systemctl start container-myhttpd.service

1. Check the Status of the Apache HTTP Server Container Service:

systemctl status container-myhttpd.service

Additional Tips

• Reload Systemd Configuration:If you make changes to the service unit file, reload the systemd configuration.

sudo systemctl daemon-reload

• Check Container Logs:Use the podman logs command to view container logs.

podman logs <container_id_or_name>

Example:

podman logs mynginx

• Inspect Containers:Use the podman inspect command to view detailed information about a container.

podman inspect <container_id_or_name>

Example:

podman inspect mynginx

• Remove Containers:Use the podman rm command to remove stopped containers.

podman rm <container_id_or_name>

Example:

podman rm mynginx

• Remove Images:Use the podman rmi command to remove images.

podman rmi <image_id_or_name>

Example:

podman rmi docker.io/library/nginx

Conclusion

Configuring a container to start automatically as a systemd service ensures that the container is managed by systemd and starts at boot. Mastery of these tasks ensures that you can efficiently deploy and manage containerized services, which is crucial for the RHCSA exam.

These notes should help you understand how to configure a container to start automatically as a systemd service for the RHCSA exam.

10.7 – Attach persistent storage to a container

Overview

Attaching persistent storage to a container ensures that data is retained even when the container is stopped or removed. This guide covers how to attach persistent storage to a container using podman.

Using podman to Attach Persistent Storage

Step 1: Create a Directory for Persistent Storage

Create a directory on the host system that will be used for persistent storage.

Example

1. Create a Directory:

sudo mkdir -p /var/lib/mydata

1. Set Appropriate Permissions:

sudo chown 1000:1000 /var/lib/mydata

Step 2: Run a Container with a Volume

Use the podman run command with the -v option to mount the directory as a volume inside the container.

Syntax

podman run [options] -v <host_directory>:<container_directory> <image_name> [command]

Examples

1. Run an Nginx Container with Persistent Storage:

podman run -d --name mynginx -p 8080:80 -v /var/lib/mydata:/usr/share/nginx/html:Z docker.io/library/nginx

1. -d: Run the container in detached mode.
2. --name mynginx: Name the container mynginx.
3. -p 8080:80: Map port 8080 on the host to port 80 in the container.
4. -v /var/lib/mydata:/usr/share/nginx/html:Z: Mount the host directory /var/lib/mydata to the container directory /usr/share/nginx/html with SELinux context Z.

Step 3: Verify the Volume Mount

Use the podman inspect command to verify that the volume is mounted correctly.

Syntax

podman inspect <container_id_or_name>

Example

1. Inspect the Nginx Container:

podman inspect mynginx

Sample Output (truncated for brevity):

[
    {
        "Id": "sha256:...",
        "Name": "mynginx",
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/var/lib/mydata",
                "Destination": "/usr/share/nginx/html",
                "Mode": "Z",
                "RW": true,
                "Propagation": "rprivate"
            }
        ],
        ...
    }
]

Step 4: Test Persistent Storage

Create a file in the host directory and verify that it is accessible inside the container.

Example

1. Create a File in the Host Directory:

echo "Hello, World!" | sudo tee /var/lib/mydata/index.html

1. Access the File Inside the Container:Open a web browser and navigate to http://localhost:8080.
   Sample Output:
   

Hello, World!

Practical Examples

Example 1: Attach Persistent Storage to an Nginx Container

1. Create a Directory for Persistent Storage:

sudo mkdir -p /var/lib/mydata

1. Set Appropriate Permissions:

sudo chown 1000:1000 /var/lib/mydata

1. Run the Nginx Container with Persistent Storage:

podman run -d --name mynginx -p 8080:80 -v /var/lib/mydata:/usr/share/nginx/html:Z docker.io/library/nginx

1. Verify the Volume Mount:

podman inspect mynginx

1. Create a File in the Host Directory:

echo "Hello, World!" | sudo tee /var/lib/mydata/index.html

1. Access the File Inside the Container:Open a web browser and navigate to http://localhost:8080.

Example 2: Attach Persistent Storage to a MySQL Container

1. Create a Directory for Persistent Storage:

sudo mkdir -p /var/lib/mysql_data

1. Set Appropriate Permissions:

sudo chown 1001:1001 /var/lib/mysql_data

1. Run the MySQL Container with Persistent Storage:

podman run -d --name mymysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -v /var/lib/mysql_data:/var/lib/mysql:Z -p 3306:3306 docker.io/library/mysql

1. Verify the Volume Mount:

podman inspect mymysql

1. Access the MySQL Database Server:Use a MySQL client to connect to the database server.

mysql -h 127.0.0.1 -P 3306 -u root -p

Additional Tips

• Use Named Volumes:Instead of using host directories, you can use named volumes for better management.

podman volume create myvolumepodman run -d --name mynginx -p 8080:80 -v myvolume:/usr/share/nginx/html:Z docker.io/library/nginx

• List Volumes:Use the podman volume ls command to list all volumes.

podman volume ls

• Inspect Volumes:Use the podman volume inspect command to view detailed information about a volume.

podman volume inspect myvolume

• Remove Volumes:Use the podman volume rm command to remove volumes.

podman volume rm myvolume

• Backup and Restore Volumes:Use the podman run command with tar to backup and restore volumes.Backup:

podman run --rm -v myvolume:/volume -v /backup:/backup alpine tar czvf /backup/myvolume.tar.gz -C /volume

Restore:

podman run --rm -v myvolume:/volume -v /backup:/backup alpine tar xzvf /backup/myvolume.tar.gz -C /volume

Conclusion

Attaching persistent storage to a container ensures that data is retained even when the container is stopped or removed. Mastery of these tasks ensures that you can efficiently manage containerized services with persistent storage, which is crucial for the RHCSA exam.

These notes should help you understand how to attach persistent storage to a container for the RHCSA exam.