This is the 9th day of my participation in the November Gwen Challenge. See the link for details: The last Gwen Challenge 2021
The introduction of Podman
K8s has become the industry standard. If k8S is too complex, rancher 2.0+ can be used to simplify the operation and maintenance of K8S.
In centos8, the default container is podman, not docker. It can quickly manage images (similar to Time Machine with system), quickly create container environment from images (similar to virtual Machine, but without emulating hardware layer), and quickly create images from containers for saving and sharing. Podman is a daemonless container engine for developing, managing, and running OCI containers on Linux systems. Containers can run as root or rootless mode. In short: Alias Docker = Podman
K8s announced the abandonment of Docker in 20 years
Much of what Docker used to do is now taken over by three red Hat tools, Podman, Skopeo and Buildah. None of them require a daemon or access to the root permission group
Podman (Pod Manager) is a full-featured container engine that is a simple dauntless tool. Podman provides a command line similar to Docker-CLI that simplifies conversion from other container engines and allows managing pods, containers, and images.
Libpod is a tool and library for creating container pods. It contains the POD management tool Podman, which manages pods, containers, container images, and container volumes.
Podman was originally part of the Cri-O project, which was later split into a separate project called libpod. Podman works like Docker, but without the beauty of the daemon.
Instead of using daemons, Podman uses OCI Runtime (also runc by default) to start the container, so the container’s processes are Podman’s children.
Why podman?
The emergence of Docker solves the following fundamental problems: it solves the complexity of manual matching between different environments;
But docker has a headache: “Docker daemons consume 100% of CPU resources on multiple cores and cause hosts to fail.”
Podman does not require a daemon or access to the root group. Podman can replace most of the molecular commands (run, push, pull, etc.). Since there is no daemon required and the user namespace emulates root in the container, Podman does not need to connect to a socket with root privileges — a solution to a longstanding Docker problem.
Build podman
System environment
[root@xinsz08-20 ~]# uname -r4.18.0-80. El8. X86_64 [root @ xinsz08-20 ~]# cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
Copy the codeThe system we use in our company
Update DNF note: DNF is a software manager that comes with Centos8 similar to yum
[root@xinsz08-20 ~]# dnf update -y && dnf makecache
Copy the codeInstall podman
[root@xinsz08-20 ~]# dnf install podman -y
[root@xinsz08-20 ~]# podman -vPodman version 2.2.1Copy the codeBuild the initial wordpress container
After installing Podman, we choose tO build WordPress based on Centos 8 image.
You can also find WordPress images directly in Docker Hub (Podman compatible with Docker), which is much faster, but, let’s say, operation and maintenance play is a mess! So let’s go the extra mile and get a feel for the structure, like adding HTTPS, or building custom requirements like multiple WordPress.
You can use Podman to search the image of centos 8 for WordPress. Sometimes you cannot find the official image through podman search centos:8.
Find the mirror of Centos8
[root@xinsz08-20 ~]# podman search centos:8INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/yozhi/centos add some common tools to image Centos: 8.2.2... IO /dongyupu/jira-software tag 8.5.0: centos:8(openJDK-1.8.0) tag 8.3.... IO /vssware/ GMSSL Base On vssware/centos:8 1 Image creation, enabling... 0 docker. IO docker. IO/images4dev centos8 -based off the official CentOS: 8.1.1911 image... 0 docker.io docker.io/mizux/ortools Simple python ortools inside a centos:8 dock... 0 docker. IO docker. IO/jlkinsel/centos - polylinux - example example of a centos: 8.1.1911 that's had pack... 0 docker.io docker.io/thanasan/centos8-systemd Linux CentOS:8 systemd 0 docker.io docker.io/mohitaga98/centos1 centos:8 with additional internal commands(p... 0 docker.io docker.io/meghna98/centos_with_httpd Centos:8 images with httpd installed 0Copy the codeDownload centos8
[root@xinsz08-20 ~]# podman pull centos:8
Copy the codeView the mirror pulled to the local
[root@xinsz08-20 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/centos 8 300e315adb2f 4 months ago 217 MB
[root@xinsz08-20 ~]# podman image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/centos 8 300e315adb2f 4 months ago 217 MB
[root@xinsz08-20 ~]#
Copy the codeCreate containers based on images
Use podman Run –help to view the parameters
–name mywordpress-dit –name mywordpress-dit –name mywordpress-dit –name mywordpress-dit –name mywordpress-dit For example, mapping port 80 to the default HTTP port 443 to the default HTTPS port /sbin/init Assigns permissions to commands such as container systemctl to facilitate subsequent management
[root@xinsz08-20 ~]# podman run --name mywordpress -dit -p 80:80 -p 443:443 centos:8 /sbin/init
Copy the codeView the current status of all containers
[root@xinsz08-20 ~]# Podman ps -a ## View all containersCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f42545980324 docker.io/library/centos:8 /sbin/init 25 seconds ago Up 22 seconds ago 0.0.0.0:80->80/ TCP, 0.0.0.0:443->443/ TCP mywordpress [root@xinsz08-20 ~]# Podman ps ## to view the running containerCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES f42545980324 docker.io/library/centos:8 /sbin/init 30 seconds ago Up 27 seconds ago 0.0.0.0:80->80/ TCP, 0.0.0.0:443->443/ TCP mywordpress [root@xinsz08-20 ~]#
Copy the codeInto the container
Use the command to enter the container
bash-comletition
[root@xinsz08-20 ~]# podman exec -it d7e62f7cf5c6 bash[root@f42545980324 /]#
Copy the codeYou can see the hostname change on Xshell
[root@f42545980324 /]# hostnamef42545980324
Copy the codeSet up the wordpress
Note: Using DNF update in containers is not recommended, as it can make the container unnecessarily large
First we install the required software and services
- Mariadb is a database, but other databases can also be used. For wordpress to store articles, users and other data information
- HTTPD is an Apache web service that wordpress can choose to build on top of. You can also use nigix.
- PHP is the scripting language based on wordpress
- Wget is a common download tool that will later be used to download wordpress packages
[root@f42545980324 /]# dnf install mariadb mariadb-server httpd httpd-tools php php-cli php-json php-gd php-mbstring php-pdo php-xml php-mysqlnd php-pecl-zip wget -y
Copy the codeStart the installed service
[root@f42545980324 /]# systemctl start httpd[root@f42545980324 /]# systemctl start mariadb[root@f42545980324 /]# systemctl enable HttpdCreated symlink/etc/systemd/system/multi - user. Target. Wants/HTTPD. Service - > /usr/lib/systemd/system/httpd.service.[root@f42545980324 /]# systemctl enable mariadbCreated symlink The/etc/systemd/system/mysql service to/usr/lib/systemd/system/mariadb. Service. Created symlink The/etc/systemd/system/mysqld. Service to/usr/lib/systemd/system/mariadb. Service. Created symlink The/etc/systemd/system/multi - user. Target. Wants/mariadb. Service to/usr/lib/systemd/system/mariadb. Service. [root @ f42545980324 # /]
Copy the codeCheck the status
If the status is not active, it indicates that there is some problem. It may be a configuration problem (it has not been configured yet, but it may occur later, and you can determine the problem by viewing logs with an error message), or it may be insufficient memory, etc. You can use top to check the memory status.
Configuring the Database
Enter database:
[root@f42545980324 /]# mysql -uroot -pEnter password:
Copy the codeCreate mywordpress database, name can be customized, but remember, later to configure wordpress will need to use:
MariaDB [(none)]> create database mywordpress; Query OK, 1 row affected (0.001 SEC)MariaDB [(none)]> GRANT ALL ON mywordpress.* TO'wordpressuser'@'localhost' IDENTIFIED BY 'mywordpresspassword'; Query OK, 0 rows affected (0.000 SEC)MariaDB [(none)]> Flush PRIVILEGES; Query OK, 0 rows affected (0.000 SEC)Copy the codeDownload wordpress
WordPress is a page service written in PHP that runs on a web server (Apache or NIGx), so no installation is required. It’s almost the same as managing a bunch of web files.
Install to the /var/www directory
[root@f42545980324 /]# cd /var/www/[root@f42545980324 www]# wget https://wordpress.org/latest.tar.gz
Copy the code[root@f42545980324 www]# lscgi-bin html latest.tar.gz[root@f42545980324 www]#
Copy the codeUnpack the
[root@f42545980324 www]# tar xf latest.tar.gz [root@f42545980324 www]# ls -l total 15388drwxr-xr-x. 2 root root 6 Nov 4 03:23 cgi-bindrwxr-xr-x. 2 root root 6 Nov 4 03:23 html-rw-r--r--. 1 root root 15750352 Apr 15 02:08 latest.tar.gzdrwxr-xr-x. 5 nobody nobody 4096 Apr 15 02:08 wordpress[root@f42545980324 www]#
Copy the codeIn this case, the owner of the nobody folder needs to change it to Apache and grant permissions to enable WordPress to modify its configuration or update automatically, etc.
First, change the owner to Apache and the owning group to Apache. -r indicates that all files in the folder are modified at the same time. -f indicates that no error message is reported and f is not added.
775 corresponds to Apache and apache groups that are readable, writable, and executable, while other groups are readable, unwritable, and executable
[root@f42545980324 www]# chown -Rf apache:apache ./wordpress/[root@f42545980324 www]# chmod -Rf 775 ./wordpress/
Copy the codeConfigure the apache
[root@f42545980324 www]# cd /etc/httpd/[root@f42545980324 httpd]# lsconf conf.d conf.modules.d logs modules run state[root@f42545980324 httpd]#
Copy the codeConf is the main configuration folder. Apacha will load the httpd.conf configuration file first when you start running apacha. You can check its configuration.
Conf. D is the extra configuration folder. Appache loads all files that end in.conf by default, according to the configuration in httpd.conf.
Conf. D is the configuration folder of the module. Appache also loads all.conf files by default, according to the configuration in httpd.conf.
Conf. D, create and edit the configuration file using vi:
[root@f42545980324 httpd]# CD /etc/httpd/conf.d/[root@f42545980324 conf.d]# vim mywordpress.conf command not found[root@f42545980324 conf.d]# vi mywordpress.conf[root@f42545980324 conf.d]#
Copy the codeGlue into the lower configuration
Service listening port 80 Service root folder /var/www/wordpress Configure the service permission and forward mode for the folder
[root@f42545980324 conf.d]# cat mywordpress.conf
ServerAdmin root@localhost DocumentRoot /var/www/wordpress
Options Indexes FollowSymLinks AllowOverride all Require all granted
ErrorLog /var/log/httpd/wordpress_error.log CustomLog /var/log/httpd/wordpress_access.log common
Copy the codeEnter the common mode of vi and press :wq to save the configuration and exit.
Then restart the Apache service
[root@f42545980324 conf.d]# systemctl restart httpd
Copy the codeThe configuration of wordpress
This is required when configuring wordpress by accessing the page side:
wordpressuser
mywordpresspassword
mywordpress
[root@d7e62f7cf5c6 wordpress]# vi wp-config-sample.php
vim define( 'DB_NAME', 'mywordpress' ); 24 25 /** MySQL database username */ 26 define( 'DB_USER', 'wordpressuser' ); 27 28 /** MySQL database password */ 29 define( 'DB_PASSWORD', 'mywordpresspassword' ); 30 31 /** MySQL hostname */ 32 define( 'DB_HOST', 'localhost' );
Copy the codecp wp-config-sample.php wp-config.php
Enter the IP address of the VM to configure 192.168.1.20
Select Chinese
Enter user name and password to enter the background oh.
Conclusion:
Podman is the second half of the container, so be sure to practice