[Mac] 使用 Podman 取代 Docker

[Mac] 使用 Podman 取代 Docker

Comments 0 Comment

在 Mac 上我一直都是使用 Docker Desktop 來跑 Docker Engine,

不過它的效能總覺得不甚理想,

常常 CPU 吃很高 (不過也許這就是要在 Mac 上開 Linux VM 的宿命)…

 

最近聽到同事在說 Podman 這個工具,

可以不用一直常駐跑一個 daemon,與 docker 相容性也不錯,

那就來試試看吧~

 

1. 安裝 Podman

在 Mac 上用 Homebrew 來安裝 Podman:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
brew install podman
brew install podman
brew install podman

 

裝好後執行  

podman info
podman info ,目前是不行的,

因為我們還沒有 Linux VM:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman info
Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM
Error: unable to connect to Podman socket: Get "http://d/v4.7.2/libpod/_ping": dial unix ///var/folders/tc/h5mk5_ts4278q5r3bk_1vxc00000gp/T/podman-run--1/podman/podman.sock: connect: no such file or directory
$ podman info Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM Error: unable to connect to Podman socket: Get "http://d/v4.7.2/libpod/_ping": dial unix ///var/folders/tc/h5mk5_ts4278q5r3bk_1vxc00000gp/T/podman-run--1/podman/podman.sock: connect: no such file or directory
$ podman info

Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM
Error: unable to connect to Podman socket: Get "http://d/v4.7.2/libpod/_ping": dial unix ///var/folders/tc/h5mk5_ts4278q5r3bk_1vxc00000gp/T/podman-run--1/podman/podman.sock: connect: no such file or directory

 

2. 安裝 Podman Machine

先看一下  

podman machine
podman machine 有哪些參數可用:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman machine
Manage a virtual machine
Description:
Manage a virtual machine. Virtual machines are used to run Podman.
Usage:
podman machine [command]
Available Commands:
info Display machine host info
init Initialize a virtual machine
inspect Inspect an existing machine
list List machines
os Manage a Podman virtual machine's OS
rm Remove an existing machine
set Set a virtual machine setting
ssh SSH into an existing machine
start Start an existing machine
stop Stop an existing machine
$ podman machine Manage a virtual machine Description: Manage a virtual machine. Virtual machines are used to run Podman. Usage: podman machine [command] Available Commands: info Display machine host info init Initialize a virtual machine inspect Inspect an existing machine list List machines os Manage a Podman virtual machine's OS rm Remove an existing machine set Set a virtual machine setting ssh SSH into an existing machine start Start an existing machine stop Stop an existing machine
$ podman machine

Manage a virtual machine

Description:
  Manage a virtual machine. Virtual machines are used to run Podman.

Usage:
  podman machine [command]

Available Commands:
  info        Display machine host info
  init        Initialize a virtual machine
  inspect     Inspect an existing machine
  list        List machines
  os          Manage a Podman virtual machine's OS
  rm          Remove an existing machine
  set         Set a virtual machine setting
  ssh         SSH into an existing machine
  start       Start an existing machine
  stop        Stop an existing machine

 

接著就可以先執行  

podman machine init
podman machine init 來建立一台 Linux VM,

它看起來是會抓一個 CoreOS 的 QEMU 映像檔下來,

所以應該是用 QEMU 來跑這 VM 的:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman machine init
Downloading VM image: fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2.xz: done
Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2 [==================>---] 544.9MiB / 620.5M
Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2: done
Image resized.
Machine init complete
To start your machine run:
podman machine start
$ podman machine init Downloading VM image: fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2.xz: done Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2 [==================>---] 544.9MiB / 620.5M Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2: done Image resized. Machine init complete To start your machine run: podman machine start
$ podman machine init

Downloading VM image: fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2.xz: done
Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2 [==================>---] 544.9MiB / 620.5M
Extracting compressed file: podman-machine-default_fedora-coreos-39.20231101.2.1-qemu.x86_64.qcow2: done
Image resized.
Machine init complete
To start your machine run:

    podman machine start

 

執行  

podman machine start
podman machine start 來啟動 VM:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman machine start
Starting machine "podman-machine-default"
Waiting for VM ...
Mounting volume... /Users:/Users
Mounting volume... /private:/private
Mounting volume... /var/folders:/var/folders
This machine is currently configured in rootless mode. If your containers
require root permissions (e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command:
podman machine set --rootful
API forwarding listening on: /Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock
The system helper service is not installed; the default Docker API socket
address can't be used by podman. If you would like to install it run the following commands:
sudo /usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper install
podman machine stop/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper; podman machine start/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper
You can still connect Docker API clients by setting DOCKER_HOST using the
following command in your terminal session:
export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock'
Machine "podman-machine-default" started successfully
$ podman machine start Starting machine "podman-machine-default" Waiting for VM ... Mounting volume... /Users:/Users Mounting volume... /private:/private Mounting volume... /var/folders:/var/folders This machine is currently configured in rootless mode. If your containers require root permissions (e.g. ports < 1024), or if you run into compatibility issues with non-podman clients, you can switch using the following command: podman machine set --rootful API forwarding listening on: /Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock The system helper service is not installed; the default Docker API socket address can't be used by podman. If you would like to install it run the following commands: sudo /usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper install podman machine stop/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper; podman machine start/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper You can still connect Docker API clients by setting DOCKER_HOST using the following command in your terminal session: export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock' Machine "podman-machine-default" started successfully
$ podman machine start

Starting machine "podman-machine-default"
Waiting for VM ...
Mounting volume... /Users:/Users
Mounting volume... /private:/private
Mounting volume... /var/folders:/var/folders

This machine is currently configured in rootless mode. If your containers
require root permissions (e.g. ports < 1024), or if you run into compatibility
issues with non-podman clients, you can switch using the following command:

        podman machine set --rootful

API forwarding listening on: /Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock

The system helper service is not installed; the default Docker API socket
address can't be used by podman. If you would like to install it run the following commands:

        sudo /usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper install
        podman machine stop/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper; podman machine start/usr/local/Cellar/podman/4.7.2/bin/podman-mac-helper

                You can still connect Docker API clients by setting DOCKER_HOST using the
following command in your terminal session:

        export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock'

Machine "podman-machine-default" started successfully

 

我想要容易直接有 root 權限,減少一些未來的麻煩,

所以要先把 VM 停下來、設定成 rootful、再重新啟動 VM:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
podman machine stop
podman machine set --rootful
podman machine start
podman machine stop podman machine set --rootful podman machine start
podman machine stop
podman machine set --rootful
podman machine start

 

跑  

podman info
podman info 看一下目前的狀態:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman info
host:
arch: amd64
buildahVersion: 1.32.0
cgroupControllers:
- cpuset
- cpu
- io
- memory
- hugetlb
- pids
- rdma
- misc
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.7-3.fc39.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.7, commit: '
cpuUtilization:
idlePercent: 77.24
systemPercent: 14.31
userPercent: 8.45
cpus: 1
databaseBackend: boltdb
distribution:
distribution: fedora
variant: coreos
version: "39"
eventLogger: journald
freeLocks: 2048
hostname: localhost.localdomain
idMappings:
gidmap: null
uidmap: null
kernel: 6.5.9-300.fc39.x86_64
linkmode: dynamic
logDriver: journald
memFree: 1592528896
memTotal: 2048520192
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns-1.8.0-1.fc39.x86_64
path: /usr/libexec/podman/aardvark-dns
version: aardvark-dns 1.8.0
package: netavark-1.8.0-2.fc39.x86_64
path: /usr/libexec/podman/netavark
version: netavark 1.8.0
ociRuntime:
name: crun
package: crun-1.11-1.fc39.x86_64
path: /usr/bin/crun
version: |-
crun version 1.11
commit: 11f8d3dc9fc4bb8a0adcff5ba8bd340f24612701
rundir: /run/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt-0^20231004.gf851084-1.fc39.x86_64
version: |
pasta 0^20231004.gf851084-1.fc39.x86_64
Copyright Red Hat
GNU General Public License, version 2 or later
<https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: true
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: true
serviceIsRemote: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.2.2-1.fc39.x86_64
version: |-
slirp4netns version 1.2.2
commit: 0ee2d87523e906518d34a6b423271e4826f71faf
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.3
swapFree: 0
swapTotal: 0
uptime: 0h 1m 56.00s
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- docker.io
store:
configFile: /usr/share/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mountopt: nodev,metacopy=on
graphRoot: /var/lib/containers/storage
graphRootAllocated: 106769133568
graphRootUsed: 2324676608
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "false"
Supports d_type: "true"
Supports shifting: "true"
Supports volatile: "true"
Using metacopy: "true"
imageCopyTmpDir: /var/tmp
imageStore:
number: 0
runRoot: /run/containers/storage
transientStore: false
volumePath: /var/lib/containers/storage/volumes
version:
APIVersion: 4.7.0
Built: 1695838680
BuiltTime: Thu Sep 28 02:18:00 2023
GitCommit: ""
GoVersion: go1.21.1
Os: linux
OsArch: linux/amd64
Version: 4.7.0
$ podman info host: arch: amd64 buildahVersion: 1.32.0 cgroupControllers: - cpuset - cpu - io - memory - hugetlb - pids - rdma - misc cgroupManager: systemd cgroupVersion: v2 conmon: package: conmon-2.1.7-3.fc39.x86_64 path: /usr/bin/conmon version: 'conmon version 2.1.7, commit: ' cpuUtilization: idlePercent: 77.24 systemPercent: 14.31 userPercent: 8.45 cpus: 1 databaseBackend: boltdb distribution: distribution: fedora variant: coreos version: "39" eventLogger: journald freeLocks: 2048 hostname: localhost.localdomain idMappings: gidmap: null uidmap: null kernel: 6.5.9-300.fc39.x86_64 linkmode: dynamic logDriver: journald memFree: 1592528896 memTotal: 2048520192 networkBackend: netavark networkBackendInfo: backend: netavark dns: package: aardvark-dns-1.8.0-1.fc39.x86_64 path: /usr/libexec/podman/aardvark-dns version: aardvark-dns 1.8.0 package: netavark-1.8.0-2.fc39.x86_64 path: /usr/libexec/podman/netavark version: netavark 1.8.0 ociRuntime: name: crun package: crun-1.11-1.fc39.x86_64 path: /usr/bin/crun version: |- crun version 1.11 commit: 11f8d3dc9fc4bb8a0adcff5ba8bd340f24612701 rundir: /run/crun spec: 1.0.0 +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL os: linux pasta: executable: /usr/bin/pasta package: passt-0^20231004.gf851084-1.fc39.x86_64 version: | pasta 0^20231004.gf851084-1.fc39.x86_64 Copyright Red Hat GNU General Public License, version 2 or later <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. remoteSocket: exists: true path: /run/podman/podman.sock security: apparmorEnabled: false capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT rootless: false seccompEnabled: true seccompProfilePath: /usr/share/containers/seccomp.json selinuxEnabled: true serviceIsRemote: true slirp4netns: executable: /usr/bin/slirp4netns package: slirp4netns-1.2.2-1.fc39.x86_64 version: |- slirp4netns version 1.2.2 commit: 0ee2d87523e906518d34a6b423271e4826f71faf libslirp: 4.7.0 SLIRP_CONFIG_VERSION_MAX: 4 libseccomp: 2.5.3 swapFree: 0 swapTotal: 0 uptime: 0h 1m 56.00s plugins: authorization: null log: - k8s-file - none - passthrough - journald network: - bridge - macvlan - ipvlan volume: - local registries: search: - docker.io store: configFile: /usr/share/containers/storage.conf containerStore: number: 0 paused: 0 running: 0 stopped: 0 graphDriverName: overlay graphOptions: overlay.mountopt: nodev,metacopy=on graphRoot: /var/lib/containers/storage graphRootAllocated: 106769133568 graphRootUsed: 2324676608 graphStatus: Backing Filesystem: xfs Native Overlay Diff: "false" Supports d_type: "true" Supports shifting: "true" Supports volatile: "true" Using metacopy: "true" imageCopyTmpDir: /var/tmp imageStore: number: 0 runRoot: /run/containers/storage transientStore: false volumePath: /var/lib/containers/storage/volumes version: APIVersion: 4.7.0 Built: 1695838680 BuiltTime: Thu Sep 28 02:18:00 2023 GitCommit: "" GoVersion: go1.21.1 Os: linux OsArch: linux/amd64 Version: 4.7.0
$ podman info

host:
  arch: amd64
  buildahVersion: 1.32.0
  cgroupControllers:
  - cpuset
  - cpu
  - io
  - memory
  - hugetlb
  - pids
  - rdma
  - misc
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.7-3.fc39.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.7, commit: '
  cpuUtilization:
    idlePercent: 77.24
    systemPercent: 14.31
    userPercent: 8.45
  cpus: 1
  databaseBackend: boltdb
  distribution:
    distribution: fedora
    variant: coreos
    version: "39"
  eventLogger: journald
  freeLocks: 2048
  hostname: localhost.localdomain
  idMappings:
    gidmap: null
    uidmap: null
  kernel: 6.5.9-300.fc39.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 1592528896
  memTotal: 2048520192
  networkBackend: netavark
  networkBackendInfo:
    backend: netavark
    dns:
      package: aardvark-dns-1.8.0-1.fc39.x86_64
      path: /usr/libexec/podman/aardvark-dns
      version: aardvark-dns 1.8.0
    package: netavark-1.8.0-2.fc39.x86_64
    path: /usr/libexec/podman/netavark
    version: netavark 1.8.0
  ociRuntime:
    name: crun
    package: crun-1.11-1.fc39.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.11
      commit: 11f8d3dc9fc4bb8a0adcff5ba8bd340f24612701
      rundir: /run/crun
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +LIBKRUN +WASM:wasmedge +YAJL
  os: linux
  pasta:
    executable: /usr/bin/pasta
    package: passt-0^20231004.gf851084-1.fc39.x86_64
    version: |
      pasta 0^20231004.gf851084-1.fc39.x86_64
      Copyright Red Hat
      GNU General Public License, version 2 or later
        <https://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
  remoteSocket:
    exists: true
    path: /run/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: false
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: true
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.2-1.fc39.x86_64
    version: |-
      slirp4netns version 1.2.2
      commit: 0ee2d87523e906518d34a6b423271e4826f71faf
      libslirp: 4.7.0
      SLIRP_CONFIG_VERSION_MAX: 4
      libseccomp: 2.5.3
  swapFree: 0
  swapTotal: 0
  uptime: 0h 1m 56.00s
plugins:
  authorization: null
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - docker.io
store:
  configFile: /usr/share/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions:
    overlay.mountopt: nodev,metacopy=on
  graphRoot: /var/lib/containers/storage
  graphRootAllocated: 106769133568
  graphRootUsed: 2324676608
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Supports shifting: "true"
    Supports volatile: "true"
    Using metacopy: "true"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 0
  runRoot: /run/containers/storage
  transientStore: false
  volumePath: /var/lib/containers/storage/volumes
version:
  APIVersion: 4.7.0
  Built: 1695838680
  BuiltTime: Thu Sep 28 02:18:00 2023
  GitCommit: ""
  GoVersion: go1.21.1
  Os: linux
  OsArch: linux/amd64
  Version: 4.7.0

 

3. 使用 Podman 啟動容器

Podman 的用法和 Docker 差不多,

下面指令是在背景跑一個 httpd 的容器,並且將本機的 8080 port 映射到容器的 80 port:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman run -dt -p 8080:80/tcp docker.io/library/httpd
Trying to pull docker.io/library/httpd:latest...
Getting image source signatures
Copying blob sha256:6a3b76b70f7385a99e72877fac4d1e00f4466859ed3ea50891bab80908e22c0b
Copying blob sha256:578acb154839e9d0034432e8f53756d6f53ba62cf8c7ea5218a2476bf5b58fc9
Copying blob sha256:c1a8c8567b78fc222c60d83831081d5578fd80e6c30ee0bcf8a79019824301a1
Copying blob sha256:10b9ab03bf458e12adc435ae235b1f58f473fea23c2cdf6d88407d92a4a51c41
Copying blob sha256:74dbedf7ddc012b3398b2c645974f1f6e30a9592fef541d02faf456e40b67bc4
Copying config sha256:7f6a969e81a54d01e2fc08fd45025badf8f2418d3530a3a484b77ab826a1b4a7
Writing manifest to image destination
cc6028fb57848297da81b80a8f9bd784ff6b9770399f7da6f5715bd764c51a1c
$ podman run -dt -p 8080:80/tcp docker.io/library/httpd Trying to pull docker.io/library/httpd:latest... Getting image source signatures Copying blob sha256:6a3b76b70f7385a99e72877fac4d1e00f4466859ed3ea50891bab80908e22c0b Copying blob sha256:578acb154839e9d0034432e8f53756d6f53ba62cf8c7ea5218a2476bf5b58fc9 Copying blob sha256:c1a8c8567b78fc222c60d83831081d5578fd80e6c30ee0bcf8a79019824301a1 Copying blob sha256:10b9ab03bf458e12adc435ae235b1f58f473fea23c2cdf6d88407d92a4a51c41 Copying blob sha256:74dbedf7ddc012b3398b2c645974f1f6e30a9592fef541d02faf456e40b67bc4 Copying config sha256:7f6a969e81a54d01e2fc08fd45025badf8f2418d3530a3a484b77ab826a1b4a7 Writing manifest to image destination cc6028fb57848297da81b80a8f9bd784ff6b9770399f7da6f5715bd764c51a1c
$ podman run -dt -p 8080:80/tcp docker.io/library/httpd

Trying to pull docker.io/library/httpd:latest...
Getting image source signatures
Copying blob sha256:6a3b76b70f7385a99e72877fac4d1e00f4466859ed3ea50891bab80908e22c0b
Copying blob sha256:578acb154839e9d0034432e8f53756d6f53ba62cf8c7ea5218a2476bf5b58fc9
Copying blob sha256:c1a8c8567b78fc222c60d83831081d5578fd80e6c30ee0bcf8a79019824301a1
Copying blob sha256:10b9ab03bf458e12adc435ae235b1f58f473fea23c2cdf6d88407d92a4a51c41
Copying blob sha256:74dbedf7ddc012b3398b2c645974f1f6e30a9592fef541d02faf456e40b67bc4
Copying config sha256:7f6a969e81a54d01e2fc08fd45025badf8f2418d3530a3a484b77ab826a1b4a7
Writing manifest to image destination
cc6028fb57848297da81b80a8f9bd784ff6b9770399f7da6f5715bd764c51a1c

 

執行  

podman ps
podman ps 可以查看執行中的容器:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cc6028fb5784 docker.io/library/httpd:latest httpd-foreground 18 seconds ago Up 17 seconds 0.0.0.0:8080->80/tcp xenodochial_merkle
$ podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cc6028fb5784 docker.io/library/httpd:latest httpd-foreground 18 seconds ago Up 17 seconds 0.0.0.0:8080->80/tcp xenodochial_merkle
$ podman ps

CONTAINER ID  IMAGE                           COMMAND           CREATED         STATUS         PORTS                 NAMES
cc6028fb5784  docker.io/library/httpd:latest  httpd-foreground  18 seconds ago  Up 17 seconds  0.0.0.0:8080->80/tcp  xenodochial_merkle

 

4. 使用 Docker 指令操控 Podman 容器

剛剛跑起來的 Podman 容器,直接跑  

docker ps
docker ps 是看不到的,

因為 docker 指令會去連結它預設的一個 Unix socket,和 Podman 用的不是同一個:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ docker ps
Cannot connect to the Docker daemon at unix:///Users/testuser/.docker/run/docker.sock. Is the docker daemon running?
$ docker ps Cannot connect to the Docker daemon at unix:///Users/testuser/.docker/run/docker.sock. Is the docker daemon running?
$ docker ps

Cannot connect to the Docker daemon at unix:///Users/testuser/.docker/run/docker.sock. Is the docker daemon running?

 

記得剛剛在 

podman machine start
podman machine start 的訊息中,有看到一個 DOCKER_HOST 的環境變數。

把它拿來設定後,再執行  

docker ps
docker ps ,就可以成功連線看到容器囉:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
$ export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock'
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cc6028fb5784 httpd:latest "httpd-foreground" 14 minutes ago Up 14 minutes 80/tcp xenodochial_merkle
$ export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock' $ docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES cc6028fb5784 httpd:latest "httpd-foreground" 14 minutes ago Up 14 minutes 80/tcp xenodochial_merkle
$ export DOCKER_HOST='unix:///Users/testuser/.local/share/containers/podman/machine/qemu/podman.sock'

$ docker ps
CONTAINER ID   IMAGE          COMMAND              CREATED          STATUS          PORTS     NAMES
cc6028fb5784   httpd:latest   "httpd-foreground"   14 minutes ago   Up 14 minutes   80/tcp    xenodochial_merkle

 

以上就是簡單的 Podman 安裝與使用方法,

之後會盡量使用 Podman 來取代 Docker 看看,

再觀察看是不是有哪些異同之處呢?~

 

參考資料:Podman Installation

(本頁面已被瀏覽過 283 次)

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料