如何在Debian 10/9上安装Podman
时间:2020-02-23 14:31:36 来源:igfitidea点击:
Podman是一个无守护进程的容器引擎,用于在Linux系统上开发,管理和运行OCI容器。创建它是为了替换需要后台运行守护程序的Docker。本教程将引导我们完成在Debian 10(Buster)和Debian 9(Stretch)Linux机器上的Podman安装。
Podmanuses也使用容器运行时,例如runc,但是启动的容器是podman进程的直接后代。它是libpod库的一部分
更新系统
更新包索引:
sudo apt -y update && sudo apt -y upgrade
安装准备工作
在我们的安装中,我们将从源代码构建软件包。通过运行以下命令来安装所需的所有依赖项:
sudo apt -y install \ gcc \ make \ cmake \ git \ btrfs-progs \ golang-go \ go-md2man \ iptables \ libassuan-dev \ libc6-dev \ libdevmapper-dev \ libglib2.0-dev \ libgpgme-dev \ libgpg-error-dev \ libostree-dev \ libprotobuf-dev \ libprotobuf-c-dev \ libseccomp-dev \ libselinux1-dev \ libsystemd-dev \ pkg-config \ runc \ uidmap \ libapparmor-dev
安装公用程序
预计将在系统上安装最新版本的conmon。 Conmon用于监视OCI运行时。
git clone https://github.com/containers/conmon cd conmon make sudo make podman sudo cp /usr/local/libexec/podman/conmon /usr/local/bin/
安装CNI插件
运行以下命令,以确保系统上安装了CNI插件。
git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins cd $GOPATH/src/github.com/containernetworking/plugins ./build_linux.sh sudo mkdir -p /usr/libexec/cni sudo cp bin/* /usr/libexec/cni
建立CNI网路:
安装CNI命令后,添加配置文件。
sudo mkdir -p /etc/cni/net.d curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf
填充配置文件
我们需要手动添加配置文件,例如用于注册表和策略的配置文件。
sudo mkdir -p /etc/containers sudo curl https://raw.githubusercontent.com/projectatomic/registries/master/registries.fedora -o /etc/containers/registries.conf sudo curl https://raw.githubusercontent.com/containers/skopeo/master/default-policy.json -o /etc/containers/policy.json
安装Podman
现在,我们可以从Github下载Podman源代码并构建二进制应用程序。
git clone https://github.com/containers/libpod/$GOPATH/src/github.com/containers/libpod cd $GOPATH/src/github.com/containers/libpod make sudo make install
检查Podman版本
$podman version Version: 1.4.5-dev RemoteAPI Version: 1 Go Version: go1.11.6 OS/Arch: linux/amd64
我们可以显示有关主机,当前存储状态和podman构建的信息。
$podman info
host:
BuildahVersion: 1.9.2
Conmon:
package: Unknown
path: /usr/local/bin/conmon
version: 'conmon version 1.0.1-dev, commit: 8392df88fba944510b51c7d5b92aa745a15863f8'
Distribution:
distribution: debian
version: "10"
MemFree: 6179495936
MemTotal: 8167223296
OCIRuntime:
package: 'runc: /usr/sbin/runc'
path: /usr/sbin/runc
version: |
runc version 1.0.0~rc6+dfsg1
commit: 1.0.0~rc6+dfsg1-3
spec: 1.0.1
SwapFree: 0
SwapTotal: 0
arch: amd64
cpus: 2
eventlogger: journald
hostname: debian10
kernel: 4.19.0-5-amd64
os: linux
rootless: false
uptime: 13m 44.64s
registries:
blocked: null
insecure: null
search:
- docker.io
- registry.fedoraproject.org
- registry.access.redhat.com
store:
ConfigFile: /etc/containers/storage.conf
ContainerStore:
number: 0
GraphDriverName: overlay
GraphOptions: null
GraphRoot: /var/lib/containers/storage
GraphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
ImageStore:
number: 0
RunRoot: /var/run/containers/storage
VolumePath: /var/lib/containers/storage/volumes
主要配置文件:/etc/containers/registries.conf配置文件,该文件指定在完成不包含注册表或者域部分的镜像名称时应查阅哪些容器注册表。/etc/containers/mounts.conf指定了以下目录的卷装载目录:执行" podman run"或者" podman build"命令时自动安装在容器内
在Debian上测试Podman安装
拉高山docker图片。
$podman pull alpine Trying to pull docker.io/library/alpine... Getting image source signatures Copying blob 050382585609 done Copying config b7b28af77f done Writing manifest to image destination Storing signatures b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9
运行Docker容器:
$podman images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/library/alpine latest b7b28af77ffe 3 weeks ago 5.85 MB $podman run -ti b7b28af77ffe /bin/sh /# cat /etc/os-release NAME="Alpine Linux" ID=alpine VERSION_ID=3.10.1 PRETTY_NAME="Alpine Linux v3.10" HOME_URL="https://alpinelinux.org/" BUG_REPORT_URL="https://bugs.alpinelinux.org/ /# exit
现在我们已经确认可以创建一个容器,让我们删除它。
# podman rm -f `podman ps -aq` d16db8f39c82f50f3a2bbf4834d948b660525a5c2b98979e433c3428f613c18d
