How to build, run and manage Linux containers in RHEL8 Server OS

Container

How to build, run and manage Linux containers in RHEL8 Server OS

By novicejava1 0
podman_manage_containers

Here in this article we will try to build, run and manage Linux containers on RHEL8 Server OS.

Test Environment

RHEL8 Server OS

What are Containers

In layman terms containers are used to package applications and all its dependencies in the form of containers which can be shipped and deployed to be run on any platform independently without any modifications. In rhel Linux containers use the core technologies as listed below.

  • Control Groups (CGroups): For resource management
  • Namespaces: For process isolation
  • SELinux: For enabling security

RHEL Linux container provide the below tools which can operate without a container engine (eg. docker container engine). Here are the list of tools.

  • podman: Client tool for managing container (similar to docker CLI for managing images and containers)
  • buildah: Client tool for building OCI compliant container images
  • skopeo: Client tool sigining, authenticating and copying container images to and from container registries
  • runc: Its a lightweight Container runtime

Redhat provides container images and related software for most of the architecture.

Make sure to register and attach rhel subscription before proceeding with the below steps for building, running and managing Linux containers.

Procedure

Step1: Install container-tools package

[root@rhelser8 ~]# yum module install container-tools

By default, the below configuration file defines access to container registries when we work with container tools such as podman.

[root@rhelser8 containers]# grep -v ^# /etc/containers/registries.conf
...
[registries.search]
registries = ['registry.redhat.io', 'quay.io', 'docker.io']
...
[registries.insecure]
registries = []
...
[registries.block]
registries = []

Step2: Pull image from registry

First, we need to connect to the redhat registry from where we want to pull the container images.

[root@rhelser8 ~]# podman login registry.redhat.io
Username: <username>
Password:
Login Succeeded!

Now, lets pull two images from the above connected registry.

[root@rhelser8 ~]# podman pull registry.redhat.io/rhel8-beta/rhel

[root@rhelser8 ~]# podman images
REPOSITORY                              TAG      IMAGE ID       CREATED        SIZE
registry.redhat.io/rhel8-beta/rsyslog   latest   7d913cca82b9   5 months ago   228MB
registry.redhat.io/rhel8-beta/rhel      latest   a80dad1c1953   5 months ago   210MB

Step3: Run the downloaded image

[root@rhelser8 ~]# hostname
rhelser8.stack.com
[root@rhelser8 ~]# podman run -it registry.redhat.io/rhel8-beta/rhel /bin/bash
bash-4.4# echo $HOSTNAME
4b30bfbf9046

Lets list out the containers that are currently running on another host terminal and stop the running container.

[root@rhelser8 ~]# podman ps
CONTAINER ID   IMAGE                                       COMMAND     CREATED          STATUS              PORTS   NAMES
4b30bfbf9046   registry.redhat.io/rhel8-beta/rhel:latest   /bin/bash   46 seconds ago   Up 46 seconds ago           wonderful_haibt

Step4: Stop and Remove the container and downloaded images

[root@rhelser8 ~]# podman stop 4b30bfbf9046
4b30bfbf9046a450e7860f6023591c53db4a1cd97434a4c90e49b33aa5158b84

Once the container is stopped we can remove that inactive container using below. I have used ‘-a’ all active and exited container but we can pass the specific container id also to remove that specific container id.

[root@rhelser8 ~]# podman rm -a

Now, we will remove the images once all the containers are stopped and removed as below.

[root@rhelser8 ~]# podman images
REPOSITORY                              TAG      IMAGE ID       CREATED        SIZE
registry.redhat.io/rhel8-beta/rsyslog   latest   7d913cca82b9   5 months ago   228MB
registry.redhat.io/rhel8-beta/rhel      latest   a80dad1c1953   5 months ago   210MB

[root@rhelser8 ~]# podman rmi 7d913cca82b9 a80dad1c1953
7d913cca82b9d9bbe19530e7c16168267c13513aacf08aae862a9411f694dbfe
a80dad1c19537b0961e485dfa0a43fbe3c0a71cec2cca32d3264e087e396a211

Here, let us look at another example on Tomcat container from docker registry.

Step5: Search for Tomcat image in docker.io registry

[root@rhelser8 ~]# podman search docker.io/library/tomcat
INDEX       NAME                          DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
docker.io   docker.io/library/tomcat      Apache Tomcat is an open source implementati...   2365    [OK]

Step6: Pull the Tomcat image from registry

[root@rhelser8 ~]# podman pull docker.io/library/tomcat
Trying to pull docker.io/library/tomcat...Getting image source signatures
Copying blob sha256:e79bb959ec00faf01da52437df4fad4537ec669f60455a38ad583ec2b8f00498
 43.24 MB / 43.24 MB [===================================================] 1m13s
...
Writing manifest to image destination
Storing signatures
5a069ba3df4d4221755d76d905ce8a0d2eedf3edbd87dca05a6259114c7b93d4

Step7: Run the default tomcat instance

[root@rhelser8 ~]# podman images
REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
docker.io/library/tomcat   latest   5a069ba3df4d   2 weeks ago   480MB

[root@rhelser8 ~]# podman run -it -d -p 8888:8080 5a069ba3df4d
6786c6ac79331c63ef8d5178f9b7d18441b0c197956eded1c883eff279657dd9

[root@rhelser8 ~]# podman ps -a
CONTAINER ID   IMAGE                             COMMAND           CREATED          STATUS              PORTS                    NAMES            IS INFRA
6786c6ac7933   docker.io/library/tomcat:latest   catalina.sh run   15 seconds ago   Up 15 seconds ago   0.0.0.0:8888->8080/tcp   gifted_galileo   false

Now, we should be able to access the tomcat at the following URL.

URL: http://192.168.91.139:8888/

In the next article we will look at other tools like buildah and skopeo. Click here for the next related article.

Hope you enjoyed reading this article. Thank you..