How to build, run and manage Linux containers in RHEL8 Server OS

Here in this article we will try to build, run and manage Linux containers on RHEL8 Server OS.
Test Environment
RHEL8 Server OS
What are Containers
In layman terms containers are used to package applications and all its dependencies in the form of containers which can be shipped and deployed to be run on any platform independently without any modifications. In rhel Linux containers use the core technologies as listed below.
- Control Groups (CGroups): For resource management
- Namespaces: For process isolation
- SELinux: For enabling security
RHEL Linux container provide the below tools which can operate without a container engine (eg. docker container engine). Here are the list of tools.
- podman: Client tool for managing container (similar to docker CLI for managing images and containers)
- buildah: Client tool for building OCI compliant container images
- skopeo: Client tool sigining, authenticating and copying container images to and from container registries
- runc: Its a lightweight Container runtime
Redhat provides container images and related software for most of the architecture.
Make sure to register and attach rhel subscription before proceeding with the below steps for building, running and managing Linux containers.
Procedure
Step1: Install container-tools package
[root@rhelser8 ~]# yum module install container-tools
By default, the below configuration file defines access to container registries when we work with container tools such as podman.
[root@rhelser8 containers]# grep -v ^# /etc/containers/registries.conf
...
[registries.search]
registries = ['registry.redhat.io', 'quay.io', 'docker.io']
...
[registries.insecure]
registries = []
...
[registries.block]
registries = []
Step2: Pull image from registry
First, we need to connect to the redhat registry from where we want to pull the container images.
[root@rhelser8 ~]# podman login registry.redhat.io
Username: <username>
Password:
Login Succeeded!
Now, lets pull two images from the above connected registry.
[root@rhelser8 ~]# podman pull registry.redhat.io/rhel8-beta/rhel
[root@rhelser8 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.redhat.io/rhel8-beta/rsyslog latest 7d913cca82b9 5 months ago 228MB
registry.redhat.io/rhel8-beta/rhel latest a80dad1c1953 5 months ago 210MB
Step3: Run the downloaded image
[root@rhelser8 ~]# hostname
rhelser8.stack.com
[root@rhelser8 ~]# podman run -it registry.redhat.io/rhel8-beta/rhel /bin/bash
bash-4.4# echo $HOSTNAME
4b30bfbf9046
Lets list out the containers that are currently running on another host terminal and stop the running container.
[root@rhelser8 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4b30bfbf9046 registry.redhat.io/rhel8-beta/rhel:latest /bin/bash 46 seconds ago Up 46 seconds ago wonderful_haibt
Step4: Stop and Remove the container and downloaded images
[root@rhelser8 ~]# podman stop 4b30bfbf9046
4b30bfbf9046a450e7860f6023591c53db4a1cd97434a4c90e49b33aa5158b84
Once the container is stopped we can remove that inactive container using below. I have used ‘-a’ all active and exited container but we can pass the specific container id also to remove that specific container id.
[root@rhelser8 ~]# podman rm -a
Now, we will remove the images once all the containers are stopped and removed as below.
[root@rhelser8 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.redhat.io/rhel8-beta/rsyslog latest 7d913cca82b9 5 months ago 228MB
registry.redhat.io/rhel8-beta/rhel latest a80dad1c1953 5 months ago 210MB
[root@rhelser8 ~]# podman rmi 7d913cca82b9 a80dad1c1953
7d913cca82b9d9bbe19530e7c16168267c13513aacf08aae862a9411f694dbfe
a80dad1c19537b0961e485dfa0a43fbe3c0a71cec2cca32d3264e087e396a211
Here, let us look at another example on Tomcat container from docker registry.
Step5: Search for Tomcat image in docker.io registry
[root@rhelser8 ~]# podman search docker.io/library/tomcat
INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED
docker.io docker.io/library/tomcat Apache Tomcat is an open source implementati... 2365 [OK]
Step6: Pull the Tomcat image from registry
[root@rhelser8 ~]# podman pull docker.io/library/tomcat
Trying to pull docker.io/library/tomcat...Getting image source signatures
Copying blob sha256:e79bb959ec00faf01da52437df4fad4537ec669f60455a38ad583ec2b8f00498
43.24 MB / 43.24 MB [===================================================] 1m13s
...
Writing manifest to image destination
Storing signatures
5a069ba3df4d4221755d76d905ce8a0d2eedf3edbd87dca05a6259114c7b93d4
Step7: Run the default tomcat instance
[root@rhelser8 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/tomcat latest 5a069ba3df4d 2 weeks ago 480MB
[root@rhelser8 ~]# podman run -it -d -p 8888:8080 5a069ba3df4d
6786c6ac79331c63ef8d5178f9b7d18441b0c197956eded1c883eff279657dd9
[root@rhelser8 ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES IS INFRA
6786c6ac7933 docker.io/library/tomcat:latest catalina.sh run 15 seconds ago Up 15 seconds ago 0.0.0.0:8888->8080/tcp gifted_galileo false
Now, we should be able to access the tomcat at the following URL.
URL: http://192.168.91.139:8888/
In the next article we will look at other tools like buildah and skopeo. Click here for the next related article.
Hope you enjoyed reading this article. Thank you..
Leave a Reply
You must be logged in to post a comment.