Overview
Discussion of "Building, running, and managing containers"
Look into:
- Using the CRI-O Container Engine
- OCI image format, OCI-compatible container engines
- OpenShift
- pods (OpenShift)
- Create /etc/containers/nodocker to shut up info msg
Images
- ubi8/rhel
- ubi8/rhel-minimal
- ubi8/rhel-init
- ubi8/rhel-rsyslog
- ubi8/support-tools
- ubi8/net-snmp
Packages
Installed (or to install):
- podman (manage containers)
- buildah (build OCI-compliant container images)
- skopeo (copy images to and from registries)
- podman-docker
Dependencies:
- runc (runtime client for OCI format containers)
- containers-common
- containernetworking-plugins
- oci-systemd-hook
- oci-umount
- container-selinux
- fuse-overlayfs
- slirp4netns
Modules:
$ dnf module info container-tools
Concepts
OCI: Open Container Initiative
Use cases
- single-node
- multi-node (sometimes called “distributed systems”)
Core technologies
- cgroups
- namespaces
- SELinux
Commands
- podman
- buildah
- skopeo
- runc
registries.conf
# The only valid categories are: 'registries.search', 'registries.insecure', # and 'registries.block'. [registries.search] registries = ['registry.redhat.io', 'quay.io', 'docker.io'] # If you need to access insecure registries, add the registry's fully-qualified name. # An insecure registry is one that does not have a valid SSL certificate or only does HTTP. [registries.insecure] registries = [] # If you need to block pull access from a registry, uncomment the section below # and add the registries fully-qualified name. # # Docker only [registries.block] registries = []