mirror of
				https://github.com/containers/podman.git
				synced 2025-10-26 10:45:26 +08:00 
			
		
		
		
	 fd5140d87a
			
		
	
	fd5140d87a
	
	
	
		
			
			Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com> Signed-off-by: 林博仁(Buo-ren, Lin) <Buo.Ren.Lin@gmail.com>
		
			
				
	
	
		
			109 lines
		
	
	
		
			5.6 KiB
		
	
	
	
		
			ReStructuredText
		
	
	
	
	
	
			
		
		
	
	
			109 lines
		
	
	
		
			5.6 KiB
		
	
	
	
		
			ReStructuredText
		
	
	
	
	
	
| .. include:: includes.rst
 | ||
| 
 | ||
| Introduction
 | ||
| ==================================
 | ||
| Containers_ simplify the production, distribution, discoverability, and usage of applications with all of their dependencies and default configuration files. Users test drive or deploy a new application with one or two commands instead of following pages of installation instructions. Here's how to find your first `Container Image`_::
 | ||
| 
 | ||
|     podman search docker.io/busybox
 | ||
| 
 | ||
| Output::
 | ||
| 
 | ||
|     NAME                                         DESCRIPTION
 | ||
|     docker.io/library/busybox                    Busybox base image.
 | ||
|     docker.io/rancher/busybox
 | ||
|     docker.io/openebs/busybox-client
 | ||
|     docker.io/antrea/busybox
 | ||
|     docker.io/hugegraph/busybox                  test image
 | ||
|     ...
 | ||
| 
 | ||
| The previous command returned a list of publicly available container images on DockerHub. These container images are easy to consume, but of differing levels of quality and maintenance. Let’s use the first one listed because it seems to be well maintained.
 | ||
| 
 | ||
| To run the busybox container image, it’s just a single command::
 | ||
| 
 | ||
|     podman run -it docker.io/library/busybox
 | ||
| 
 | ||
| Output::
 | ||
| 
 | ||
|     / #
 | ||
| 
 | ||
| You can poke around in the busybox container for a while, but you’ll quickly find that running small container with a few Linux utilities in it provides limited value, so exit out::
 | ||
| 
 | ||
|     exit
 | ||
| 
 | ||
| There’s an old saying that “nobody runs an operating system just to run an operating system” and the same is true with containers. It’s the workload running on top of an operating system or in a container that’s interesting and valuable.
 | ||
| 
 | ||
| Sometimes we can find a publicly available container image for the exact workload we’re looking for and it will already be packaged exactly how we want. But, more often than not, there’s something that we want to add, remove, or customize. It can be as simple as a configuration setting for security or performance, or as complex as adding a complex workload. Either way, containers make it fairly easy to make the changes we need.
 | ||
| 
 | ||
| Container Images aren’t actually images, they’re repositories often made up of multiple layers. These layers can easily be added, saved, and shared with others by using a Containerfile (Dockerfile). This single file often contains all the instructions needed to build a new container image and can easily be shared with others publicly using tools like GitHub.
 | ||
| 
 | ||
| Here's an example of how to build a Nginx web server on top of a Debian base image using the Dockerfile maintained by Nginx and published in GitHub::
 | ||
| 
 | ||
|     podman build -t nginx https://git.io/Jf8ol
 | ||
| 
 | ||
| Once, the image build completes, it’s easy to run the new image from our local cache::
 | ||
| 
 | ||
|     podman run -d -p 8080:80 nginx
 | ||
|     curl localhost:8080
 | ||
| 
 | ||
| Output::
 | ||
| 
 | ||
|     ...
 | ||
|     <p><em>Thank you for using nginx.</em></p>
 | ||
|     ...
 | ||
| 
 | ||
| Building new images is great, but sharing our work with others lets them review our work, critique how we built them, and offer improved versions. Our newly built Nginx image can be published at quay.io or docker.io to share it with the world. Everything needed to run the Nginx application is provided in the container image. Others can easily pull it down and use it, or make improvements to it.
 | ||
| 
 | ||
| Standardizing on container images and `Container Registries`_ enable a new level of collaboration through simple consumption. This simple consumption model is possible because every major Container Engine and Registry Server uses the Open Containers Initiative (OCI_) format. This allows users to find, run, build, share and deploy containers anywhere they want. Podman and other `Container Engines`_ like CRI-O, Docker, or containerd can create and consume container images from docker.io, quay.io, an on premise registry or even one provided by a cloud provider. The OCI image format facilitates this ecosystem through a single standard.
 | ||
| 
 | ||
| For example, if we wanted to share our newly built Nginx container image on quay.io it’s easy. First log in to quay::
 | ||
| 
 | ||
|     podman login quay.io
 | ||
| Input::
 | ||
| 
 | ||
|     Username: USERNAME
 | ||
|     Password: ********
 | ||
|     Login Succeeded!
 | ||
| 
 | ||
| Next, tag the image so that we can push it into our user account::
 | ||
| 
 | ||
|     podman tag localhost/nginx quay.io/USERNAME/nginx
 | ||
| 
 | ||
| Finally, push the image::
 | ||
| 
 | ||
|     podman push quay.io/USERNAME/nginx
 | ||
| 
 | ||
| Output::
 | ||
| 
 | ||
|     Getting image source signatures
 | ||
|     Copying blob 38c40d6c2c85 done
 | ||
|     Copying blob fee76a531659 done
 | ||
|     Copying blob c2adabaecedb done
 | ||
|     Copying config 7f3589c0b8 done
 | ||
|     Writing manifest to image destination
 | ||
|     Copying config 7f3589c0b8 done
 | ||
|     Writing manifest to image destination
 | ||
|     Storing signatures
 | ||
| 
 | ||
| Notice that we pushed four layers to our registry and now it’s available for others to share. Take a quick look::
 | ||
| 
 | ||
|     podman inspect quay.io/USERNAME/nginx
 | ||
| 
 | ||
| Output::
 | ||
| 
 | ||
|     [
 | ||
|         {
 | ||
|             "Id": "7f3589c0b8849a9e1ff52ceb0fcea2390e2731db9d1a7358c2f5fad216a48263",
 | ||
|             "Digest": "sha256:7822b5ba4c2eaabdd0ff3812277cfafa8a25527d1e234be028ed381a43ad5498",
 | ||
|             "RepoTags": [
 | ||
|                 "quay.io/USERNAME/nginx:latest",
 | ||
|     ...
 | ||
| 
 | ||
| To summarize, Podman makes it easy to find, run, build and share containers.
 | ||
| 
 | ||
| * Find: whether finding a container on dockerhub.io or quay.io, an internal registry server, or directly from a vendor, a couple of `podman search`_, and `podman pull`_ commands make it easy
 | ||
| * Run: it's easy to consume pre-built images with everything needed to run an entire application, or start from a Linux distribution base image with the `podman run`_ command
 | ||
| * Build: creating new layers with small tweaks, or major overhauls is easy with `podman build`_
 | ||
| * Share: Podman lets you push your newly built containers anywhere you want with a single `podman push`_ command
 | ||
| 
 | ||
| For more instructions on use cases, take a look at our :doc:`Tutorials` page.
 |