One place for hosting & domains

      Install

      How to Install Chef on Ubuntu 20.04


      Chef is a free and open source Infrastructure as Code (IaC) application. It’s a configuration management system that allows administrators to provision and manage infrastructure using automation. A complete Chef workflow includes one or more Chef Workstations, a Chef Server, and a set of nodes. This guide provides some background on how Chef works, and explains how to install and configure Chef on Ubuntu 20.04.

      What is Chef?

      Chef is a IaC application for automating and streamlining the process of provisioning, configuring, deploying, and managing network nodes. It allows for continuous deployment and an automated environment. Chef can manage many types of components including servers, containers, and networking infrastructure.

      Chef operates using a hub-and-spoke architecture, with the master Chef Server at the center. One or more Chef Workstations interact with the Server, which automates the configuration of one or more Chef nodes. Configuration assets move from the workstation to the server and finally to the nodes. Workstations cannot interact with the nodes directly. The Chef infrastructure consists of the following components.

      • Chef Workstation: A workstation is a server for creating and testing configuration code. The code is then pushed to the Chef Server. Several workstations can interact with the same server, but each workstation only links to one server. The
        Chef Workstation documentation contains more information on how to use the workstation.
      • Chef Server: The Chef Server is the “command center” for the entire system. It stores and maintains all the configuration files, code, and scripts. A Chef Server includes many components, including a web server and PostgreSQL database. It is responsible for pushing the relevant assets to the various nodes and keeping track of the nodes under its management. Each server is highly capable, efficient, and robust, and is capable of managing a large number of nodes.
      • Chef Node: The Chef Server deploys and manages a node using assets developed on the Chef Workstation. Each node is administered by a single Chef Server. Although it is dependent on the server, a Chef Node contains a Chef client. The client queries the server for updates and keeps the node up to date.

      The following illustration indicates the relationship between the three parts of the Chef system.

      The workstations use Chef commands, such as the knife directive, to interact with the server. Chef incorporates extra security and authentication into all of its operations, using public key encryption. However, the Chef system is complex and has a high learning curve.

      Chef uses an idiosyncratic terminology based on cooking vocabulary. Some of the more important terms include the following:

      • Attribute: Specifies a value for an item on a node.
      • Bookshelf: Stores the various cookbooks and assets on a Chef Server using versioning control.
      • Chef-client: Runs on the node, and is responsible for verifying whether the node is up-to-date with the assets stored on the server.
      • Chef-repo: A directory on the Chef Workstation that contains the local cookbooks and configuration files.
      • Cookbook: The primary method of managing nodes. It contains information describing the final state of a node. The Chef server and node use the cookbook to guide configuration. Cookbooks contain recipes, along with attributes, libraries, templates, and scripts. These cookbooks can be developed on the workstation or downloaded from the
        Chef Supermarket.
      • Environment: Collects nodes into groups to better organize them. Similar configurations and scripts can be applied to the entire group.
      • Knife: A Chef Workstation uses the knife tool to correspond with the Chef Server. A knife command usually takes the format knife subcommand [ARGUMENT] (options).
      • Recipe: A recipe is contained within a cookbook. It explains the resources to add, change, or run on the node. Recipes are written in Ruby.
      • Resource: A resource is part of a recipe. It contains a type, name, and list of key-value pairs for a component.
      • Test Kitchen: This is a workstation module to help users test recipes before deployment.

      Linode has a helpful
      Beginner’s Guide to Chef. For detailed information about Chef, see the
      Chef documentation. Chef also makes the
      Learn Chef training resource available.

      Before You Begin

      1. If you have not already done so, create a Linode account and Compute Instance. See our
        Getting Started with Linode and
        Creating a Compute Instance guides.

      2. Follow our
        Setting Up and Securing a Compute Instance guide to update your system. You may also wish to set the timezone, configure your hostname, create a limited user account, and harden SSH access.

      3. At least three Linode systems running Ubuntu 20.04 are required to implement a Chef system. One server is for the Chef Workstation, the second for the Chef Server, while a third represents a node under administration. Due to Chef’s memory demands, the Chef Server requires a 8GB Linode. The other two servers can be 2GB Linodes. Both the Chef Server and Chef Workstation should be configured using the previous instructions. Chef is used to set up the target node.

      4. Ensure all Linode servers are updated using the following command.

        sudo apt update && sudo apt upgrade
      5. Assign a domain name to the Chef Server. For information on domain names and pointing the domain name to a Linode, see the
        Linode DNS Manager guide.

      6. Configure the host name of the Chef Server so it matches the domain name. This allows SSL certificate allocation to proceed normally. To set the host name of a Ubuntu server, use the command sudo hostnamectl set-hostname <hostname>, replacing <hostname> with the actual name of your domain.

      Note

      This guide is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you are not familiar with the sudo command, see the
      Users and Groups guide.

      How to Install and Configure the Chef Server

      Because the Chef Server operates as a hub for the entire system, it is best to install and configure it first. The Chef Server uses a high amount of resources, so it is important to use a dedicated Linode with at least 8GB of memory.

      How to Install the Chef Server

      The Chef Server Core can be downloaded using wget. The following steps demonstrate how to download the latest release of Chef for the Ubuntu 20.04 release. For other releases of Ubuntu, see the
      Chef download page. For more detailed instructions, see the
      Chef Server installation page. To install the Chef Server, follow these steps.

      1. Download the Chef Server core using wget.

        wget https://packages.chef.io/files/stable/chef-server/15.1.7/ubuntu/20.04/chef-server-core_15.1.7-1_amd64.deb
      2. Install the server core.

        sudo dpkg -i chef-server-core_*.deb
        Selecting previously unselected package chef-server-core.
        (Reading database ... 108635 files and directories currently installed.)
        Preparing to unpack chef-server-core_15.1.7-1_amd64.deb ...
        Unpacking chef-server-core (15.1.7-1) ...
        Setting up chef-server-core (15.1.7-1) ...
        Thank you for installing Chef Infra Server!
      3. For better security and to preserve server space, remove the downloaded .deb file.

        rm chef-server-core_*.deb
      4. Start the Chef server. Answer yes when prompted to accept the product licenses.

        Note

        The installation process takes several minutes to complete. Upon a successful installation, the message Chef Infra Server Reconfigured! is displayed.

        sudo chef-server-ctl reconfigure

      How to Configure a Chef User and Organization

      To use Chef, configure an organization and at least one user on the Chef Server. This enables server access for workstations and nodes. To create these accounts, follow these steps.

      1. Create a .chef directory to store the keys. This should be a subdirectory located inside the home directory.

      2. Use the chef-server-ctl command to create a user account for the Chef administrator. Additional user accounts can be created later. Replace the USER_NAME, FIRST_NAME, LAST_NAME, EMAIL, and PASSWORD fields with the relevant information. For the --filename argument, replace USER_NAME.pem with the user name used earlier in the command.

        sudo chef-server-ctl user-create USER_NAME FIRST_NAME LAST_NAME EMAIL 'PASSWORD' --filename ~/.chef/USER_NAME.pem
      3. Review the user list and confirm the account now exists.

        sudo chef-server-ctl user-list
        USER_NAME
      4. Create a new organization, also using the chef-server-ctl command. Replace ORG_NAME and ORG_FULL_NAME with the actual name of the organization. The ORG_NAME field must be all lower case. The value for USER_NAME must be the same name used in the user-create command. For the --filename argument, in ORG_NAME.pem, replace ORG_NAME with the organization name used elsewhere in the command.

        sudo chef-server-ctl org-create ORG_NAME "ORG_FULL_NAME" --association_user USER_NAME --filename ~/.chef/ORG_NAME.pem
      5. List the organizations to confirm the new organization is successfully created.

        sudo chef-server-ctl org-list
        ORG_NAME

      How to Install and Configure a Chef Workstation

      A Chef Workstation is for users to create and test recipes. Any Linode with at least 2GB of memory can be used for this task. Unlike the Chef Server, a workstation can also be used for other tasks. However, in a larger organization hosting many users, it is often efficient to centralize workstation activities on one server hosting multiple accounts.

      How to Install a Chef Workstation

      The steps for installing a Chef Workstation are similar to those for installing the Server. Download the correct file using wget, then install it. To install a Chef Workstation, follow these steps.

      1. Download the source files for the Chef Workstation. For different releases of the Workstation, or downloads for earlier releases, see the
        Chef Workstation Downloads page. For more information on the installation process, see the
        Chef Workstation Installation Documentation.

        wget https://packages.chef.io/files/stable/chef-workstation/22.10.1013/ubuntu/20.04/chef-workstation_22.10.1013-1_amd64.deb
      2. Install the Chef Workstation.

        sudo dpkg -i chef-workstation_*.deb
        Thank you for installing Chef Workstation!
      3. Remove the source file.

        rm chef-workstation_*.deb
      4. Confirm the correct release of the Chef Workstation is installed.

        Chef Workstation version: 22.10.1013
        Chef Infra Client version: 17.10.0
        Chef InSpec version: 4.56.20
        Chef CLI version: 5.6.1
        Chef Habitat version: 1.6.521
        Test Kitchen version: 3.3.2
        Cookstyle version: 7.32.1

      How to Configure a Chef Workstation

      A few more items must be configured before the Workstation is operational. Tasks include generating a repository, editing the hosts file, and creating a subdirectory. To fully configure the workstation, follow these steps.

      1. Generate the chef-repo repository. This directory stores the Chef cookbooks and recipes. Enter yes when asked whether to accept the product licenses.

        chef generate repo chef-repo
        Your new Chef Infra repo is ready! Type `cd chef-repo` to enter it.
      2. Edit the /etc/hosts file. This file contains mappings between host names and their IP addresses. Add an entry for the Chef Server, containing the name of the server, which is also the domain name, and its IP address. In this example, this is indicated in the line 192.0.1.0 example.com. There must also be an entry for the local server. This is the 192.0.2.0 chefworkstation line in the example. This entry must contain the local IP address and the hostname of the server hosting the Chef Workstation. The file should resemble the following example.

        File: /etc/hosts
        1
        2
        3
        
        127.0.0.1 localhost
        192.0.1.0 example.com
        192.0.2.0 chefworkstation
      3. Create a .chef subdirectory. This is where the knife file is stored, along with files for encryption and security.

        mkdir ~/chef-repo/.chef
        cd chef-repo

      How to Add RSA Private Keys

      RSA private keys enable better security between the Chef Server and associated workstations through the use of encryption. Earlier, RSA private keys were created on the Chef Server. Copying these keys to a workstation allows it to communicate with the server. To enable encryption using RSA private keys, follow these steps.

      Note

      SSH password authentication must be enabled on the Chef Server to complete the key exchange. If SSH password authentication has been disabled for better security, enable it again before proceeding. After the keys have been retrieved and added to the workstation, SSH password authentication can be disabled again. See the Linode guide to
      How to Secure Your Server for more information.
      1. On the workstation, generate an RSA key pair. This key can be used to initially access the Chef server to copy over the private encryption files.

        Generating public/private rsa key pair.
        Enter file in which to save the key (/home/username/.ssh/id_rsa):
      2. Hit the Enter key to accept the default file names id_rsa and id_rsa.pub. Ubuntu stores these files in the /home/username/.ssh directory.

        Created directory '/home/username/.ssh'.
        Enter passphrase (empty for no passphrase):
      3. Enter a password when prompted, then enter it again. An identifier and public key are saved to the directory.

        Your identification has been saved in /home/username/.ssh/id_rsa
        Your public key has been saved in /home/username/.ssh/id_rsa.pub
      4. Copy the new public key from the workstation to the Chef Server. In the following command, use the account name for the Chef Server along with its IP address.

        ssh-copy-id username@192.0.1.0
      5. Use the scp command to copy the .pem files from the Chef Server to the workstation. In the following example, replace username with the user account for the Chef Server and 192.0.1.0 with the actual Chef Server IP address.

        scp username@192.0.1.0:~/.chef/*.pem ~/chef-repo/.chef/
        Enter passphrase for key '/home/username/.ssh/id_rsa':
        username.pem                                                                       100% 1674     1.7MB/s   00:00
        testcompany.pem                                                                 100% 1678     4.7MB/s   00:00
      6. List the contents of the .chef subdirectory to ensure the .pem files were successfully copied.

        username.pem  testcompany.pem

      How to Configure Git on a Chef Workstation

      A version control system helps the Chef Workstation track any changes to the cookbooks and restore earlier versions if necessary. This example uses Git, which is compatible with the Chef system. The following steps explain how to configure Git, initialize a Git repository, add new files, and commit them.

      1. Configure Git using the git config command. Replace username and user@email.com with your own values.

        git config --global user.name username
        git config --global user.email user@email.com
      2. Add the .chef directory to the .gitignore file. This ensures system and auto-generated files are not shown in the output of git status and other Git commands.

        echo ".chef" > ~/chef-repo/.gitignore
      3. Ensure the chef-repo directory is the current working directory. Add and commit the existing files using git add and git commit.

        cd ~/chef-repo
        git add .
        git commit -m "initial commit"
        [master (root-commit) a3208a3] initial commit
        13 files changed, 343 insertions(+)
        create mode 100644 .chef-repo.txt
        ...
        create mode 100644 policyfiles/README.md
      4. Run the git status command to ensure all files have been committed.

        On branch master
        nothing to commit, working tree clean

      How to Generate a Chef Cookbook

      To generate a new Chef cookbook, use the chef generate command.

      chef generate cookbook my_cookbook

      How to Configure the Knife Utility

      The Chef Knife utility helps a Chef workstation communicate with the server. It provides a method of managing cookbooks, nodes, and the Chef environment. Chef uses the config.rb file in the .chef subdirectory to store the Knife configuration. To configure Knife, follow these steps.

      1. Create a config.rb file in the ~/chef-repo/.chef directory. This example uses vi, but any text editor can be used.

        cd ~/chef-repo/.chef
        vi config.rb
      2. Use the following config.rb file as an example of how to configure Knife. Copy this sample configuration to the file.

        File: ~/chef-repo/.chef/config.rb
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        11
        
        current_dir = File.dirname(__FILE__)
        log_level                :info
        log_location             STDOUT
        node_name                'node_name'
        client_key               "USER.pem"
        validation_client_name   'ORG_NAME-validator'
        validation_key           "ORG_NAME-validator.pem"
        chef_server_url          'https://example.com/organizations/ORG_NAME'
        cache_type               'BasicFile'
        cache_options( :path => "#{ENV['HOME']}/.chef/checksums" )
        cookbook_path            ["#{current_dir}/../cookbooks"]
      3. Make the following changes:

        • node_name must be the name of the user account created when configuring the Chef Server.
        • For client_key, replace USER with the user name associated with the .pem file, followed by .pem.
        • validation_client_name requires the same ORG_NAME used when creating the organization followed by -validator.
        • the validation_key field must contain the name used for ORG_NAME when the organization was created, followed by -validator.pem.
        • For chef_server_url, change example.com to the name of the domain. Follow the domain name with /organizations/ and the ORG_NAME used when creating the organization.
        • Leave the remaining fields unchanged.
      4. Move back to the chef-repo directory and fetch the necessary SSL certificates from the server using the knife fetch command.

        Note

        The SSL certificates were generated when the Chef server was installed. The certificates are self-signed. This means a certificate authority has not verified them. Before fetching the certificates, log in to the Chef server and ensure the hostname and fully qualified domain name (FQDN) are the same. These values can be confirmed using the commands hostname and hostname -f.

        Knife has no means to verify these are the correct certificates. You should verify the authenticity of these certificates after downloading.
        Adding certificate for example.com in /home/username/chef-repo/.chef/trusted_certs/example.com.crt
      5. To confirm the config.rb file is correct, run the knife client list command. The relevant validator name should be displayed.

        testcompany-validator

      How to Bootstrap a Node

      At this point, both the Chef Server and Chef Workstation are configured. They can now be used to bootstrap the node. The bootstrap process installs the chef client on the node and performs validation. The node can then retrieve any necessary updates from the Chef Server. To bootstrap the node, follow these steps.

      1. Log in to the target node, which is the node to be bootstrapped, and edit the /etc/hosts file. Add entries for the node, the Chef server domain name, and the workstation. The file should resemble the following example, using the actual names of the Chef Server, workstation, and the target node, along with their IP addresses.

        File: /etc/hosts
        1
        2
        3
        4
        
        127.0.0.1 localhost
        192.0.100.0 targetnode
        192.0.2.0 chefworkstation
        192.0.1.0 example.com
      2. Return to the Linode hosting the Chef Workstation and change the working directory to ~/chef-repo/.chef.

      3. Bootstrap the node using the knife bootstrap command. Specify the IP address of the target node for node_ip_address. This is the address of the node to bootstrap. In the following example, use the actual user name and password for the account in place of username and password. Enter the name of the node in place of nodename. Answer Y when asked “Are you sure you want to continue connecting”.

        Note

        The option to bootstrap using key-pair authentication no longer appears to be supported.

        knife bootstrap node_ip_address -U username -P password --sudo --use-sudo-password --node-name nodename
      4. Confirm the node has been successfully bootstrapped. List the client nodes using the knife client list command. All bootstrapped nodes should be listed.

        target-node
        testcompany-validator
      5. Add the bootstrapped node to the workstation /etc/hosts file as follows. Replace 192.0.100.0 targetnode with the IP address and name of the bootstrapped node.

        File: /etc/hosts
        1
        2
        3
        4
        
        127.0.0.1 localhost
        192.0.1.0 example.com
        192.0.2.0 chefworkstation
        192.0.100.0 targetnode

      How to Download and Apply a Cookbook (Optional)

      A cookbook is the most efficient way of keeping target nodes up to date. In addition, a cookbook can delete the validation.pem file that was created on the node when it was bootstrapped. It is important to delete this file for security reasons.

      It is not mandatory to download or create cookbooks to use Chef. But this section provides a brief example of how to download a cookbook and apply it to a node.

      1. On the Chef workstation, change to the ~/chef-repo/.chef directory.

      2. Download the cron-delvalidate cookbook from the Chef Supermarket. For more information on the supermarket command see the
        Chef supermarket documentation.

        knife supermarket download cron-delvalidate
        Downloading cron-delvalidate from Supermarket at version 0.1.3 to /home/username/chef-repo/.chef/cron-delvalidate-0.1.3.tar.gz
        Cookbook saved: /home/username/chef-repo/.chef/cron-delvalidate-0.1.3.tar.gz
      3. If the cookbook is downloaded as a .tar.gz file, use the tar command to extract it. Move the extracted directory to the cookbooks directory.

        tar -xf cron-delvalidate-0.1.3.tar.gz
        cp -r  cron-delvalidate ~/chef-repo/cookbooks/
      4. Review the cookbook’s default.rb file to see the recipe. This recipe is written in Ruby and demonstrates how a typical recipe is structured. It contains a cron job named clientrun. This job instantiates a new cron job to run the chef-client command on an hourly basis. It also removes the extraneous validation.pem file.

        File: ~/chef-repo/cookbooks/cron-delvalidate/recipes/default.rb
         1
         2
         3
         4
         5
         6
         7
         8
         9
        10
        11
        12
        13
        14
        15
        
        #
        # Cookbook Name:: cron-delvalidate
        # Recipe:: Chef-Client Cron & Delete Validation.pem
        #
        #
        cron "clientrun" do
          minute '0'
          hour '*/1'
          command "/usr/bin/chef-client"
          action :create
        end
        
        file "/etc/chef/validation.pem" do
          action :delete
        end
      5. Add the recipe to the run list for the node. In the following command, replace nodename with the name of the node.

        knife node run_list add nodename 'recipe[cron-delvalidate::default]'
        nodename:
          run_list: recipe[cron-delvalidate::default]
      6. Upload the cookbook and its recipes to the Chef Server.

        knife cookbook upload cron-delvalidate
        Uploading cron-delvalidate [0.1.3]
        Uploaded 1 cookbook.
      7. Run the chef-client command on the node using the knife ssh utility. This command causes the node to pull the recipes in its run list from the server. It also determines whether there are any updates. The Chef Server transmits the recipes to the target node. When the recipe runs, it deletes the file and installs a cron job to keep the node up to date in the future. In the following command, replace nodename with the actual name of the target node. Replace username with the name of a user account with sudo access. Enter the password for the account when prompted to do so.

        knife ssh 'name:nodename' 'sudo chef-client' -x username
        nodename Chef Infra Client, version 17.10.3
        nodename Patents: https://www.chef.io/patents
        nodename Infra Phase starting
        nodename Resolving cookbooks for run list: ["cron-delvalidate::default"]
        nodename Synchronizing cookbooks:
        nodename   - cron-delvalidate (0.1.3)
        nodename Installing cookbook gem dependencies:
        nodename Compiling cookbooks...
        nodename Loading Chef InSpec profile files:
        nodename Loading Chef InSpec input files:
        nodename Loading Chef InSpec waiver files:
        nodename Converging 2 resources
        nodename Recipe: cron-delvalidate::default
        nodename   * cron[clientrun] action create
        nodename     - add crontab entry for cron[clientrun]
        nodename   * file[/etc/chef/validation.pem] action delete (up to date)
        nodename
        nodename Running handlers:
        nodename Running handlers complete
        nodename Infra Phase complete, 1/2 resources updated in 03 seconds

      Conclusion

      Chef is an infrastructure as code (IaC) application for automating the deployment and management of infrastructure nodes. The Chef architecture consists of the Chef Server, which stores all the procedures, and a Chef Workstation, where the infrastructure code is developed. The managed nodes communicate with the server to receive updates. To use Chef, install the Chef Server and Chef Workstation software. Share RSA keys between the server and workstation, and install version control and the Chef Knife utility on the workstation. Bootstrap the target nodes using the knife bootstrap utility. After a node is bootstrapped, it is possible to download cookbooks and recipes using the node’s run list. For more information, see the
      Chef documentation.

      More Information

      You may wish to consult the following resources for additional information
      on this topic. While these are provided in the hope that they will be
      useful, please note that we cannot vouch for the accuracy or timeliness of
      externally hosted materials.



      Source link

      How to Install Podman for Running Containers


      Podman is an open source containerization tool. Like Docker, Podman is a solution for creating, running, and managing containers. But Podman goes beyond Docker, using a secure daemonless process to run containers in rootless mode.

      For more on what Podman is and how it compares to Docker, you can refer to our guide
      Podman vs Docker. The guide familiarizes you with the basics of Podman and Docker and compares and contrast the two tools.

      In this tutorial, learn everything you need to install and start using Podman on your Linux system. By the end, you can run and manage containers using Podman.

      Before You Begin

      1. Familiarize yourself with our
        Getting Started with Linode guide, and complete the steps for setting your Linode’s hostname and timezone.

      2. This guide uses sudo wherever possible. Complete the sections of our
        How to Secure Your Server guide to create a standard user account, harden SSH access, and remove unnecessary network services.

      3. Update your system.

        • Debian or Ubuntu:

          sudo apt update && sudo apt upgrade
          
        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf upgrade
          

      Note

      This guide is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you’re not familiar with the sudo command, see the
      Users and Groups guide.

      How to Install Podman

      1. Podman is available through the default package managers on most Linux distributions.

        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf install podman
          
        • Debian or Ubuntu:

          sudo apt install podman
          

          Note

          Podman is only available through the APT package manager for Debian 11 or Ubuntu 20.10 and later.

      2. Afterward, verify your installation by checking the installed Podman version:

        podman -v
        

        Your output may vary from what is shown here, but you are just looking to see that Podman installed successfully:

        podman version 4.1.1

      Configuring Podman for Rootless Usage

      Podman operates using root privileges by default – for instance, using the sudo preface for commands. However, Podman is also capable of running in rootless mode, an appealing feature when you want limited users to execute container actions securely.

      Docker can allow you to run commands as a limited user, but the Docker daemon still runs as root. This is a potential security issue with Docker, one that may allow limited users to execute privileged commands through the Docker daemon.

      Podman solves this with the option of a completely rootless setup, where containers operate in a non-root environment. Below you can find the steps to set up your Podman instance for rootless usage.

      1. Install the slirp4netns and fuse-overlayfs tools to support your rootless Podman operations.

        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf install slirp4netns fuse-overlayfs
          
        • Debian or Ubuntu:

          sudo apt install slirp4netns fuse-overlayfs
          
      2. Add subuids and subgids ranges for your limited user. This example does so for the user example-user. It gives that user a sub-UID and sub-GID of 100000, each with a range of 65535 IDs:

        sudo usermod --add-subuids 100000-165535 --add-subgids 100000-165535 example-user
        

      With Podman installed, everything is ready for you to start running containers with it. These next sections walk you through the major features of Podman for finding container images and running and managing containers.

      Getting an Image

      Podman offers a few methods for procuring container images, which you can follow along with below. These section also give you a couple of images to start with, and which are used in later sections for further examples.

      Searching for Images

      Perhaps the most straightforward way to get started with a container is by finding an existing image in a registry. With Podman’s search command, you can find matching images in any container registries you have set up.

      Note

      Podman may come with some registries configured by default. However, on some systems, it may first be necessary to configure these registries manually. You can do this by opening the /etc/containers/registries.conf file with your preferred text editor and adding a line like the following to the end:

      unqualified-search-registries=['registry.access.redhat.com', 'registry.fedoraproject.org', 'docker.io', 'quay.io']
      

      You can replace the registries listed here with ones that you would like to look for container images on.

      Podman’s GitHub also has a registries.conf file
      here that you can use as an initial reference.

      This example searches for images matching the term buildah:

      podman search buildah
      

      Keep in mind that your matches may differ depending on the registries your Podman instance is configured with:

      NAME                                                            DESCRIPTION
      registry.access.redhat.com/ubi8/buildah                         Containerized version of Buildah
      registry.access.redhat.com/ubi9/buildah                         rhcc_registry.access.redhat.com_ubi9/buildah
      registry.redhat.io/rhel8/buildah                                Containerized version of Buildah
      registry.redhat.io/rhel9/buildah                                rhcc_registry.access.redhat.com_rhel9/builda...
      [...]

      Downloading an Image

      After searching the registries, you can use Podman to download, or pull, a particular image. This can be accomplished with Podman’s pull command followed by the name of the container image:

      podman pull buildah
      

      As the search output shows, there may be multiple registries matching a given container image:

      Resolved "buildah" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
      Trying to pull quay.io/buildah/stable:latest...
      Getting image source signatures
      [...]

      But you can also be more specific. You can specify the entire image name, with the registry path, to pull from a specific location.

      For instance, this next example pulls the Buildah image from the docker.io registry:

      podman pull docker.io/buildah/buildah
      

      As you can see, it skipped the part where it resolves the shortname alias and pulls the Buildah image directly from the specified source:

      Trying to pull docker.io/buildah/buildah:latest...
      Getting image source signatures
      [...]

      Building an Image

      Like Docker, Podman also gives you the ability to create a container image from a file. Typically, this build process uses the Dockerfile format, though Podman supports the Containerfile format as well.

      You can learn more about crafting Dockerfiles in our guide
      How to Use a Dockerfile to Build a Docker Image. This guide also includes links to further tutorials with more in-depth coverage of Dockerfiles.

      But for now, as an example to see Podman’s build capabilities in action, you can use the following Dockerfile:

      File: Dockerfile
       1
       2
       3
       4
       5
       6
       7
       8
       9
      10
      11
      12
      13
      
      # Base on the most recently released Fedora
      FROM fedora:latest
      MAINTAINER ipbabble email buildahboy@redhat.com # not a real email
      
      # Install updates and httpd
      RUN echo "Updating all fedora packages"; dnf -y update; dnf -y clean all
      RUN echo "Installing httpd"; dnf -y install httpd && dnf -y clean all
      
      # Expose the default httpd port 80
      EXPOSE 80
      
      # Run the httpd
      CMD ["/usr/sbin/httpd", "-DFOREGROUND"]

      Place these contents in a file named Dockerfile. Then, working from the same directory the file is stored in, you can use the following Podman command to build an image from the file:

      podman build -t fedora-http-server .
      

      The -t option allows you to give the image a tag, or name – fedora-http-server in this case. The . at the end of the command specifies the directory in which the Dockerfile can be found, where a . represents the current directory.

      Keep reading onto the section below titled
      Running a Container Image to see how you can run a container from an image built as shown above.

      Podman’s build command works much like Docker’s, but is actually a subset of the build functionality within Buildah. In fact, Podman uses a portion of Buildah’s source code to implement its build function.

      Buildah offers more features and fine-grained control when it comes to building containers. For that reason, many see Podman and Buildah as complementary tools. Buildah provides a robust tool for crafting container images from both container files (e.g. Dockerfiles) and from scratch. Podman then excels at running and managing the resulting containers.

      You can learn more about Buildah, including steps for setup and usage, in our guide
      How to Use Buildah to Build OCI Container Images.

      Listing Local Images

      Once you have one or more images locally on your system, you can see them using Podman’s images command. This gives you a list of images that have been created or downloaded onto your system:

      podman images
      

      Following the two sections above — on downloading and then building container images — you could expect an output similar to:

      REPOSITORY                         TAG         IMAGE ID      CREATED       SIZE
      localhost/fedora-http-server       latest      f6f5a66c8a4d  2 hours ago   328 MB
      quay.io/buildah/stable             latest      eef9e8be5fea  2 hours ago  358 MB
      registry.fedoraproject.org/fedora  latest      3a66698e6040  2 hours ago  169 MB

      Running a Container Image

      With images either downloaded or created, you can begin using Podman to run containers.

      The process can be relatively straightforward with Podman’s run command, which just takes the name of the image to run a container from.

      Here is an example using the Buildah image downloaded above. This example runs the Buildah image, specifically executing the buildah command on the resulting container:

      podman run buildah buildah -v
      

      The -v option is included to output the version of the application:

      buildah version 1.26.2 (image-spec 1.0.2-dev, runtime-spec 1.0.2-dev)

      Containers’ operations can get more complicated from there, and Podman has plenty of features to support a wide range of needs when it comes to running containers.

      Take the fedora-http-server example created from a Dockerfile above. This example runs an HTTP server on the container’s port 80. The following command demonstrates how Podman lets you control how that container operates.

      The command runs the container, which automatically starts up an HTTP server. The -p option given here publishes the container’s port 80 to the local machine’s port 8080, while the --rm option automatically stops the container when it finishes running — a fitting solution for a quick test.

      podman run -p 8080:80 --rm fedora-http-server
      

      Now, on the machine where the image is running, use a cURL command to verify that the default web page is being served on port 8080:

      curl localhost:8080
      

      You should see the HTML of the Fedora HTTP Server Test Page:

      <!doctype html>
      <html>
        <head>
          <meta charset='utf-8'>
          <meta name='viewport' content='width=device-width, initial-scale=1'>
          <title>Test Page for the HTTP Server on Fedora</title>
          <style type="text/css">
            /*<![CDATA[*/
      
            html {
              height: 100%;
              width: 100%;
            }
              body {
      [...]

      Managing Containers and Images

      Podman prioritizes effectively running and managing containers. As such, it comes with plenty of commands for keeping track of and operating your containers.

      These next several sections walk through some of the most useful Podman operations, and can help you get the most out of your containers.

      Listing Containers

      Often those working with containers may keep a container or two, sometimes several containers, running in the background.

      To keep track of these containers, you can use Podman’s ps command. This lists the currently running containers on your system.

      For instance, if you are in the process of running the fedora-http-server container shown above, you can expect something like:

      podman ps
      
      CONTAINER ID  IMAGE                                COMMAND               CREATED        STATUS            PORTS                 NAMES
      daadb647b880  localhost/fedora-http-server:latest  /usr/sbin/httpd -...  8 seconds ago  Up 8 seconds ago  0.0.0.0:8080->80/tcp  suspicious_goodall

      And if you want to list all containers, not just the ones that are currently running, you can add the -a option to the command:

      podman ps -a
      

      The output of this command also includes the buildah command executed using podman run further above:

      CONTAINER ID  IMAGE                                COMMAND               CREATED             STATUS                     PORTS                 NAMES
      db71818eda38  quay.io/buildah/stable:latest        buildah -v            12 minutes ago      Exited (0) 12 minutes ago                        exciting_kowalevski
      daadb647b880  localhost/fedora-http-server:latest  /usr/sbin/httpd -...  About a minute ago  Up About a minute ago      0.0.0.0:8080->80/tcp  suspicious_goodall

      Starting and Stopping Containers

      Podman can individually control when to stop and start containers, using the stop and start commands, respectively. Each of these commands takes either the container ID or container name as an argument, both of which you can find using the ps command, as shown above.

      For example, you can stop the fedora-http-server container above with:

      podman stop daadb647b880
      

      Had this container been run without the --rm option, which automatically removes the container when it has stopped running, you could start the container back up simply with:

      podman start daadb647b880
      

      For either command, you could substitute the container name for its ID, as so:

      podman stop suspicious_goodall
      

      Removing a Container

      You can manually remove a container using Podman’s rm command, which, like the stop and start commands, takes either a container ID or name as an argument.

      podman rm daadb647b880
      

      Creating an Image from a Container

      Podman can render a container into an image using the commit command. This can be used to manually create an updated container image after components have been added to, removed from, or modified on a container.

      Like other container-related commands, this command takes the container ID or name as an argument. It’s also good practice to include an author name along with the commit, via the --author option:

      podman commit --author "Example User" daadb647b880
      

      As noted in the section above on creating images with Podman, Buildah tends to offer more features and control when it comes to creating container images. But Podman is certainly capable in many cases and may be enough to fit your given needs.

      Conclusion

      Podman offers not just a simple alternative to Docker, but a powerful containerization tool with the weight of secure, rootless operations. And, with this tutorial, you have what you need to start using Podman for running and managing your containers.

      Keep learning about effective tools for working with containers through the links on Podman, Buildah, and Dockerfiles provided in the course of this tutorial. Continue sharpening your Podman knowledge through the links provided at the end of this tutorial.

      More Information

      You may wish to consult the following resources for additional information
      on this topic. While these are provided in the hope that they will be
      useful, please note that we cannot vouch for the accuracy or timeliness of
      externally hosted materials.



      Source link

      How to Install WooCommerce on Your WordPress Website


      If you’re planning on using WordPress to create an online store, you’ll strongly want to consider installing WooCommerce. This plugin has become the de facto e-commerce solution for WordPress sites, thanks to its flexibility and a wide variety of customization options. However, given its wealth of features, it can be daunting to get started.

      Fortunately, WooCommerce is very easy to set up. Any e-commerce newbie can download, install, and configure the plugin to create a functional online store in no time. Even smaller tasks, like managing your products and configuring costs, are easy to handle.

      Getting Started With WooCommerce

      WooCommerce

      According to BuiltWith, WooCommerce powers 26% of all e-commerce sites. This makes it the most popular e-commerce solution in the world, and it’s not hard to see why. All you need is a WordPress site and the WooCommerce plugin to create a fully-functional, secure, and visually appealing store.

      What’s more, WooCommerce offers a lot of customization opportunities and scalability. The basic, free plugin will be enough for most online stores.

      WooCommerce also provides plenty of options to grow, scale, and expand your business as it becomes more successful. There are WooCommerce extensions, which add new functionality to your store, as well as dedicated themes like Storefront that help you perfect its appearance.

       

      With all of this in mind, it’s easy to see why you should consider WooCommerce when creating your online store in WordPress. It’s an excellent choice for beginners and experienced professionals alike. Now, let’s take a closer look at how the plugin works in practice.

      How to Install and Set Up WooCommerce (In 5 Steps)

      Creating and configuring your WooCommerce store is a pretty simple process. However, before you get started, it’s important to take a look at the recommended server requirements for WooCommerce:

      If your server does not meet these recommended minimums, your store will struggle, and it might not even work at all. One solution is to take advantage of our WooCommerce hosting plan:

      DreamHost WooCommerce hosting

      This plan comes with WooCommerce pre-installed, as well as several additional plugins and themes to make your store even better. Plus, essential considerations such as security, performance, and updates will be handled for you.

      Once you have your website and hosting plan ready, it’s time to create your WooCommerce store!

      Step 1: Install and Activate the WooCommerce Plugin

      WooCommerce WordPress plugin

      This first step is the most basic one. Simply install and activate WooCommerce just as you would any other plugin. As soon as you activate it, you will be presented with the WooCommerce setup wizard. This will help you configure your store, and we’ll look more closely at it in a moment.

      First, let’s see how activating WooCommerce has affected your site. Once WooCommerce is installed, you’ll find a number of new features, including:

      • Two new user roles: Customer and Shop Manager.
      • Widgets to help you display products in various ways.
      • Custom post types, taxonomies, and menu items.
      • Several shortcodes for inserting content into posts and pages.

      It’s worth noting that WooCommerce works a little differently on a WordPress Multisite install. Each site will share a database but store information in separate data tables. This setup makes each store its own separate entity. You will not be able to share information between the stores, such as user accounts, products, or checkout information. However, you can share extensions and themes across multiple WooCommerce sites.

      If you’re using a single WordPress site, you don’t need to worry about any of that.

      Now, it’s time to start configuring your store using the wizard we mentioned earlier.

      Get Content Delivered Straight to Your Inbox

      Subscribe to our blog and receive great content just like this delivered straight to your inbox.

      Step 2: Add Your Store’s Basic Information

      The first thing you’ll see after activating the WooCommerce plugin is the setup wizard. This will help you set up your site in a few simple steps. It’s worth noting that any settings you configure here can easily be changed later.

      The first page of the wizard contains general information about your store. You’ll be required to enter your store’s location, for instance. If your business does not have a physical location but is entirely based online, you will still need to select your country:

      WooCommerce store setup wizard

      You’ll then need to choose the currency you want to use. Your store can only use one currency at a time, but if you want to display prices in various currencies, you can use a plugin like Currency Converter Widget.

      The last option asks what type of products you plan on selling: physical, digital, or both. There are more specific product types (which we’ll look at later), but for now, you can select the option that best suits your needs. The final option is a checkbox that you should only tick if you’re also planning on selling items in person.

      When you’ve entered all the required information, click on Let’s go! to proceed to the next step.

      Step 3: Set Up Your Payment Options

      The next phase of the wizard lets you enter the payment options for your store. Here you can choose which payment methods you want to accept:

      WooCommerce payment configuration options

      The choices you’ll see will differ slightly depending on your specified location and the options you selected on the previous page:

      • PayPal and Stripe are always available.
      • Square is available if you selected the option to sell items in person and if your store is located in the U.S., the U.K., Canada, Australia, or Japan.
      • Klarna is also available if your store is in the U.K., Norway, Finland, Sweden, Denmark, Austria, Germany, or the Netherlands.

      Select the options you want to use, and WooCommerce will install the necessary extensions. You can always remove and add payment methods later.

      The final option in this section asks if you want to accept offline payments. If you select this, a panel will appear with more detailed options, letting you choose all payment types you’re willing to use:

      configuring accepted payment methods in WooCommerce

      When you have picked all the payment options you’ll need, click on Continue to proceed to the next page of the wizard.

      Step 4: Configure Your Shipping Settings

      It’s now time to configure your shipping settings. As with the last step, the options here will differ depending on your location. Stores in the U.S. and Canada will see settings relating to USPS and Canada Post, respectively:

      WooCommerce shipping settings

      If you want to use these services, we recommend taking a look at their specific settings to help you settle on appropriate rates.

      Stores located elsewhere will instead only see the options for specifying the weight and dimension units you want to use in your store. Simply choose the correct units, then select Continue to progress.

      Step 5: Complete the Installation Process

      The final steps of the wizard offer some additional options to help you get your store off the ground. The Extras section contains two choices:

      WooCommerce extras settings screen

      The first one asks if you want to install the Storefront theme. This is the official WooCommerce theme, which is highly recommended, as it’s built specifically to support sites powered by WooCommerce.

      You can also choose if you want WooCommerce to calculate tax rates for you automatically. This may be a better option than manually entering tax rates, depending on your location and business. We suggest that you consult with a professional about how your business should handle taxes.

      When you select Continue, you’ll come to the final step. Here you can connect your store to Jetpack, a useful plugin that will activate several additional services (such as live rates and automatic taxes):

      connect WooCommerce to Jetpack

      Click on Connect with Jetpack or Skip this step to complete your installation. Your store is now ready to go! If you want to configure it even further, we recommend checking out the official documentation to see all the available options.

      Adding Your First Product in WooCommerce

      With your store up and running, it’s time to create something to sell. There are plenty of product types you can use, but for this example, we’ll create a “simple” product. This is the most basic and common product type, meant to be used for physical products that will be shipped and require no additional options.

      To create a product, go to WooCommerce > Products > Add New. This opens the Add new product interface, which should look familiar if you’re used to creating blog posts in WordPress:

      adding a new product in WooCommerce

      Start by giving your product a title and description. You can also assign it to one or more product categories to keep everything organized.

      To configure your product’s settings, you can use the Product Data meta box. You’ll spend most of your time here when managing products, as it covers the most essential information:

      WooCommerce product data

      The first option is the product type, so leave this as Simple product. Then, state whether the product is Virtual or Downloadable. The rest of this section consists of several panels with additional options:

      • General is where you can set the product’s Stock Keep Unit (SKU) and price.
      • Inventory can be used to manage the product’s stock levels.
      • Shipping lets you specify the product’s weight and dimensions.
      • Linked Products can be used to cross-promote similar products or to create product groups.
      • Attributes let you assign attributes to the product, which is a way to connect items with similar characteristics.
      • Advanced contains advanced options, such as the ability to set up orders for the product and create a purchase note.

      These are the basics for creating a product, but there’s plenty more you can do. For instance, you can add product images, create variable products, and learn more about the different product types.

      Feel free to experiment with the editor, and refer to the official documentation whenever you need help. It won’t be long until your online store is off the ground and your wallet is feeling the benefits of your hard work!

      Uninstalling WooCommerce or Reverting to an Earlier Version

      If you want to shut down your store for any reason, you can’t just deactivate and uninstall WooCommerce. This is because the actual store data, such as your settings, orders, customer details, and products, will still be saved in your database.

      To delete all WooCommerce data, you will need to make an edit to your site’s wp-config.php file. This is the file that controls your site’s databases. All you need to do is add a single function to it.

      Copy and paste the following code into your wp-config.php file:

      define( 'WC_REMOVE_ALL_DATA', true);

      Make sure to place this snippet on its own line, right above the final comment in the file. This will clear all WooCommerce data from your database.

      Finally, you should always use the most up-to-date version of your plugins. However, if you do need to install an earlier version of WooCommerce, perhaps for testing purposes, you can do so from the Advanced options on the plugin’s directory page.

      First, you will need to restore a previous backup of your store’s database and uninstall the plugin. You can then use the Previous Versions section on the plugin page to select the one you want:

      When you’ve selected the preferred version, click on Download to get a .zip file of the plugin. You can now upload and install the plugin as usual.

      Create Your Online Store With WooCommerce

      WooCommerce is a terrific option for WordPress users who want to create an online store. Its user-friendly design makes it possible for beginners and experienced users alike to turn their WordPress websites into e-commerce businesses.

      To get started, simply install and activate the plugin on your WordPress site and enter some details about your store and products. Then, you can start adding items to your shop.

      Are you looking to build a fast and secure WooCommerce store? Our WooCommerce hosting solutions can help you speed up your site and grow your online business!

      Your Store Deserves WooCommerce Hosting

      Sell anything, anywhere, anytime on the world’s biggest eCommerce platform.

      Managed WordPress Hosting - DreamPress



      Source link