One place for hosting & domains

      Running

      How to Install Podman for Running Containers


      Podman is an open source containerization tool. Like Docker, Podman is a solution for creating, running, and managing containers. But Podman goes beyond Docker, using a secure daemonless process to run containers in rootless mode.

      For more on what Podman is and how it compares to Docker, you can refer to our guide
      Podman vs Docker. The guide familiarizes you with the basics of Podman and Docker and compares and contrast the two tools.

      In this tutorial, learn everything you need to install and start using Podman on your Linux system. By the end, you can run and manage containers using Podman.

      Before You Begin

      1. Familiarize yourself with our
        Getting Started with Linode guide, and complete the steps for setting your Linode’s hostname and timezone.

      2. This guide uses sudo wherever possible. Complete the sections of our
        How to Secure Your Server guide to create a standard user account, harden SSH access, and remove unnecessary network services.

      3. Update your system.

        • Debian or Ubuntu:

          sudo apt update && sudo apt upgrade
          
        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf upgrade
          

      Note

      This guide is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you’re not familiar with the sudo command, see the
      Users and Groups guide.

      How to Install Podman

      1. Podman is available through the default package managers on most Linux distributions.

        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf install podman
          
        • Debian or Ubuntu:

          sudo apt install podman
          

          Note

          Podman is only available through the APT package manager for Debian 11 or Ubuntu 20.10 and later.

      2. Afterward, verify your installation by checking the installed Podman version:

        podman -v
        

        Your output may vary from what is shown here, but you are just looking to see that Podman installed successfully:

        podman version 4.1.1

      Configuring Podman for Rootless Usage

      Podman operates using root privileges by default – for instance, using the sudo preface for commands. However, Podman is also capable of running in rootless mode, an appealing feature when you want limited users to execute container actions securely.

      Docker can allow you to run commands as a limited user, but the Docker daemon still runs as root. This is a potential security issue with Docker, one that may allow limited users to execute privileged commands through the Docker daemon.

      Podman solves this with the option of a completely rootless setup, where containers operate in a non-root environment. Below you can find the steps to set up your Podman instance for rootless usage.

      1. Install the slirp4netns and fuse-overlayfs tools to support your rootless Podman operations.

        • AlmaLinux, CentOS Stream, Fedora, or Rocky Linux:

          sudo dnf install slirp4netns fuse-overlayfs
          
        • Debian or Ubuntu:

          sudo apt install slirp4netns fuse-overlayfs
          
      2. Add subuids and subgids ranges for your limited user. This example does so for the user example-user. It gives that user a sub-UID and sub-GID of 100000, each with a range of 65535 IDs:

        sudo usermod --add-subuids 100000-165535 --add-subgids 100000-165535 example-user
        

      With Podman installed, everything is ready for you to start running containers with it. These next sections walk you through the major features of Podman for finding container images and running and managing containers.

      Getting an Image

      Podman offers a few methods for procuring container images, which you can follow along with below. These section also give you a couple of images to start with, and which are used in later sections for further examples.

      Searching for Images

      Perhaps the most straightforward way to get started with a container is by finding an existing image in a registry. With Podman’s search command, you can find matching images in any container registries you have set up.

      Note

      Podman may come with some registries configured by default. However, on some systems, it may first be necessary to configure these registries manually. You can do this by opening the /etc/containers/registries.conf file with your preferred text editor and adding a line like the following to the end:

      unqualified-search-registries=['registry.access.redhat.com', 'registry.fedoraproject.org', 'docker.io', 'quay.io']
      

      You can replace the registries listed here with ones that you would like to look for container images on.

      Podman’s GitHub also has a registries.conf file
      here that you can use as an initial reference.

      This example searches for images matching the term buildah:

      podman search buildah
      

      Keep in mind that your matches may differ depending on the registries your Podman instance is configured with:

      NAME                                                            DESCRIPTION
      registry.access.redhat.com/ubi8/buildah                         Containerized version of Buildah
      registry.access.redhat.com/ubi9/buildah                         rhcc_registry.access.redhat.com_ubi9/buildah
      registry.redhat.io/rhel8/buildah                                Containerized version of Buildah
      registry.redhat.io/rhel9/buildah                                rhcc_registry.access.redhat.com_rhel9/builda...
      [...]

      Downloading an Image

      After searching the registries, you can use Podman to download, or pull, a particular image. This can be accomplished with Podman’s pull command followed by the name of the container image:

      podman pull buildah
      

      As the search output shows, there may be multiple registries matching a given container image:

      Resolved "buildah" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
      Trying to pull quay.io/buildah/stable:latest...
      Getting image source signatures
      [...]

      But you can also be more specific. You can specify the entire image name, with the registry path, to pull from a specific location.

      For instance, this next example pulls the Buildah image from the docker.io registry:

      podman pull docker.io/buildah/buildah
      

      As you can see, it skipped the part where it resolves the shortname alias and pulls the Buildah image directly from the specified source:

      Trying to pull docker.io/buildah/buildah:latest...
      Getting image source signatures
      [...]

      Building an Image

      Like Docker, Podman also gives you the ability to create a container image from a file. Typically, this build process uses the Dockerfile format, though Podman supports the Containerfile format as well.

      You can learn more about crafting Dockerfiles in our guide
      How to Use a Dockerfile to Build a Docker Image. This guide also includes links to further tutorials with more in-depth coverage of Dockerfiles.

      But for now, as an example to see Podman’s build capabilities in action, you can use the following Dockerfile:

      File: Dockerfile
       1
       2
       3
       4
       5
       6
       7
       8
       9
      10
      11
      12
      13
      
      # Base on the most recently released Fedora
      FROM fedora:latest
      MAINTAINER ipbabble email buildahboy@redhat.com # not a real email
      
      # Install updates and httpd
      RUN echo "Updating all fedora packages"; dnf -y update; dnf -y clean all
      RUN echo "Installing httpd"; dnf -y install httpd && dnf -y clean all
      
      # Expose the default httpd port 80
      EXPOSE 80
      
      # Run the httpd
      CMD ["/usr/sbin/httpd", "-DFOREGROUND"]

      Place these contents in a file named Dockerfile. Then, working from the same directory the file is stored in, you can use the following Podman command to build an image from the file:

      podman build -t fedora-http-server .
      

      The -t option allows you to give the image a tag, or name – fedora-http-server in this case. The . at the end of the command specifies the directory in which the Dockerfile can be found, where a . represents the current directory.

      Keep reading onto the section below titled
      Running a Container Image to see how you can run a container from an image built as shown above.

      Podman’s build command works much like Docker’s, but is actually a subset of the build functionality within Buildah. In fact, Podman uses a portion of Buildah’s source code to implement its build function.

      Buildah offers more features and fine-grained control when it comes to building containers. For that reason, many see Podman and Buildah as complementary tools. Buildah provides a robust tool for crafting container images from both container files (e.g. Dockerfiles) and from scratch. Podman then excels at running and managing the resulting containers.

      You can learn more about Buildah, including steps for setup and usage, in our guide
      How to Use Buildah to Build OCI Container Images.

      Listing Local Images

      Once you have one or more images locally on your system, you can see them using Podman’s images command. This gives you a list of images that have been created or downloaded onto your system:

      podman images
      

      Following the two sections above — on downloading and then building container images — you could expect an output similar to:

      REPOSITORY                         TAG         IMAGE ID      CREATED       SIZE
      localhost/fedora-http-server       latest      f6f5a66c8a4d  2 hours ago   328 MB
      quay.io/buildah/stable             latest      eef9e8be5fea  2 hours ago  358 MB
      registry.fedoraproject.org/fedora  latest      3a66698e6040  2 hours ago  169 MB

      Running a Container Image

      With images either downloaded or created, you can begin using Podman to run containers.

      The process can be relatively straightforward with Podman’s run command, which just takes the name of the image to run a container from.

      Here is an example using the Buildah image downloaded above. This example runs the Buildah image, specifically executing the buildah command on the resulting container:

      podman run buildah buildah -v
      

      The -v option is included to output the version of the application:

      buildah version 1.26.2 (image-spec 1.0.2-dev, runtime-spec 1.0.2-dev)

      Containers’ operations can get more complicated from there, and Podman has plenty of features to support a wide range of needs when it comes to running containers.

      Take the fedora-http-server example created from a Dockerfile above. This example runs an HTTP server on the container’s port 80. The following command demonstrates how Podman lets you control how that container operates.

      The command runs the container, which automatically starts up an HTTP server. The -p option given here publishes the container’s port 80 to the local machine’s port 8080, while the --rm option automatically stops the container when it finishes running — a fitting solution for a quick test.

      podman run -p 8080:80 --rm fedora-http-server
      

      Now, on the machine where the image is running, use a cURL command to verify that the default web page is being served on port 8080:

      curl localhost:8080
      

      You should see the HTML of the Fedora HTTP Server Test Page:

      <!doctype html>
      <html>
        <head>
          <meta charset='utf-8'>
          <meta name='viewport' content='width=device-width, initial-scale=1'>
          <title>Test Page for the HTTP Server on Fedora</title>
          <style type="text/css">
            /*<![CDATA[*/
      
            html {
              height: 100%;
              width: 100%;
            }
              body {
      [...]

      Managing Containers and Images

      Podman prioritizes effectively running and managing containers. As such, it comes with plenty of commands for keeping track of and operating your containers.

      These next several sections walk through some of the most useful Podman operations, and can help you get the most out of your containers.

      Listing Containers

      Often those working with containers may keep a container or two, sometimes several containers, running in the background.

      To keep track of these containers, you can use Podman’s ps command. This lists the currently running containers on your system.

      For instance, if you are in the process of running the fedora-http-server container shown above, you can expect something like:

      podman ps
      
      CONTAINER ID  IMAGE                                COMMAND               CREATED        STATUS            PORTS                 NAMES
      daadb647b880  localhost/fedora-http-server:latest  /usr/sbin/httpd -...  8 seconds ago  Up 8 seconds ago  0.0.0.0:8080->80/tcp  suspicious_goodall

      And if you want to list all containers, not just the ones that are currently running, you can add the -a option to the command:

      podman ps -a
      

      The output of this command also includes the buildah command executed using podman run further above:

      CONTAINER ID  IMAGE                                COMMAND               CREATED             STATUS                     PORTS                 NAMES
      db71818eda38  quay.io/buildah/stable:latest        buildah -v            12 minutes ago      Exited (0) 12 minutes ago                        exciting_kowalevski
      daadb647b880  localhost/fedora-http-server:latest  /usr/sbin/httpd -...  About a minute ago  Up About a minute ago      0.0.0.0:8080->80/tcp  suspicious_goodall

      Starting and Stopping Containers

      Podman can individually control when to stop and start containers, using the stop and start commands, respectively. Each of these commands takes either the container ID or container name as an argument, both of which you can find using the ps command, as shown above.

      For example, you can stop the fedora-http-server container above with:

      podman stop daadb647b880
      

      Had this container been run without the --rm option, which automatically removes the container when it has stopped running, you could start the container back up simply with:

      podman start daadb647b880
      

      For either command, you could substitute the container name for its ID, as so:

      podman stop suspicious_goodall
      

      Removing a Container

      You can manually remove a container using Podman’s rm command, which, like the stop and start commands, takes either a container ID or name as an argument.

      podman rm daadb647b880
      

      Creating an Image from a Container

      Podman can render a container into an image using the commit command. This can be used to manually create an updated container image after components have been added to, removed from, or modified on a container.

      Like other container-related commands, this command takes the container ID or name as an argument. It’s also good practice to include an author name along with the commit, via the --author option:

      podman commit --author "Example User" daadb647b880
      

      As noted in the section above on creating images with Podman, Buildah tends to offer more features and control when it comes to creating container images. But Podman is certainly capable in many cases and may be enough to fit your given needs.

      Conclusion

      Podman offers not just a simple alternative to Docker, but a powerful containerization tool with the weight of secure, rootless operations. And, with this tutorial, you have what you need to start using Podman for running and managing your containers.

      Keep learning about effective tools for working with containers through the links on Podman, Buildah, and Dockerfiles provided in the course of this tutorial. Continue sharpening your Podman knowledge through the links provided at the end of this tutorial.

      More Information

      You may wish to consult the following resources for additional information
      on this topic. While these are provided in the hope that they will be
      useful, please note that we cannot vouch for the accuracy or timeliness of
      externally hosted materials.



      Source link

      Creating and Running your First Ansible Playbook



      Part of the Series:
      How To Write Ansible Playbooks

      Ansible is a modern configuration management tool that doesn’t require the use of an agent software on remote nodes, using only SSH and Python to communicate and execute commands on managed servers. This series will walk you through the main Ansible features that you can use to write playbooks for server automation. At the end, we’ll see a practical example of how to create a playbook to automate setting up a remote Nginx web server and deploy a static HTML website to it.

      Playbooks use the YAML format to define one or more plays. A play is a set of ordered tasks that are arranged in a way to automate a process, such as setting up a web server or deploying an application to production.

      In a playbook file, plays are defined as a YAML list. A typical play starts off by determining which hosts are the target of that particular setup. This is done with the hosts directive.

      Setting the hosts directive to all is a common choice because you can limit the targets of a play at execution time by running the ansible-playbook command with the -l parameter. That allows you to run the same playbook on different servers or groups without the need to change the playbook file every time.

      Start by creating a new directory on your home folder where you can save your practice playbooks. First, make sure you’re in your Ubuntu user’s home directory. From there, create a directory named ansible-practice and then navigate into that directory with the cd command:

      • cd ~
      • mkdir ansible-practice
      • cd ansible-practice

      If you followed all prerequisites, you should already have a working inventory file. You can copy that file into your new ansible-practice directory now. For instance, if you created your test inventory file in an ansible directory in your home folder, you could copy the file to the new directory with:

      • cp ~/ansible/inventory ~/ansible-practice/inventory

      Next, create a new playbook file:

      The following playbook defines a play targeting all hosts from a given inventory. It contains a single task to print a debug message.

      Note: We’ll learn more about tasks in the next section of this series.

      Add the following content to your playbook-01.yml file:

      ~/ansible-practice/playbook-01.yml

      ---
      - hosts: all
        tasks:
          - name: Print message
            debug:
              msg: Hello Ansible World
      

      Save and close the file when you’re done. If you’re using nano, you can do that by typing CTRL+X, then Y and ENTER to confirm.

      To try this playbook on the server(s) that you set up in your inventory file, run ansible-playbook with the same connection arguments you used when running a connection test within the introduction of this series. Here, we’ll be using an inventory file named inventory and the sammy user to connect to the remote server, but be sure to change these details to align with your own inventory file and administrative user:

      • ansible-playbook -i inventory playbook-01.yml -u sammy

      You’ll see output like this:

      Output

      PLAY [all] *********************************************************************************** TASK [Gathering Facts] *********************************************************************** ok: [203.0.113.10] TASK [Update apt cache] ********************************************************************** ok: [203.0.113.10] => { "msg": "Hello Ansible World" } PLAY RECAP *********************************************************************************** 203.0.113.10 : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

      You might have noticed that even though you have defined only one task within your playbook, two tasks were listed in the play output. At the beginning of each play, Ansible executes by default an additional task that gathers information — referred to as facts — about the remote nodes. Because facts can be used on playbooks to better customize the behavior of tasks, the fact-gathering task must happen before any other tasks are executed.

      We’ll learn more about Ansible facts in a later section of this series.



      Source link

      Need an Online Portfolio? Get Yours Up and Running in Just 10 Minutes


      If you’re a freelancer, you probably already have a solid Facebook page, current LinkedIn account, or Twitter presence. But if you’re looking to land top clients and thrive in a saturated market, relying on social media isn’t enough. You also need an outstanding online portfolio.

      The benefits of a digital resume are tenfold — seriously. 

      A portfolio website can help you establish your personal brand, show off your talents and skills, land new jobs and clients, and solidify your professionalism in a way that social media just can’t on its own.

      So first, let’s talk about what makes up a good digital portfolio. Because, obviously, if you’re going to do it, you want to do it right. Then I’ll show you how you can use DreamHost’s own website builder to get your portfolio online in less than 10 minutes. 

      Yup, just 10 minutes!

      We’ve Got the Ultimate Website Design Tool

      When you partner with DreamHost, you get access to WP Website Builder and more than 200+ industry-specific starter sites for free!

      What Makes A Good Online Portfolio?

      If you include the following must-have elements into your digital resume, rest assured potential clients will be wowed by your talent — and your website.

      1. Unique Domain

      It should go without saying that your online portfolio needs to be its own website — and that means you’ll need to choose the right domain name. As a freelancer, it’s often smart to either pick your own name or the name of your business for your domain name. While .com is still a very popular TLD, there are many more options available — at DreamHost, we offer 400+ domain extensions. All those domain options mean you can find a TLD that perfectly fits your business and your personal brand, whether it’s .photo, .guru, or .band.

      2. Responsive Design

      The best news about creating an online portfolio: You don’t have to know how to code to get a professional website up in minutes. Instead, when you use WP Website Builder, you can pick your favorite mobile-responsive website theme and then just add your own content.

      Remember: It’s vital to have a mobile-responsive design. Today consumers spend 87 hours per month browsing on their smartphones — and only 34 hours surfing on a desktop. If you want to reach all your future clients or potential employers, having a mobile-friendly website is not optional.

      3. High-Resolution Images

      There are several reasons why good graphics matter, but here’s the most important: The images you choose can make or break your website. That’s because your graphics are the first thing visitors see first. If the pictures look good, visitors will stay engaged and assume you know what you’re doing. But if you’ve got unattractive images or poor-resolution photos, your website can drive visitors away

      4. Samples of Your Best Work

      The main reason a prospective client goes to your website is to see your work samples. So whether you specialize in writing, design, or another skill, give them what they came for! Consider including 10 to 20 pieces of your best work or projects to showcase. If you don’t have real-life samples because you’re just getting started, feature spec work on your website instead. 

      5. “About Me” Page

      Not only do potential clients want to see your work, but they also want to get a sense of who you are from your professional portfolio. An “About Me” page is a great way to showcase your personality and pitch your work ethic. Think of it as an evergreen cover letter. 

      6. Videos

      Videos are the most widely consumed content on the internet. As you build your portfolio, consider showing off some of your samples and introducing your work in a well-crafted video that can be easily uploaded to your portfolio.

      7. Contact and Rate Information

      It’s common to have your central message on your main page, and then add other pages to your website for secondary information — think “Contact Info” or “Pricing.” If you’re looking to pick up freelance work with your portfolio, you need to make it easy for potential clients or employers to navigate your site. Here are five fail-safe rules for structuring your website’s menus and pages

      It’s as simple as that! 

      When you give your personal brand an online presence, you set yourself apart from other professionals and are one step closer to landing the perfect client. 

      How To Get Your Portfolio Online

      To boost your job prospects, you need to create an online portfolio website. But getting one up and running doesn’t have to be a complicated — or lengthy — process. Here’s how to create a great-looking portfolio site, step by step. (No advanced web design expertise necessary!)

      1. Connect to WP Website Builder.

      To get started, you’ll need to select “WP Website Builder” as an option during your DreamHost purchase. Then, we’ll automatically install WordPress and our website builder tools, BoldGrid’s Inspirations and Page and Post Builder, for you. Once you’ve logged into WordPress, you’ll see the Inspirations setup page.

      If you’re already set up with us (yay, you!), log in to your WordPress site or access your site from your DreamHost panel. On the left menu, select Inspirations. Here, you’ll access the tech that powers our premium site builder. 

      'Inspirations’ menu in the WordPress dashboard.

      You’ll see the BoldGrid three-step outline. Click the orange Let’s Get Started! button to begin.

      BoldGrid’s 3-step outline

      2. Pick your theme.

      Browse through the theme categories on the left side of the screen to find the template that works best to showcase your work. Hover over your prefered theme, and then click the Select button.

      WP Website Builder themes menu. 

      And don’t stress. The WordPress theme you choose doesn’t have to be perfect at this stage. Later on, you’ll be able to edit your theme to align with your brand.

      3. Add contact information.

      Now it’s time to add some simple contact and social media information. WP Website Builder uses this information to set up social media sharing for you, but you can also skip this step if you’re not interested. 

      "Adding your information.”

      4. Finish and Install.

      When you’re ready, click on the Finish and Install button. While you wait for the quick-start wizard to set everything up, feel free to take a well-deserved break. 

      5. Edit your theme.

      Now it’s time to add your personal touches. Make adjustments to your theme — editing colors, placement of text and other features, and fonts. Add and build out page options based on the functionality and look you want, explicitly gearing your layout to promote your work. Then it’s time to add some killer images and original content. Flex those creative muscles!

      “Making changes to a page.”

      Website Building, Explained

      Whether you need to install WordPress, choose a design template, or build a custom website, we can help! Subscribe to our monthly digest so you never miss an article.

      Ready to Get Started on Your Portfolio Site?

      Now that you know how easy it is to set up your own website, there’s no reason not to have your own online portfolio — unless, that is, you want fewer paying gigs. It’s time to start showcasing your work beyond social media accounts. 

      With a decked-out online portfolio website, you can position yourself in search engines for discovery and boost your job prospects. The best news? With DreamHost’s WP Website Builder, creating a professional online portfolio has never been easier. 



      Source link