Introduction
As a system administrator working with Red Hat Enterprise Linux (RHEL), managing containerized applications is a fundamental skill. In this challenge, you will use the command-line tools podman and skopeo to perform essential container management tasks. You will practice pulling images from a public registry, running them as containers, inspecting their configuration, and copying images to a local registry.
Pull and Run a Container Image
Your first task is to download a container image from a public registry and run it on your local system. You will use the nginx web server image, a popular choice for demonstrating container functionality.
Tasks
- Pull the latest
nginxcontainer image from thedocker.ioregistry using thepodmancommand. - Run a container from the
nginximage and verify that it is operational.
Requirements
- The
nginxcontainer must be namedmy-nginx. - The container must run in the background (detached mode).
- The container's port
80must be mapped to port8080on your local machine.
Example
After successfully running the container, you can test its accessibility. The curl command should return the default Nginx welcome page.
$ curl http://localhost:8080
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
...
</html>
Inspect a Container
After running a container, you often need to retrieve detailed information about its configuration, network settings, and mounted volumes. The podman inspect command provides this information in a structured JSON format.
Tasks
- Inspect the running
my-nginxcontainer. - Redirect the output of the inspection to a file.
Requirements
- Use the
podman inspectcommand to get details about themy-nginxcontainer. - Save the JSON output to a file named
nginx-inspect.jsoninside the~/project/containers/directory.
Example
The nginx-inspect.json file will contain a large JSON array with all the configuration details of the container. You can view its contents with the cat or less command.
$ cat ~/project/containers/nginx-inspect.json
[
{
"Id": "a933dd...c8e",
"Created": "2023-10-27T10:30:00.123456789Z",
"Path": "/docker-entrypoint.sh",
"Args": [
"nginx",
"-g",
"daemon off;"
],
"State": {
...
Copy a Container Image with Skopeo
skopeo is a powerful tool for moving container images between different types of storage, such as public registries, local storage, and private registries. In this step, you will copy the nginx image to a local container registry that is running on your machine.
By default, Podman and Skopeo will not push images to an insecure (HTTP) registry. You must first configure your system to trust the local registry using the modern v2 registry configuration format.
Tasks
- Configure your system to allow pushing images to the insecure local registry at
localhost:5000. - Use
skopeoto copy thenginx:latestimage fromdocker.ioto your local registry. - Pull the image from your local registry into Podman's local storage to verify the copy was successful.
Requirements
- Edit the
/etc/containers/registries.conffile to configurelocalhost:5000as an insecure registry using the v2 format. You will needsudoprivileges for this. - Use
skopeo copyto copy thedocker.io/library/nginx:latestimage. - The destination for the image in the local registry should be
localhost:5000/my-local-nginx:latest. - After copying, use
podman pullto retrievelocalhost:5000/my-local-nginx:latest.
Summary
In this challenge, you have learned the essential skills for managing containers on a Red Hat Enterprise Linux system. You successfully used podman to pull an image, run it as a named container with port mapping, and inspect its detailed configuration. Furthermore, you practiced a critical real-world task: configuring an insecure registry and using skopeo to copy an image from a public source to a private, local registry. These commands are fundamental tools for any system administrator working in a modern, containerized environment.
