Podman for DevOps
Alessandro Arrichiello, Gianni Salinetti, Brent J. Baude
- 518 Seiten
- English
- ePUB (handyfreundlich)
- Über iOS und Android verfügbar
Podman for DevOps
Alessandro Arrichiello, Gianni Salinetti, Brent J. Baude
Über dieses Buch
Build, deploy, and manage containers with the next-generation engine and toolsKey Features• Discover key differences between Docker and Podman• Build brand new container images with Buildah, the Podman companion• Learn how to manage and integrate containers securely in your existing infrastructureBook DescriptionAs containers have become the new de facto standard for packaging applications and their dependencies, understanding how to implement, build, and manage them is now an essential skill for developers, system administrators, and SRE/operations teams. Podman and its companion tools Buildah and Skopeo make a great toolset to boost the development, execution, and management of containerized applications.Starting with the basic concepts of containerization and its underlying technology, this book will help you get your first container up and running with Podman. You'll explore the complete toolkit and go over the development of new containers, their lifecycle management, troubleshooting, and security aspects. Together with Podman, the book illustrates Buildah and Skopeo to complete the tools ecosystem and cover the complete workflow for building, releasing, and managing optimized container images. Podman for DevOps provides a comprehensive view of the full-stack container technology and its relationship with the operating system foundations, along with crucial topics such as networking, monitoring, and integration with systemd, docker-compose, and Kubernetes.By the end of this DevOps book, you'll have developed the skills needed to build and package your applications inside containers as well as to deploy, manage, and integrate them with system services.What you will learn• Understand Podman's daemonless approach as a container engine• Run, manage, and secure containers with Podman• Discover the strategies, concepts, and command-line options for using Buildah to build containers from scratch• Manage OCI images with Skopeo• Troubleshoot runtime, build, and isolation issues• Integrate Podman containers with existing networking and system servicesWho this book is forThe book is for cloud developers looking to learn how to build and package applications inside containers and system administrators who want to deploy, manage, and integrate them with system services and orchestration solutions. This book provides a detailed comparison between Docker and Podman to aid you in learning Podman quickly.
Häufig gestellte Fragen
Information
Section 1: From Theory to Practice: Running Containers with Podman
- Chapter 1, Introduction to Container Technology
- Chapter 2, Comparing Podman and Docker
- Chapter 3, Running the First Container
- Chapter 4, Managing Running Containers
- Chapter 5, Implementing Storage for the Container’s Data
Chapter 1: Introduction to Container Technology
- What are containers?
- Why do I need a container?
- Where do containers come from?
- Where are containers used today?
Technical requirements
Book conventions
- For any shell command that will be anticipated by the $ character, we will use a standard user (not root) for the Linux system.
- For any shell command that will be anticipated by the # character, we will use the root user for the Linux system.
- Any output or shell command that would be too long to display in a single line for the code block will be interrupted with the \ character, and then it will continue to a new line.
What are containers?
- Filesystem isolation: Containerized processes have a separated filesystem view, and their programs are executed from the isolated filesystem itself.
- Process ID isolation: This is a containerized process run under an independent set of process IDs (PIDs).
- User isolation: User IDs (UIDs) and group IDs (GIDs) are isolated to the container. A process' UID and GID can be different inside a container and run with a privileged UID or GID inside the container only.
- Network isolation: This kind of isolation relates to the host network resources, such as network devices, IPv4 and IPv6 stacks, routing tables, and firewall rules.
- IPC isolation: Containers provide isolation for host IPC resources, such as POSIX message queues or System V IPC objects.
- Resource usage isolation: Containers rely on Linux control groups (cgroups) to limit or monitor the usage of certain resources, such as CPU, memory, or disk. We will discuss more about cgroups later in this chapter.