35. های ویژگیPODMAN:
کلی طور بهpodman. باشد می دارا را ها ساختار این
Overview and scope
At a high level, the scope of Podman and libpod is the following:
•Support for multiple container image formats, including OCI and Docker images.
•Full management of those images, including pulling from various sources (including trust
and verification), creating (built via Containerfile or Dockerfile or committed from a
container), and pushing to registries and other storage backends.
•Full management of container lifecycle, including creation (both from an image and from an
exploded root filesystem), running, checkpointing and restoring (via CRIU), and removal.
•Support for pods, groups of containers that share resources and are managed together.
•Support for running containers and pods without root or other elevated privileges.
•Resource isolation of containers and pods.
•Support for a Docker-compatible CLI interface.
•No manager daemon, for improved security and lower resource utilization at idle.
•Support for a REST API providing both a Docker-compatible interface and an improved
interface exposing advanced Podman functionality.
•In the future, integration with CRI-O to share containers and backend code.
Podman presently only supports running containers on Linux. However, we are building a remote
client which can run onWindows and OS X and manage Podman containers on a Linux system via
the REST API using SSH tunneling.
36. Out of scope
•Specialized signing and pushing of images to various storage backends. See Skopeo for those
tasks.
•Support for the Kubernetes CRI interface for container management.The CRI-O daemon
specializes in that.
•Supporting docker-compose.We believe that Kubernetes is the defacto standard for composing
Pods and for orchestrating containers, making KubernetesYAML a defacto standard file
format. Hence, Podman allows the creation and execution of Pods from a KubernetesYAML
file (see podman-play-kube). Podman can also generate KubernetesYAML based on a
container or Pod (see podman-generate-kube), which allows for an easy transition from a local
development environment to a production Kubernetes cluster. If Kubernetes does not fit your
requirements, there are other third-party tools that support the docker-compose format such
as kompose and podman-compose that might be appropriate for your environment.This
situation may change with the addition of the REST API.
OCI Projects Plans
The plan is to use OCI projects and best of breed libraries for different aspects:
•Runtime:We use the OCI runtime tools to generate OCI runtime configurations that can be
used with any OCI-compliant runtime, like crun and runc.
•Images: Image management uses the containers/image library.
•Storage: Container and image storage is managed by containers/storage.
•Networking: Networking support through use of CNI.
•Builds: Builds are supported via Buildah.
•Conmon: Conmon is a tool for monitoring OCI runtimes, used by both Podman and CRI-O.
•Seccomp: A unified Seccomp policy for Podman, Buildah, and CRI-O.
44. . میگیرد قرار استفاده مورد ایمیج ساختار نمایش برای دستور این
podman-inspect(1)() podman-inspect(1)()
NAME
podman-inspect - Display a container, image, volume, network, or pod's configuration
SYNOPSIS
podman inspect [options] name [...]
DESCRIPTION
This displays the low-level information on containers and images identified by name or ID. By
de‐
45. fault, this will render all results in a JSON array. If the inspect type is all, the order of in‐
spection is: containers, images, volumes, network, pods.
So, if a container has the same name as an image, then the container JSON will be returned,
and
so on.
If a format is specified, the given template will be executed for each result.
For more inspection options, see:
podman container inspect
podman image inspect
podman network inspect
podman pod inspect
podman volume inspect
OPTIONS
--type, -t=type
Return JSON for the specified type. Type can be 'container', 'image', 'volume', 'network',
'pod', or 'all' (default: all) (Only meaningful when invoked as podman inspect)
--format, -f=format
46. Format the output using the given Go template. The keys of the returned JSON can be used as
the
values for the --format flag (see examples below).
--latest, -l
Instead of providing the container name or ID, use the last created container. If you use methods
other than Podman to run containers such as CRI-O, the last started container could be from
ei‐
ther of those methods.
This option can be used to inspect the latest pod created when used with --type pod
The latest option is not supported on the remote client or when invoked as podman image
inspect.
--size, -s
In addition to normal output, display the total file size if the type is a container.
EXAMPLE
# podman inspect fedora
[
{
52. Remove an image and its associated containers.
$ podman rmi --force imageID
Remove multiple images by their shortened IDs.
$ podman rmi c4dfb1609ee2 93fd78260bd1 c0ed59d05ff7
Remove all images and containers.
$ podman rmi -a -f
59. دستورSTOP:
. میگیرد قرار استفاده مورد کانتینر کردن خاموش برای دستور این
Stop one or more containers
Description:
Stops one or more running containers. The container name or ID can be used.
A timeout to forcibly stop the container can also be set but defaults to 10 seconds otherwise.
Usage:
podman stop [options] CONTAINER [CONTAINER...]
Examples:
podman stop ctrID
podman stop --latest
podman stop --time 2 mywebserver 6e534f14da9d
Options:
-a, --all Stop all running containers
--cidfile stringArray Read the container ID from the file
-i, --ignore Ignore errors when a specified container is missing
-l, --latest Act on the latest container podman is aware of
Not supported with the "--remote" flag
-t, --time uint Seconds to wait for stop before killing the container (default 10)
61. Description:
Retrieves logs for one or more containers.
This does not guarantee execution order when combined with podman run (i.e., your run may not have generated any
logs at the time you execute podman logs).
Usage:
podman logs [options] CONTAINER [CONTAINER...]
Examples:
podman logs ctrID
podman logs --names ctrID1 ctrID2
podman logs --tail 2 mywebserver
podman logs --follow=true --since 10m ctrID
podman logs mywebserver mydbserver
Options:
62. -f, --follow Follow log output. The default is false
-l, --latest Act on the latest container podman is aware of
Not supported with the "--remote" flag
-n, --names Output the container name in the log
--since string Show logs since TIMESTAMP
--tail int Output the specified number of LINES at the end of the logs. Defaults to -1, which prints all lines
(default -1)
-t, --timestamps Output the timestamps in the log