文章目录
实现root用户与普通用户端口通信
Slirp4netns
Slirp4netns 是无根容器和 Pod 的默认网络设置。它的发明是因为不允许非特权用户在主机上创建网络接口。Slirp4netns 在容器的网络命名空间中创建一个 TAP 设备,并连接到用户模式 TCP/IP 堆栈。
此笔记本电脑上的非特权用户创建了两个容器:数据库容器和 Web 容器。这两个容器都能够访问便携式计算机外部网络上的内容。如果容器绑定到主机端口并且便携式计算机防火墙允许,则外部客户端可以访问容器。请记住,非特权用户必须使用端口 1024 到 65535,因为较低的端口需要 root 权限。(CAP_NET_BIND_SERVICE)注意:这可以使用sysctl net.ipv4.ip_unprivileged_port_start
slirp4netns的缺点之一是容器彼此完全隔离。与网桥方法不同,没有虚拟网络。为了使容器相互通信,它们可以将端口映射与主机系统一起使用,也可以将它们放入Pod中,在那里它们共享相同的网络命名空间。有关详细信息,请参阅容器和 Pod 之间的通信。
在普通用户中创建容器,root用户访问查看网卡时是没有通信网卡的,但是当我们
在普通用户容器中已经创建了一个印射81端口的容器,是否可以通信呢?
例:
下面的示例将演示两个无根容器如何相互通信,其中一个是 Web 服务器。然后,它将显示主机网络上的客户端如何与无根Web服务器进行通信。
[hh@localhost ~]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbf856602146 docker.io/library/httpd:latest httpd-foreground 27 seconds ago Exited (0) 5 seconds ago 0.0.0.0:81->80/tcp web
[hh@localhost ~]$ podman start web
web
[hh@localhost ~]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbf856602146 docker.io/library/httpd:latest httpd-foreground 41 seconds ago Up 3 seconds ago 0.0.0.0:81->80/tcp web
[hh@localhost ~]$ ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:81 *:*
宿主机查看网卡
[root@localhost ~]# ifconfig
cni-podman0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether ca:61:ef:f6:fb:e0 txqueuelen 1000 (Ethernet)
RX packets 58 bytes 3646 (3.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30 bytes 2546 (2.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.47.137 netmask 255.255.255.0 broadcast 192.168.47.255
inet6 fe80::20c:29ff:fe5a:68d1 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:5a:68:d1 txqueuelen 1000 (Ethernet)
RX packets 269991 bytes 274718386 (261.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 127863 bytes 69067421 (65.8 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 //可见没有看到容器虚拟网卡
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 142 bytes 11272 (11.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 142 bytes 11272 (11.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost ~]#
宿主机查看已存在81
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:81 *:*
[root@localhost ~]# curl 192.168.47.137:81
<html><body><h1>It works!</h1></body></html>
防火墙开放81端口
[root@localhost ~]# firewall-cmd --zone=public --add-port=81/tcp --permanent
success
[root@localhost ~]# firewall-cmd --reload
success
在到普通用户登录容器,写入网页配置文件
[hh@localhost ~]$ podman exec -it web /bin/bash
root@dbf856602146:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@dbf856602146:/usr/local/apache2# cd htdocs/
root@dbf856602146:/usr/local/apache2/htdocs# ls
index.html
root@dbf856602146:/usr/local/apache2/htdocs# echo "6666" > index.html
root@dbf856602146:/usr/local/apache2/htdocs# cat index.html
6666
podman基础命令大全
cp
在容器和本地文件系统之间 复制文件/文件夹
//将本地文件传输到容器中
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9471fdc1f3b6 docker.io/library/httpd:latest httpd-foreground 23 seconds ago Up 2 seconds ago wqe
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# podman cp anaconda-ks.cfg wqe:/tmp/
[root@localhost ~]# podman exxec -it wqe /bin/bash
Error: unknown shorthand flag: 'i' in -it
[root@localhost ~]# podman exec -it wqe /bin/bash
root@9471fdc1f3b6:/usr/local/apache2# cd /tmp/
root@9471fdc1f3b6:/tmp# ls
anaconda-ks.cfg
//将容器中备份数据传输到主机
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# rm -rf anaconda-ks.cfg
[root@localhost ~]# ls
//备份
root@9471fdc1f3b6:/tmp# ls
anaconda-ks.cfg
[root@localhost ~]# podman cp wqe:/tmp/anaconda-ks.cfg .
[root@localhost ~]# ls
anaconda-ks.cfg //成功
podman events
显示容器事件
//创建个容器
[root@localhost ~]# podman run -d httpd
258b6747cc3c40f89eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e
监听
[root@localhost ~]# podman events
2022-08-16 16:03:54.423946966 +0800 CST container create 258b6747cc3c40f89eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e (image=docker.io/library/httpd:latest, name=flamboyant_noyce)
2022-08-16 16:03:54.315246854 +0800 CST image pull httpd
2022-08-16 16:03:55.607816877 +0800 CST container init 258b6747cc3c40f89eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e (image=docker.io/library/httpd:latest, name=flamboyant_noyce)
2022-08-16 16:03:55.621392428 +0800 CST container start 258b6747cc3c40f89eb43199d2f3fa060b2758fa8777f3911e44f34eb4dc988e (image=docker.io/library/httpd:latest, name=flamboyant_noyce)
podman diff
检查容器文件系统上的更改
//查看这个容器发生了哪些改变
[root@localhost ~]# podman diff wqe
C /usr //C:改变
C /usr/local
C /usr/local/apache2
C /usr/local/apache2/logs
A /usr/local/apache2/logs/httpd.pid //添加
C /etc
C /tmp
A /tmp/anaconda-ks.cfg
export
将容器的文件系统内容导出为 tar 存档
[root@localhost ~]# podman export wqe -o /tmp/web1.tar
[root@localhost ~]# ll /tmp/web1.tar
-rw-r--r--. 1 root root 144820736 Aug 16 16:09 /tmp/web1.tar
import
将本地备份导入为镜像
[root@localhost ~]# podman import /tmp/web1.tar
Getting image source signatures
Copying blob b2348ef115eb done
Copying config ee052d8339 done
Writing manifest to image destination
Storing signatures
sha256:ee052d8339e129cee44a6287ef3ce15857cf072e361df0252af381dcb32cabad
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> ee052d8339e1 7 minutes ago 145 MB //可见多出一个镜像
podman-generate
生成结构化数据,将容器生成一个数据
//拉取一个镜像
[root@localhost ~]# podman pull nginx
Resolving "nginx" using unqualified-search registries (/etc/containers/registries.conf)
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob 1efc276f4ff9 done
Copying blob baf2da91597d done
Copying blob b1349eea8fc5 done
Copying blob 6a17c8e7063d done
Copying blob 27e0d286aeab done
Copying blob 05396a986fd3 done
Copying config b692a91e4e done
Writing manifest to image destination
Storing signatures
b692a91e4e1582db97076184dae0b2f4a7a86b68c4fe6f91affa50ae06369bf5
[root@localhost ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/nginx latest b692a91e4e15 2 weeks ago 146 MB
[root@localhost ~]# podman run -d --name nginx -p 1314:80 nginx
c6b30c7a68008d2f016f10192ffd6959591a1e532aec12dd793c231726d82025
[root@localhost ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c6b30c7a6800 docker.io/library/nginx:latest nginx -g daemon o... 5 seconds ago Up 5 seconds ago 0.0.0.0:1314->80/tcp nginx
[root@localhost ~]# cd /etc/systemd/system/
[root@localhost system]# ls
basic.target.wants network-online.target.wants
ctrl-alt-del.target sockets.target.wants
dbus-org.fedoraproject.FirewallD1.service sysinit.target.wants
dbus-org.freedesktop.nm-dispatcher.service syslog.service
default.target timers.target.wants
getty.target.wants vmtoolsd.service.requires
multi-user.target.wants
[root@localhost system]# podman generate systemd --files --name nginx
/etc/systemd/system/container-nginx.service
[root@localhost system]# ls
basic.target.wants multi-user.target.wants
container-nginx.service network-online.target.wants
ctrl-alt-del.target sockets.target.wants
dbus-org.fedoraproject.FirewallD1.service sysinit.target.wants
dbus-org.freedesktop.nm-dispatcher.service syslog.service
default.target timers.target.wants
getty.target.wants vmtoolsd.service.requires
//修改当前配置
[root@localhost system]# vim container-nginx.service
[root@localhost system]# cat container-nginx.service
# container-nginx.service
# autogenerated by Podman 3.3.1
# Tue Aug 16 18:54:54 CST 2022
[unit]
Description=Podman Nginx Service
After=network.target
After=network-online.target
[Service]
Type=simple
ExecStart=/usr/bin/podman start -a nginx
ExecStop=/usr/bin/podman stop -t 10 nginx
Restart=always
[Install]
WantedBy=multi-user.target
//重启服务后,使用reboot关机、系统将会设置为nginx容器开机自启
[root@localhost system]# systemctl daemon-reload
[root@localhost system]# systemctl enable --now container-nginx.service
Created symlink /etc/systemd/system/multi-user.target.wants/container-nginx.service → /etc/systemd/system/container-nginx.service.
[root@localhost system]# systemctl status container-nginx.service
● container-nginx.service
Loaded: loaded (/etc/systemd/system/container-nginx.service; enabled; vend>
Active: active (running) since Tue 2022-08-16 18:58:48 CST; 4s ago
Main PID: 21928 (podman) //成功
Tasks: 6 (limit: 23460)
Memory: 20.8M
CGroup: /system.slice/container-nginx.service
└─21928 /usr/bin/podman start -a nginx
Aug 16 18:58:48 localhost.localdomain systemd[1]: Started container-nginx.ser
history
用于查看镜像信息操作
[root@localhost ~]# podman history busybox
ID CREATED CREATED BY SIZE COMMENT
beae173ccac6 7 months ago /bin/sh -c #(nop) CMD ["sh"] 0 B
<missing> 7 months ago /bin/sh -c #(nop) ADD file:6db446a57cbd2b7... 1.46 MB
info
输出podma详细信息
[root@localhost ~]# podman info
host:
arch: amd64
buildahVersion: 1.22.3
cgroupControllers:
- cpuset
- cpu
- cpuacct
- blkio
- memory
- devices
- freezer
- net_cls
- perf_event
- net_prio
- hugetlb
- pids
- rdma
cgroupManager: systemd
cgroupVersion: v1
conmon:
package: conmon-2.0.29-1.module_el8.5.0+890+6b136101.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.29, commit: 84384406047fae626269133e1951c4b92eed7603'
cpus: 1
.....略
init
初始化容器,初始化一个或多个容器
例如之前在容器中做了挂载、修改文件系统,这时需要初始化容器配置才会生效
//必须先停止在初始化
[root@localhost ~]# podman stop hh
hh
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago Exited (0) 16 seconds ago hh
[root@localhost ~]# podman init hh
a03f744e298754a75a02538d5d2b94e18b7b640deed8003b2b5affec73e32351
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago created hh
[root@localhost ~]# podman start hh
hh
[root@localhost ~]# podman ps -a | grep hh
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 30 minutes ago Up 2 seconds ago hh
启动
如果在普通用户中停止容器,在启动不了容器
可以进/tmp下,停止 contai 、dmanpo 等信息
既可成功
[hh@localhost ~]$ cd /tmp/
[hh@localhost tmp]$ ll
total 141436
drwx------. 3 hh hh 24 Aug 15 16:50 containers-user-1000
drwx------. 6 hh hh 63 Aug 15 17:09 podman-run-1000
port
查看印射的80端口
[hh@localhost tmp]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dbf856602146 docker.io/library/httpd:latest httpd-foreground 8 hours ago Up 24 minutes ago 0.0.0.0:81->80/tcp web
[hh@localhost tmp]$ podman port
Error: you must supply a running container name or id
[hh@localhost tmp]$ podman port web
80/tcp -> 0.0.0.0:81
rename
改名
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 28 minutes ago Up 28 minutes ago bold_brown
[root@localhost ~]# podman rename bold_brown hh
[root@localhost ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
a03f744e2987 docker.io/library/httpd:latest httpd-foreground 29 minutes ago Up 29 minutes ago hh
mount
挂载工作容器的根文件系统
//宿主机上查看挂载点,并创建目录
[root@localhost ~]# podman mount hh
/var/lib/containers/storage/overlay/4bdffe5f9bfb3e80dc531c2d2d31060f48562210d57babd44921353ce10c5f09/merged
[root@localhost ~]# cd /var/lib/containers/storage/overlay/4bdffe5f9bfb3e80dc531c2d2d31060f48562210d57babd44921353ce10c5f09/merged
[root@localhost merged]# ls
bin dev home lib64 mnt proc run srv tmp var
boot etc lib media opt root sbin sys usr
[root@localhost merged]# mkdir lty
//可以实施共享
[root@localhost ~]# podman exec -it hh /bin/bash
root@a03f744e2987:/usr/local/apache2# ls
bin build cgi-bin conf error htdocs icons include logs modules
root@a03f744e2987:/usr/local/apache2# cd
root@a03f744e2987:~# cd /
root@a03f744e2987:/# ls
bin dev home lib64 media opt root sbin sys usr
boot etc lib lty mnt proc run srv tmp var
root@a03f744e2987:/# ls / --color
bin dev home lib64 media opt root sbin sys usr
boot etc lib lty mnt proc run srv tmp var
system df
显示容器资源使用情况统计信息的实时流
查看当前镜像、容器、存储卷的信息
[hh@localhost tmp]$ podman system df
TYPE TOTAL ACTIVE SIZE RECLAIMABLE
Images 2 1 615.1MB 465.7MB (0%)
Containers 1 1 83B 0B (0%)
Local Volumes 0 0 0B 0B (0%)
删除从未使用过的容器、镜像,资源
[root@localhost ~]# podman system prune
WARNING! This will remove:
- all stopped containers
- all networks not used by at least one container
- all dangling images
- all dangling build cache
Are you sure you want to continue? [y/N] y
Deleted Images
ee052d8339e129cee44a6287ef3ce15857cf072e361df0252af381dcb32cabad
Total reclaimed space: 144.8MB
volume
查看podman版本信息
[root@localhost ~]# podman version
Version: 3.3.1
API Version: 3.3.1
Go Version: go1.16.7
Built: Wed Nov 10 05:23:56 2021
OS/Arch: linux/amd64
使用 Podman 对容器映像进行签名和分发
首先在仓库中拉取镜像并启动
[root@localhost ~]# podman run -d -p 5000:5000 registry
6b124c0c7529e968e73044305ff4133abdc0e414f389358afbbb163a6422be42
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
LISTEN 0 128 0.0.0.0:5000 0.0.0.0:*
LISTEN 0 128 0.0.0.0:80 0.0.0.0:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 128 *:81 *:*
[root@localhost ~]# podman tag docker.io/library/registry:latest localhost:5000/busybox:v1
//推送镜像
[root@localhost ~]# podman push --tls-verify=false localhost:5000/busybox:v1 这里因为开启的5000端口,如果正常拉取遇到https访问错误,则添加--tls-verify=false
Getting image source signatures
Copying blob 994393dc58e7 done
Copying blob 145b66c455f7 done
Copying blob 692a418a42be done
Copying blob 73130e341eaf done
Copying blob d3db20e71506 done
Copying config 3a0f7b0a13 done
Writing manifest to image destination
Storing signatures
[root@localhost ~]# curl http://localhost:5000/v2/_catalog
{"repositories":["busybox"]}
//从参考中拉取镜像
[root@localhost ~]# podman pull --tls-verify=false localhost:5000/busybox:v1
Trying to pull localhost:5000/busybox:v1...
Getting image source signatures
Copying blob 8714e0dc0e04 skipped: already exists
Copying blob 3e6080001d7b skipped: already exists
Copying blob 40c0ed2b6b4a skipped: already exists
Copying blob 771b499ff6a8 [--------------------------------------] 0.0b / 0.0b
Copying blob 718ed2f2ed55 [--------------------------------------] 0.0b / 0.0b
Copying config 3a0f7b0a13 done
Writing manifest to image destination
Storing signatures
3a0f7b0a13ef62e85d770396e1868bf919f4747743ece4f233895a246c436394
Podman 远程启动连接
介绍
Podman远程客户端的目的是允许用户在单独的客户端上与Podman“后端”进行交互。远程客户端的命令行界面与常规 Podman 命令完全相同,只是删除了一些标志,因为它们不适用于远程客户端。
远程客户端利用客户端-服务器模型。您需要在运行 SSH 守护程序的 Linux 机器或虚拟机上安装 Podman。在本地操作系统上,当您执行 Podman 命令时,Podman 通过 SSH 连接到服务器。然后,它通过使用 systemd 套接字激活并点击我们的 Rest API 连接到 Podman 服务。Podman 命令在服务器上执行。从客户的角度来看,Podman似乎在本地运行。
root用户启动套接字
[root@localhost ~]# systemctl start podman //启动podman也就相对应套接字也随之启动
[root@localhost ~]# systemctl status podman.socket
● podman.socket - Podman API Socket
Loaded: loaded (/usr/lib/systemd/system/podman.socket; disabled; vendor pr>
Active: active (listening) since Mon 2022-08-15 16:41:46 CST; 24h ago
Docs: man:podman-system-service(1)
Listen: /run/podman/podman.sock (Stream)
Tasks: 0 (limit: 23460)
Memory: 0B
CGroup: /system.slice/podman.socket
Aug 15 16:41:46 localhost.localdomain systemd[1]: Listening on Podman API Soc>
lines 1-10/10 (END)
普通用户启动方式
在服务器机器上启用 Podman 服务。
在执行任何 Podman 客户端命令之前,必须在 Linux 服务器上启用 podman.sock SystemD 服务。在这些示例中,我们将 Podman 作为普通的非特权用户(也称为无根用户)运行。缺省情况下,无根套接字侦听 。您可以使用以下命令永久启用此套接字:/run/user/${UID}/podman/podman.sock
systemctl --user enable --now podman.socket
//您需要为此用户启用 linger,以便在用户未登录时套接字正常工作
也就是还在没有登录普通用户的时候,套接字任然在工作
sudo loginctl enable-linger $USER
podman网络设置
指定网络并运行一个容器
创建podman2网络
[root@localhost ~]# podman network create podman2
/etc/cni/net.d/podman2.conflist
[root@localhost ~]#
–subnet指定subnet创建网络
podman network create --sunet 网段 创建的网络名
[root@localhost ~]# podman network create --subnet 192.6.0.0/16 newnet
/etc/cni/net.d/newnet.conflist
[root@localhost ~]#
–gateway 指定网关
podman network create --subnet 网段 --gateway 网关地址 newnet1
[root@localhost ~]# podman network create --subnet 192.168.13.0/24 --gateway 192.168.13.2 newnet1
/etc/cni/net.d/newnet1.conflist
[root@localhost ~]#
–ip-range 指定ip起始地址
[root@localhost ~]# podman network create --subnet 192.168.14.0/24 --ip-range 192.168.14.13/25 newnet2
/etc/cni/net.d/newnet2.conflist
[root@localhost ~]#
查看刚刚创建的网络
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
使用刚刚创建的网络,并运行一个容器
格式: podman run --name 容器名 --network 网络名称 镜像名
[root@localhost ~]# podman run -dt --name nginx2 --network podman2 nginx:latest
b926e6a2a1b16b8275fa59813d30139c03ab6678933219fd551acc7105e8c742
[root@localhost ~]#
查看改容器的网络IP
[root@localhost ~]# podman inspect nginx | grep IP
"IPAddress": "10.88.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"IPAddress": "10.88.0.3",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAMConfig": null,
[root@localhost ~]#
podman网络管理
注意:启动一个容器后,会出现cni-poman0网卡,容器启动时,默认会连接podman网络
[root@localhost ~]# ip a show cni-podman0
3: cni-podman0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether ae:fa:0b:90:77:8e brd ff:ff:ff:ff:ff:ff
inet 10.88.0.1/16 brd 10.88.255.255 scope global cni-podman0
valid_lft forever preferred_lft forever
inet6 fe80::acfa:bff:fe90:778e/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]#
查看容器网路
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
断开网络(disconnect)
[root@localhost ~]# podman network disconnect podman2 nginx2
[root@localhost ~]#
重启容器网络(reload)
[root@localhost ~]# podman network reload nginx2
b926e6a2a1b16b8275fa59813d30139c03ab6678933219fd551acc7105e8c742
[root@localhost ~]#
删除podman网络(rm)
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
45b3499a170b newnet1 0.4.0 bridge,portmap,firewall,tuning
31213d4efd11 newnet2 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]# podman network rm newnet1 newnet2
newnet1
newnet2
[root@localhost ~]# podman network ls
NETWORK ID NAME VERSION PLUGINS
2f259bab93aa podman 0.4.0 bridge,portmap,firewall,tuning
884e74728f04 newnet 0.4.0 bridge,portmap,firewall,tuning
4d24ca3baa36 podman2 0.4.0 bridge,portmap,firewall,tuning
[root@localhost ~]#
参考"好博友"原文链接:https://blog.youkuaiyun.com/weixin_46812793/article/details/121961166
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
