Deploying Springboot project to Podman container

 


• Get a VM with Podman

• Login to VM

• Run podman login /artifactory.global.standardchartered.com/artifactory/docker-release/

○ Enter BankID and Pwd

○ Login Succeeded

• To pull an image use podman pull reponame/imagename

• Reponame  =  artifactory.global.standardchartered.com/

• Podman pull artifactory.global.standardchartered.com/nginx:latest (this works)

• Without sudo it fails with error -  processing tar file(potentially insufficient UIDs or GIDs available in user namespace

•  sudo podman pull  artifactory.global.standardchartered.com/nginx:latest - this work fine and image is now available locally

• To create a container from local image

○ Sudo podman create --name "somename" imageid

○ Creates a pod but doesn’t run

• To start a local container --> sudo podman start "container name"

•  sudo podman run -d --name nginx-app -p 8080:80 -d  artifactory.global.standardchartered.com/nginx:latest

curl localhost:8080 --> will help confirm if nginx is running

• Podman ps -a --> details of containers running

CONTAINER ID  IMAGE                                                  COMMAND               CREATED        STATUS            PORTS                 NAMES

83ac8ec2c82b  artifactory.global.standardchartered.com/nginx:latest  nginx -g daemon o...  3 minutes ago  Up 3 minutes ago  0.0.0.0:8080->80/tcp  nginx-app

$ podman stop nginx-app

$ podman start nginx-app

To remove a stopped containers - podman rm nginx-app(container name)

Distroless" images contain only your application and its runtime dependencies. They do not contain package managers, shells or any other programs you would expect to find in a standard Linux distribution.

Podman Image from dockerfile

Podman image building with Dockerfile can be done by executing podman build . Podman build takes two arguments: -t name[:tag] directory.
Unless otherwise specfied, latest tag will be added to the images. 

Below is the sample command
podman build -t myimage .

    Dockerfile sample

FROM artifactory.global.standardchartered.com/gv-images-products/hg:redhatopenjdk-17 AS build-env
WORKDIR /app
USER root # required for executing chmod
COPY springbootdemo-0.0.1-SNAPSHOT.jar /app
RUN chmod -R 755 /app # without this jar command cannot access the file
ENV JAVA_HOME /home/tdebuild/goldenversions/redhatopenjdk-17 # without this container is unable to find java on path
ENV PATH $PATH:$JAVA_HOME/bin 
USER 10001 # changing back to normal user - not sure if this is required
ENTRYPOINT ["java","-jar","springbootdemo-0.0.1-SNAPSHOT.jar"]


• From the docker file it can be seen that the docker file starts by defining a base image by using keyword "FROM". In our case, we will be using ubi image

• We are using MAINTAINER keyword to specific the details of the maintainer and their email address

• ADD keyword is used to add a fie from local machine/project directory (current directory) to the a path in the image. In our case we are placing a repo file "sample_file.repo" to /etc/yum.repos.d/ directory of the image

• RUN command can be used to run other bash commands in the image. In our case we are using yum to install rpms

• ENTRYPOINT defines the default command that will be running on the container.

• CMD keyword is used to add argument to the ENTRYPOINT command, in our case we are not having any arguments so it left commented


To view contents on the docker image
• Sudo podman create --name tempcontainer "image name" --> create a container (not run it) with the image
• Sudo podman export "tempcontainer" | tar t --> unzip the container contents
• sudo podman export tempimage | tar t >> 1.txt

Check logs on Container
sudo podman logs -t --since 0 conatainerid (since 0 means from beginning)
sudo podman logs -t conatainerid (recent logs)
Podman logs --since 10m conatinerid (for last 10 mins)

Podman Compose File
https://www.redhat.com/sysadmin/podman-compose-docker-compose
https://linuxhandbook.com/podman-compose/#:~:text=Docker%20provides%20the%20functionality%20to,functionality%20is%20missing%20from%20Podman.


Container Networking
When a container starts, it can only attach to a single network, using the --network flag. You can connect a running container to multiple networks using the docker network connect command. When you start a container using the --network flag, you can specify the IP address for the container on that network using the --ip or --ip6 flags.
By default, containers inherit the DNS settings of the host, as defined in the /etc/resolv.conf configuration file. Containers that attach to the default bridge network receive a copy of this file.


Comments

Post a Comment

Popular posts from this blog

Key Concepts

A  resource group  is a collection of AWS resources that are all in the same AWS Region, and that match the criteria specified in the group's query.  Tag-based queries include lists of resources and tags.  In an AWS CloudFormation stack-based query, you choose an AWS CloudFormation stack in your account in the current region, and then choose resource types within the stack that you want to be in the group.   You can use  resource groups  to organize your AWS resources. AWS Resource Groups is the service that lets you manage and automate tasks on large numbers of resources at one time.  With Resource Groups, you can create a custom console that organizes and consolidates information based on criteria specified in tags, or the resources in an AWS CloudFormation stack.  Transfer Family - Supports connecting to S3 or EFS through FTPS/SFTP/FTP protocols.  The hostname for the endpoint can also configured with R53.  The transfer family ca...
Read more

Linear Algebra Concepts

Vector Spaces Rank of matrix is the number of non zero rows in REF form. Alternatively rank of matrix is = total number of columns - total number of dependent columns. In the REF form, If a column of a matrix can be expressed in terms of other columns then it is a dependent vector. The vectors on the left most side with leading 1 at the col number position ( 1 at 1st row 1st col, 1 at 2nd row 2nd col, likewise) then such columns are linearly independent columns. For linerarly independence a1v1+a2v2+a3v3=0 where v1,v2,v3 are vectors and a1,a2,a3 are scalars. Span of a vector space is all the possible vectors which can be formed using the basis vectors. Basis vectors are linearly independent vectors which can span the vector space. Column space is all possible set of vectors formed by the column vectors. Row space is all possible set of vectors formed by the row vectors. Dimension of a row space or column space is equal to its rank. Null space or kernel of a matrix is any vector x which ...
Read more

Cryptography

 Handling Secure Communications between Client and Server The client or application that wants to access your service will need an  API Key  and a  Secret Key  from you as the service owner. These keys are usually randomly generated strings and is given to the client beforehand. API Keys are unique to each client/application.  Both the client and server will hold the API Key and Secret Key. When the client makes a call to the API, the message content is hashed, using the secret key on the client, to generate a HMAC signature. This value, along with the original message and the API Key is then passed to the server’s API. Using the client API key, the equivalent Private key stored on the server is retrieved and the server also generates a HMAC signature which is compared with the one from client. Request is authorized when both match. Digital Signature The client holds the  Private Key  used to sign the message. The client will provide its public ke...
Read more