Podman v4.0 Networking
Podman v4.0 supports two network back ends for containers, Netavark and CNI. Starting with RHEL 9, systems use Netavark by default.
$ podman info
host:
...
networkBackend: netavark
...
$ podman network ls
NETWORK ID NAME DRIVER
2f259bab93aa podman bridge
$ podman network inspect podman
[
{
"name": "podman",
"id": "2f259bab93aaaaa2542ba43ef33eb990d0999ee1b9924b557b7be53c0b7a1bb9",
"driver": "bridge",
"network_interface": "podman0",
"created": "2022-07-21T15:43:10.660389642+02:00",
"subnets": [
{
"subnet": "10.88.0.0/16",
"gateway": "10.88.0.1"
}
],
"ipv6_enabled": false,
"internal": false,
"dns_enabled": false,
"ipam_options": {
"driver": "host-local"
}
}
]
Existing containers on the host that use the default Podman network cannot resolve each other's hostnames, because DNS is not enabled on the default network.
Use the podman network create command to create a DNS-enabled network.
$ podman network create --gateway 10.87.0.1 --subnet 10.87.0.0/16 db_net
Non-Root User
Red Hat recommends to use a non-privileged user to manage and run containers.
You need to login as an interactive user
$ ssh student@192.168.122.33
Connecting 2 Container with Networking
$ podman search ubi
NAME DESCRIPTION
registry.access.redhat.com/ubi8/ubi Provides the latest release of the Red Hat Universal Base Image 8
registry.access.redhat.com/ubi9/ubi rhcc_registry.access.redhat.com_ubi9/ubi
...
$ vim Dockerfile
FROM registry.access.redhat.com/ubi9/ubi:latest
RUN dnf install -y python3 iputils procps-ng
CMD ["/bin/bash", "-c", "sleep infinity"]
$ podman build -t python3:0.2 -f Dockerfile .
$ podman run -d --name python3-01 localhost/python3:0.2
$ podman run -d --name python3-02 localhost/python3:0.2
$ podman exec -it python3-01 ps -aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 4912 1336 ? Ss 14:13 0:00 /usr/bin/coreutils --coreutils-prog-shebang=sleep /usr/bin/s
root 2 0.0 0.4 15048 5764 pts/0 Rs+ 14:13 0:00 ps -aux
$ podman exec -it python3-01 ping -c 3 python3-02
ping: python3-02: Name or service not known
$ podman kill python3-01 python3-02
$ podman rm python3-01 python3-02
$ podman network create backend
$ podman run -d --name python3-01 --network backend localhost/python3:0.2
$ podman run -d --name python3-02 --network backend localhost/python3:0.2
$ podman exec -it python3-01 ping -c 3 python3-02
PING python3-02.dns.podman (10.89.0.3) 56(84) bytes of data.
64 bytes from 10.89.0.3 (10.89.0.3): icmp_seq=1 ttl=64 time=0.061 ms
$ podman exec -it python3-02 ping -c 3 python3-01
PING python3-01.dns.podman (10.89.0.2) 56(84) bytes of data.
64 bytes from 10.89.0.2 (10.89.0.2): icmp_seq=1 ttl=64 time=0.032 ms
$ podman inspect python3-01
...
"NetworkSettings": {
...
"Networks": {
"backend": {
"EndpointID": "",
"Gateway": "10.89.0.1",
"IPAddress": "10.89.0.2",
"IPPrefixLen": 24,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "fe:98:7f:9b:c2:6d",
"NetworkID": "backend",
"DriverOpts": null,
"IPAMConfig": null,
"Links": null,
"Aliases": [
"72b3e9a0d515"
]
}
}
},
...
$ podman network create db_net
$ podman network connect db_net python3-01
$ podman network connect db_net python3-02
No comments:
Post a Comment