DO188 - ch02s09

Bookmark this page

Managing the Container Lifecycle

Objectives

List, stop, and delete containers with Podman.

Container Lifecycle

Podman provides a set of subcommands to create and manage containers. You can use those subcommands to manage the container and container image lifecycle.

The following figures shows a summary of the most commonly used Podman subcommands that change the container and image state:

Figure 2.10: Podman lifecycle commands

Podman also provides a set of subcommands to obtain information about running and stopped containers.

You can use these subcommands to extract information from containers and images for debugging, updating, or reporting purposes. The following figure shows a summary of the most commonly used subcommands that query information from containers and images:

Figure 2.11: Podman query commands

This lecture covers the basic operations that you can use to manage containers. Commands explained in this lecture accept either a container ID or the container name.

Listing Containers

You can list running containers with the podman ps command.

[user@host ~]$ podman ps
CONTAINER ID  IMAGE         COMMAND              CREATED STATUS PORTS       NAMES
0ae7be593698  ...server     /bin/sh -c python... ...ago  Up...  ...8000/tcp httpd
c42e7dca12d9  ...helloworld /bin/sh -c nginx...  ...ago  Up...  ...8080/tcp nginx

Each row describes information about the container, such as the image used to start the container, the command executed when the container started, and the container uptime.

You can include stopped containers in the output by adding the --all or -a flag to the podman ps command.

[user@host ~]$ podman ps --all
CONTAINER ID  IMAGE         COMMAND              CREATED STATUS    PORTS        NAMES
0ae7be593698  ...server     /bin/sh -c python... ...ago  Up...     ...8000/tcp  httpd
bd5ada1b6321  ...httpd-24   /usr/bin/run-http... ...ago  Exited... ...8080/tcp  upbeat...
c42e7dca12d9  ...helloworld /bin/sh -c nginx ... ...ago  Up...     ...8080/tcp  nginx

Inspecting Containers

In the context of Podman, inspecting a container means retrieving the full information of the container. The podman inspect command returns a JSON array with information about different aspects of the container, such as networking settings, CPU usage, environment variables, status, port mapping, or volumes. The following snippet is a sample output of the command.

[user@host ~]$ podman inspect 7763097d11ab
[
    {
        "Id": "7763...cbc0",
        "Created": "2022-05-04T10:00:32.988377257-03:00",
        "Path": "container-entrypoint",
        "Args": [
            "/usr/bin/run-httpd"
        ],
        "State": {
            "OciVersion": "1.0.2-dev",
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 9746,
...output omitted...
        "Image": "d2b9...fa0a",
        "ImageName": "registry.access.redhat.com/ubi8/httpd-24:latest",
        "Rootfs": "",
...output omitted...
            "Env": [
                "PATH=/opt/app-root/src/bin:/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
                "TERM=xterm",
                "container=oci",
                "HTTPD_VERSION=2.4",
...output omitted...
            "CpuCount": 0,
            "CpuPercent": 0,
            "IOMaximumIOps": 0,
            "IOMaximumBandwidth": 0,
            "CgroupConf": null
        }
    }
]

The previous JSON output omits most fields. Because the full JSON is long, you might find it difficult to find the specific fields that you want to retrieve. You can pass a --format flag to the podman inspect command to filter the command output. The --format flag expects a Go template expression as a parameter, which you can use to select specific fields in the JSON.

Go template expressions use annotations, which are delimited by double curly braces ({{ and }}), to refer to elements, such as fields or keys, in a data structure. The data structure elements are separated by a dot (.) and must start in upper case.

In the following command, the Status field of the State object is retrieved for a container called redhat.

[user@host ~]$ podman inspect \
 --format='{{.State.Status}}' redhat
running

In the preceding example, the podman inspect command uses the supplied Go template to navigate the JSON array of the redhat container. The template returns the Status field value of the State object from the JSON array.

Refer to the references section for more information about the Go templating language.

Stopping Containers Gracefully

You can stop a container gracefully by using the podman stop command. When you execute the podman stop command, Podman sends a SIGTERM signal to the container. Processes use the SIGTERM signal to implement clean-up procedures before stopping.

The following command stops a container with a container ID 1b982aeb75dd.

[user@host ~]$ podman stop 1b982aeb75dd
1b982aeb75dd

You can stop all the running containers by using the --all or -a flag. In the following example, the command stops three containers.

[user@host ~]$ podman stop --all
4aea...0c2a
6b18...54ea
7763...cbc0

If a container does not respond to the SIGTERM signal, then Podman sends a SIGKILL signal to forcefully stop the container. Podman waits 10 seconds by default before sending the SIGKILL signal. You can change the default behavior by using the --time flag.

[user@host ~]$ podman stop --time=100

In the previous example, Podman gives the container a grace period of 100 seconds before sending the killing signal.

Stopping a container differs from removing a container. Stopped containers are present on the host machine and can be listed by using the podman ps --all command.

Additionally, when the containerized process finishes, the container enters the exited state. Such a process might finish for a number of reasons, such as an error, OOM (out-of-memory) state, or successfully finishing. Podman lists exited containers with other stopped containers.

Stopping Containers Forcefully

You can send the SIGKILL signal to the container by using the podman kill command. In the following example, a container called httpd is stopped forcefully.

[user@host ~]$ podman kill httpd
httpd

Pausing Containers

Both podman stop and podman kill commands eventually send a SIGKILL signal to the container. The podman pause command suspends all processes in the container by sending the SIGSTOP signal.

[user@host ~]$ podman pause 4f2038c05b8c
4f2038c05b8c

The podman unpause command resumes a paused container.

[user@host ~]$ podman unpause 4f2038c05b8c
4f2038c05b8c

Restarting Containers

Execute the podman restart command to restart a running container. You can also use the command to start stopped containers.

The following command restarts a container called nginx.

[user@host ~]$ podman restart nginx
1b98...75dd

Removing Containers

Use the podman rm command to remove a stopped container. The following command removes a stopped container with the container ID c58cfd4b90df.

[user@host ~]$ podman rm c58cfd4b90df
c58c...3150

You can not remove running containers by default. You must stop the running container first and then remove it. The following command tries to remove a running container.

[user@host ~]$ podman rm c58cfd4b90df
Error: cannot remove container c58c...3150 as it is running - running or paused containers cannot be removed without force: container state improper

You can add the --force (or -f) flag to remove the container forcefully.

[user@host ~]$ podman rm c58cfd4b90df --force
c58c...3150

You can also add the --all (or -a) flag to remove all stopped containers. This flag fails to remove running containers. The following command removes two containers.

[user@host ~]$ podman rm --all
6b18...54ea
6c0d...a6fb

You can combine the --force and --all flags to remove all containers, including running containers.

Start a Containerized Service on Boot

In a traditional environment, administrators configure applications such as web servers or databases to start at boot time, and run indefinitely as a systemd service. Systemd is a system and service management tool for Linux operating systems. Systemd uses service unit files to start and stop applications, or to enable them to start at boot time. Typically, an administrator manages these applications with the systemctl command. As a regular user, you can create systemd unit files to manage your rootless containers. You can use this configuration to manage your container as a regular systemd service with the systemctl command.

Generate a Systemd Unit File

To create a systemd unit file for a specified service container, use the podman generate systemd command. Use the --name option to specify the container's name. The --files option generates files instead of printing to standard output (STDOUT).

[user@host ~]$ podman generate systemd --name web --files
/home/user/container-web.service

The preceding command creates the container-web.service unit file for a container called web. After reviewing and adapting the generated service configuration to your requirements, store the unit file in the user's systemd configuration directory (~/.config/systemd/user/).

After adding or modifying unit files, you must use the systemclt command to reload the systemd configuration.

[user@host ~]$ systemctl --user daemon-reload

Managing the Containerized Service

To manage a containerized service, use the systemctl command.

[user@host ~]$ systemctl --user [start, stop, status, enable, disable] container-web.service

When you use the --user option, by default, systemd starts the service at your login, and stops it at your logout. You can start your enabled services at the operating system boot, and stop them on shutdown, by running the loginctl enable-linger command.

[user@host ~]$ loginctl enable-linger

To revert the operation, use the loginctl disable-linger command.

References

podman-inspect(1) man page

podman-stop(1) man page

podman-restart(1) man page

podman-rm(1) man page

Go templates package

For more information, refer to the Running Containers as Systemd Services with Podman chapter in the Red Hat Enterprise Linux 9 Building, Running, and Managing Containers guide at https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/building_running_and_managing_containers/index

Discuss Red Hat OpenShift Development I: Introduction to Containers with Podman

Go to community

Red Hat OpenShift Development I: Introduction to Containers with Podman (DO188)

Haley_Ruccio

26 lip 2023

A developer introduction to building and managing containers with Podman for deploying applications on Red Hat OpenShift Container Platform.Red Hat OpenShift Development I: Introduction to Containers with Podman (DO188) introduces students to building, running, and managing containers with Podman and Red Hat OpenShift. This course helps students build the core skills for developing containerized applications through hands-on experience. These skills can be applied using all versions of OpenShift, including Red Hat OpenShift on AWS (ROSA), Azure Red Hat OpenShift, and OpenShift Container Platform.This course is based on Red Hat® Enterprise Linux® 8, Podman 4.2 and Red Hat OpenShift® 4.12.Course content summaryIntroduction to containersRun containers with Podman CLI and Podman DesktopBuild custom container imagesManage container imagesRemote debugging with containersBasic container networkingPersist data with containersRun multi-container applicationsTroubleshoot Container DeploymentsOrchestrate containers with OpenShift and KubernetesAudience for this courseDevelopers and Site Reliability Engineers that are new to container technology.System administrators and platform operators who are interested in managing OpenShift clusters and containerized applications should enroll in Red Hat OpenShift Administration I: Containers & Kubernetes (DO180).Prerequisites for this courseTake our free assessment to gauge whether this offering is the best fit for your skills.Some experience with web application architectures and their corresponding technologies.Experience in the use of a Linux terminal session, issuing operating system commands, and familiarity with shell scripting is recommended.Technology considerationsRequires internet connection.

How to start two containers exposed on the same port using same image but diff environment variable

MadhumithaSrini

21 lip 2023

How to start two containers exposed on the same port using same image but diff environment variable. Both the containers must co-exist

1355

Welcome to the Red Hat OpenShift Development: Intro to containers with Podman (DO188) group!

cschunke

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training courseRed Hat OpenShift Development I: Introduction to Containers with Podman! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO188.Read more about Red Hat OpenShift Development: Intro to containers with Podman here.

1036

Revision: do188-4.14-8c43a16