RH134 - ch13s13

Bookmark this page

Lab: Running Containers

In this lab, you will configure a container on your server that provides a MariaDB database service, stores its database on persistent storage, and starts automatically with the server.

Outcomes

You should be able to:

Create detached containers.
Configure port redirection and persistent storage.
Configure systemd for containers to start when the host machine starts.

On the workstation machine, log in as the student user with student as the password.

On the workstation machine, run the lab containers-review start command. This command runs a start script that determines if the serverb machine is reachable on the network. It also installs the MariaDB client and creates the podsvc user account that you use to run a MariaDB container.

[student@workstation ~]$ lab containers-review start

Procedure 13.6. Instructions

On serverb, install the container tools. Log in to serverb as the student user, and then use the sudo command. The password for the student user is student.
Use the ssh command to log in to serverb as the student user. The systems are configured to use SSH keys for authentication, so a password is not required.
[student@workstation ~]$ ssh student@serverb ...output omitted... [student@serverb ~]$
Install the container-tools Yum module using the yum command.
[student@serverb ~]$ sudo yum module install container-tools [sudo] password for student: student ...output omitted... Is this ok [y/N]: y ...output omitted... Complete!
The container image registry at registry.lab.example.com stores the rhel8/mariadb-103 image with several tags. On serverb, as the podsvc user, list those tags and take note of the tag with the lowest version number. You will use that image tag to start a container later in this exercise.
The password for the podsvc user is redhat. To query the registry.lab.example.com registry, use the admin account with redhat321 for the password.
Exit from the student account on serverb.
[student@serverb ~]$ exit logout Connection to serverb closed. [student@workstation ~]$
Use the ssh command to log in to serverb as the podsvc user. The systems are configured to use SSH keys for authentication, so a password is not required.
[student@workstation ~]$ ssh podsvc@serverb ...output omitted... [podsvc@serverb ~]$
Log in to the container registry using the podman login command.
[podsvc@serverb ~]$ podman login registry.lab.example.com Username: admin Password: redhat321 Login Succeeded!
Use the skopeo inspect command to view information about the registry.lab.example.com/rhel8/mariadb-103 image. The following skopeo inspect command is very long and should be entered as a single line.
[podsvc@serverb ~]$ skopeo inspect docker://registry.lab.example.com/rhel8/mariadb-103 { "Name": "registry.lab.example.com/rhel8/mariadb-103", "Digest": "sha256:a95b...4816", "RepoTags": [ "1-86", "1-102", "latest" ], ...output omitted...
The tag with the lowest number is 1-86.
On serverb, as the podsvc user, create the /home/podsvc/db_data directory. Prepare the directory so that containers have read/write access. You will use this directory for persistent storage.
Create the /home/podsvc/db_data directory.
[podsvc@serverb ~]$ mkdir /home/podsvc/db_data [podsvc@serverb ~]$
Set the access mode of the directory to 777 so that everyone has read/write access.
[podsvc@serverb ~]$ chmod 777 /home/podsvc/db_data [podsvc@serverb ~]$
On serverb, as the podsvc user, create a detached MariaDB container named inventorydb. Use the rhel8/mariadb-103 image from the registry.lab.example.com registry, specifying the tag with the lowest version number on that image, which you found in a preceding step. Map port 3306 in the container to port 13306 on the host. Mount the /home/podsvc/db_data directory on the host as /var/lib/mysql/data in the container. Declare the following variable values:
Variable Value
MYSQL_USER operator1
MYSQL_PASSWORD redhat
MYSQL_DATABASE inventory
MYSQL_ROOT_PASSWORD redhat
You can copy and paste these parameters from the /home/podsvc/containers-review/variables file on serverb.
To confirm that the MariaDB database is running, use the mysql command. You can find this command in the /home/podsvc/containers-review/testdb.sh script. You can also directly run the script to test the database.
Use the podman run command to create the container. The following podman run command is very long and should be entered as a single line.
[podsvc@serverb ~]$ podman run -d --name inventorydb -p 13306:3306 -v /home/podsvc/db_data:/var/lib/mysql/data:Z -e MYSQL_USER=operator1 -e MYSQL_PASSWORD=redhat -e MYSQL_DATABASE=inventory -e MYSQL_ROOT_PASSWORD=redhat registry.lab.example.com/rhel8/mariadb-103:1-86 ...output omitted...
Confirm that the database is running.
[podsvc@serverb ~]$ ~/containers-review/testdb.sh Testing the access to the database... SUCCESS

Variable	Value
`MYSQL_USER`	`operator1`
`MYSQL_PASSWORD`	`redhat`
`MYSQL_DATABASE`	`inventory`
`MYSQL_ROOT_PASSWORD`	`redhat`

On serverb, as the podsvc user, configure systemd so that the inventorydb container starts automatically with the server.

If you used sudo or su to log in as the podsvc user, then exit serverb and use the ssh command to directly log in to serverb as the podsvc user. Remember, systemd requires that the user open a direct session from the console or through SSH.
```
[student@workstation ~]$ ssh podsvc@serverb
...output omitted...
[podsvc@serverb ~]$ 
```

Create the ~/.config/systemd/user/ directory.

[podsvc@serverb ~]$ mkdir -p ~/.config/systemd/user/
[podsvc@serverb ~]$

Use the podman generate systemd command to create the systemd unit file from the running container.

[podsvc@serverb ~]$ cd ~/.config/systemd/user/
[podsvc@serverb user]$ podman generate systemd --name inventorydb --files --new
/home/podsvc/.config/systemd/user/container-inventorydb.service

Stop and then delete the inventorydb container.

[podsvc@serverb user]$ podman stop inventorydb
0d28f0e0a4118ff019691e34afe09b4d28ee526079b58d19f03b324bd04fd545
[podsvc@serverb user]$ podman rm inventorydb
0d28f0e0a4118ff019691e34afe09b4d28ee526079b58d19f03b324bd04fd545

Instruct systemd to reload its configuration, and then enable and start the container-inventorydb service.

[podsvc@serverb user]$ systemctl --user daemon-reload
[podsvc@serverb user]$ systemctl --user enable --now container-inventorydb.service
Created symlink /home/podsvc/.config/systemd/user/multi-user.target.wants/container-inventorydb.service → /home/podsvc/.config/systemd/user/container-inventorydb.service.
Created symlink /home/podsvc/.config/systemd/user/default.target.wants/container-inventorydb.service → /home/podsvc/.config/systemd/user/container-inventorydb.service.

Confirm that the container is running.

[podsvc@serverb user]$ ~/containers-review/testdb.sh
Testing the access to the database...
SUCCESS
[podsvc@serverb user]$ podman ps
CONTAINER ID  IMAGE                                            COMMAND     CREATED         STATUS             PORTS                    NAMES
3ab24e7f000d  registry.lab.example.com/rhel8/mariadb-103:1-86  run-mysqld  47 seconds ago  Up 46 seconds ago  0.0.0.0:13306->3306/tcp  inventorydb

Run the loginctl enable-linger command for the user services to start automatically when the server starts.
```
[podsvc@serverb ~]$ loginctl enable-linger
[podsvc@serverb ~]$ 
```

Exit from serverb.

[podsvc@serverb ~]$ exit
logout
Connection to serverb closed.
[student@workstation ~]$

Evaluation

As the student user on the workstation machine, use the lab command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab containers-review grade

Finish

On the workstation machine, run the lab containers-services finish script to complete this exercise.

[student@workstation ~]$ lab containers-review finish

This concludes the lab.

Discuss Red Hat System Administration II

Go to community

Is It possible to reset root password when the system is on multi-user.target?

jennifer1987

27 lip 2023

Hi thereWell, i have a question, Is It possible to reset root password when the system is on multi-user.target? I was not be able to found a foro o some information related with this and another question that I have, If the grub menu dont show up, is it posible to reset the root password?

991

Red Hat System Administration II (RH134)

Haley_Ruccio

21 lip 2023

Build the skills to perform the key tasks needed to become a full-time Linux administratorRed Hat System Administration II (RH134) is the second part of the RHCSA training track for IT professionals who have already attended Red Hat System Administration I. The course goes deeper into core Linux system administration skills in storage configuration and management, installation and deployment of Red Hat Enterprise Linux, management of security features such as SELinux, control of recurring system tasks, management of the boot process and troubleshooting, basic system tuning, and command-line automation and productivity. This course assumes that students have attended Red Hat System Administration I (RH124).Experienced Linux administrators who seek rapid preparation for the RHCSA certification should instead start with RHCSA Rapid Track (RH199).This course is based on Red Hat Enterprise Linux 9.0.Course summaryInstall Red Hat Enterprise Linux using scalable methodsAccess security files, file systems, and networksExecute shell scripting and automation techniquesManage storage devices, logical volumes, and file systemsManage security and system accessControl the boot process and system servicesRun containersAudience for this courseThis course is geared toward Windows system administrators, network administrators, and other system administrators who are interested in supplementing current skills or backstopping other team members, in addition to Linux system administrators who are responsible for these tasks:Configuring, installing, upgrading, and maintaining Linux systems using established standards and proceduresProviding operational supportManaging systems for monitoring system performance and availabilityWriting and deploying scripts for task automation and system administrationRecommended trainingSuccessful completion of Red Hat System Administration I (RH124) is recommended.Experienced Linux administrators seeking to accelerate their path toward becoming a Red Hat Certified System Administrator should start with the RHCSA Rapid Track course (RH199).Take our free assessment to gauge whether this offering is the best fit for your skills.Technology considerationsThere are no special technology requirements.This course is not designed for bring your own device (BYOD).Internet access is not required, but is recommended to allow students to research and access Red Hat online resources.

Welcome to the Red Hat System Administration II (RH134) group in the Red Hat Learning Community!

Deanna

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat System Administration II! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH134.Read more about Red Hat System Administration II here.

417

Revision: rh134-8.2-f0a9756