RH134 - ch13s08

Bookmark this page

Guided Exercise: Managing the Container Lifecycle

Manage the lifecycle of a container that runs an Apache HTTP Server.

Outcomes

You should be able to:

Get detailed information about a container.
Stop containers.
Restart a stopped container.
Delete containers.
Create and mount persistent storage to containers.
Create systemd service files to manage a container.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

[student@workstation ~]$ lab start containers-lifecycle

Instructions

Your organization requires that a web service that runs in a container should be a service that is managed by systemd. Configure a user account for systemd user services to start the container when the host machine starts.

Log in to the servera machine as the contsvc user. Use redhat as password.
1. To manage the systemd user services with the contsvc account, you must log in directly as the contsvc user. You cannot use the su and sudo commands to create a session with the contsvc user.
```
[student@workstation ~]$ ssh contsvc@servera
...output omitted...
[contsvc@servera ~]$
```
Configure the registry.lab.example.com classroom registry in your home directory. Log in to the container registry with admin as the user and redhat321 as the password.
1. Create the /home/contsvc/.config/containers directory.
```
[contsvc@servera ~]$ mkdir -p /home/contsvc/.config/containers
```
2. Create the /home/contsvc/.config/containers/registries.conf file with the following contents:
```
unqualified-search-registries = ['registry.lab.example.com']

[[registry]]
location = "registry.lab.example.com"
insecure = true
blocked = false
```
3. Log in to the classroom registry.
```
[contsvc@servera ~]$ podman login registry.lab.example.com
Username: admin
Password: redhat321
Login Succeeded!
```
Use the /home/contsvc/webcontent/html/ directory as persistent storage for the web server container. Create the index.html test page with the Hello World line inside the directory.
1. Create the ~/webcontent/html/ directory.
```
[contsvc@servera ~]$ mkdir -p ~/webcontent/html/
```
2. Create the index.html file and add the Hello World line.
```
[contsvc@servera ~]$ echo "Hello World" > ~/webcontent/html/index.html
```
3. Verify that the permission for others is set to r-x in the webcontent/html directory, and is set to r-- in the index.html file. The container uses a non-privileged user that must be able to read the index.html file.
```
[contsvc@servera ~]$ ls -ld webcontent/html/
drwxr-xr-x. 2 contsvc contsvc 24 Jun  6 19:12 webcontent/html/
[contsvc@servera ~]$ ls -l webcontent/html/index.html
-rw-r--r--. 1 contsvc contsvc 12 Jun  6 19:12 webcontent/html/index.html
```
Create a container that runs an Apache HTTP server in the background. Use the registry.lab.example.com/rhel9/httpd-24 image to run a container called webapp in detached mode. Redirect the 8090 port on the local host to the container 8080 port. Mount the ~/webcontent directory from the host to the /var/www directory in the container.
1. Execute the podman run command to create the container. Use the registry.lab.example.com/rhel9/httpd-24 image to run a container called webapp in detached mode. Use the -p option to map the 8090 port on servera to the 8080 port in the container. Use the -v option to mount the ~/webcontent directory on servera to the /var/www directory in the container. Use the Z option to set the SELinux context to the mounted directory.
```
[contsvc@servera ~]$ podman run -d --name webapp -p 8090:8080 \
 -v ~/webcontent:/var/www:Z registry.lab.example.com/rhel9/httpd-24
Trying to pull registry.lab.example.com/rhel9/httpd-24:latest...
...output omitted...
79ed4591cb59bdfba1d38badcf52289ee70213bafd7a1a2aefa4d2963cf88e29
```
2. Verify that the container is running. Use podman ps to list all the running containers.
```
[contsvc@servera ~]$ podman ps
CONTAINER ID  IMAGE                                           COMMAND               CREATED        STATUS        PORTS                   NAMES
79ed4591cb59  registry.lab.example.com/rhel9/httpd-24:latest  /usr/bin/run-http...  3 minutes ago  Up 3 minutes  0.0.0.0:8090->8080/tcp  webapp
```
3. Use the podman inspect command to get the Status field, which indicates whether the container is running.
```
[contsvc@servera ~]$ podman inspect --format='{{.State.Status}}' webapp
running
```
4. Verify that the container is running by using the Running field.
```
[contsvc@servera ~]$ podman inspect --format='{{.State.Running}}' webapp
true
```
5. Verify that the web service is working on port 8090.
```
[contsvc@servera ~]$ curl http://localhost:8090
Hello World
```

Before creating a systemd unit file for the service container, test the functionality of the webapp container.

Stop the container. Use the container name to stop the container.
```
[contsvc@servera ~]$ podman stop webapp
webapp
```

Verify that the container is not running.

[contsvc@servera ~]$ podman inspect --format='{{.State.Status}}' webapp
exited
[contsvc@servera ~]$ podman inspect --format='{{.State.Running}}' webapp
false

Restart the container. Use the podman restart command to restart the container.
```
[student@workstation ~]$ podman restart webapp
webapp
```

Verify that the container is running again.

[contsvc@servera ~]$ podman ps
CONTAINER ID  IMAGE                                           COMMAND               CREATED         STATUS         PORTS                   NAMES
79ed4591cb59  registry.lab.example.com/rhel9/httpd-24:latest  /usr/bin/run-http...  20 minutes ago  Up 29 seconds  0.0.0.0:8090->8080/tcp  webapp
[contsvc@servera ~]$ curl http://localhost:8090
Hello World

Create a systemd service file to manage the webapp container with systemctl commands. Configure the systemd service so that when you start the service, the systemd daemon creates a container. After you finish the configuration, stop and then delete the webapp container. Remember that the systemd daemon expects that the container does not exist initially.
1. Create and change to the ~/.config/systemd/user/ directory.
```
[contsvc@servera ~]$ mkdir -p ~/.config/systemd/user/
[contsvc@servera ~]$ cd ~/.config/systemd/user
```
2. Create the unit file for the webapp container. Use the --new option so that systemd creates a container when starting the service, and deletes the container when stopping the service.
```
[contsvc@servera user]$ podman generate systemd --new --files --name webapp
/home/contsvc/.config/systemd/user/container-webapp.service
```
3. Stop and then delete the webapp container.
```
[contsvc@servera user]$ podman stop webapp
webapp
[contsvc@servera user]$ podman rm webapp
webapp
[contsvc@servera user]$ podman ps -a
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
```

Reload the systemd daemon configuration, and then enable and start your new container-webapp user service. Verify the systemd service configuration, stop and start the service, and display the web server response and the container status.

Reload the configuration to recognize the new unit file.
```
[contsvc@servera user]$ systemctl --user daemon-reload
```

Enable and start the container-webapp service.

[contsvc@servera user]$ systemctl --user enable --now container-webapp
Created symlink /home/contsvc/.config/systemd/user/default.target.wants/container-webapp.service → /home/contsvc/.config/systemd/user/container-webapp.service.

Verify that the web server responds to requests.

[contsvc@servera user]$ curl http://localhost:8090
Hello World

Verify that the container is running.

[contsvc@servera user]$ podman ps
CONTAINER ID  IMAGE                                           COMMAND               CREATED             STATUS             PORTS                   NAMES
f6b209f0c915  registry.lab.example.com/rhel9/httpd-24:latest  /usr/bin/run-http...  About a minute ago  Up About a minute  0.0.0.0:8090->8080/tcp  webapp

Use the container ID information to confirm that the systemd daemon creates a container when you restart the service.

Stop the container-webapp service, and confirm that the container no longer exists. When you stop the service, the systemd daemon stops and then deletes the container.

[contsvc@servera user]$ systemctl --user stop container-webapp
[contsvc@servera user]$ podman ps --all
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES

Start the container-webapp service, and then confirm that the container is running.

The container ID is different, because the systemd daemon creates a container with the start instruction, and deletes the container with the stop instruction.

[contsvc@servera user]$ systemctl --user start container-webapp
[contsvc@servera user]$ podman ps
CONTAINER ID  IMAGE                                           COMMAND               CREATED        STATUS        PORTS                   NAMES
f9488c4e4c9e  registry.lab.example.com/rhel9/httpd-24:latest  /usr/bin/run-http...  5 seconds ago  Up 6 seconds  0.0.0.0:8090->8080/tcp  webapp

Ensure that the services for the contsvc user start at system boot. When done, restart the servera machine.

Run the loginctl enable-linger command.

[contsvc@servera user]$ loginctl enable-linger

Confirm that the Linger option is set for the contsvc user.

[contsvc@servera user]$ loginctl show-user contsvc
...output omitted...
Linger=yes

Switch to the root user, and then use the systemctl reboot command to restart the servera machine.

[contsvc@servera user]$ su -
Password: redhat
Last login: Wed Apr 17 07:44:06 EDT 2024 on tty2
[root@servera ~]# systemctl reboot
Connection to servera closed by remote host.
Connection to servera closed.
[student@workstation ~]$

When the servera machine is running again, log in to servera as the contsvc user. Verify that the systemd daemon started the webapp container, and that the web content is available.

Verify that the container is running.

[contsvc@servera ~]$ podman ps
CONTAINER ID  IMAGE                                           COMMAND               CREATED        STATUS        PORTS                   NAMES
694eb00c7583  registry.lab.example.com/rhel9/httpd-24:latest  /usr/bin/run-http...  2 minutes ago  Up 2 minutes  0.0.0.0:8090->8080/tcp  webapp

Access the web content.

[contsvc@servera ~]$ curl http://localhost:8090
Hello World

Return to the workstation machine as the student user.

[contsvc@servera ~]$ exit
logout
Connection to servera closed.
[student@workstation ~]$

Finish

On the workstation machine, use the lab command to complete this exercise. This is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish containers-lifecycle

Discuss Red Hat System Administration II

Go to community

Is It possible to reset root password when the system is on multi-user.target?

jennifer1987

27 lip 2023

Hi thereWell, i have a question, Is It possible to reset root password when the system is on multi-user.target? I was not be able to found a foro o some information related with this and another question that I have, If the grub menu dont show up, is it posible to reset the root password?

991

Red Hat System Administration II (RH134)

Haley_Ruccio

21 lip 2023

Build the skills to perform the key tasks needed to become a full-time Linux administratorRed Hat System Administration II (RH134) is the second part of the RHCSA training track for IT professionals who have already attended Red Hat System Administration I. The course goes deeper into core Linux system administration skills in storage configuration and management, installation and deployment of Red Hat Enterprise Linux, management of security features such as SELinux, control of recurring system tasks, management of the boot process and troubleshooting, basic system tuning, and command-line automation and productivity. This course assumes that students have attended Red Hat System Administration I (RH124).Experienced Linux administrators who seek rapid preparation for the RHCSA certification should instead start with RHCSA Rapid Track (RH199).This course is based on Red Hat Enterprise Linux 9.0.Course summaryInstall Red Hat Enterprise Linux using scalable methodsAccess security files, file systems, and networksExecute shell scripting and automation techniquesManage storage devices, logical volumes, and file systemsManage security and system accessControl the boot process and system servicesRun containersAudience for this courseThis course is geared toward Windows system administrators, network administrators, and other system administrators who are interested in supplementing current skills or backstopping other team members, in addition to Linux system administrators who are responsible for these tasks:Configuring, installing, upgrading, and maintaining Linux systems using established standards and proceduresProviding operational supportManaging systems for monitoring system performance and availabilityWriting and deploying scripts for task automation and system administrationRecommended trainingSuccessful completion of Red Hat System Administration I (RH124) is recommended.Experienced Linux administrators seeking to accelerate their path toward becoming a Red Hat Certified System Administrator should start with the RHCSA Rapid Track course (RH199).Take our free assessment to gauge whether this offering is the best fit for your skills.Technology considerationsThere are no special technology requirements.This course is not designed for bring your own device (BYOD).Internet access is not required, but is recommended to allow students to research and access Red Hat online resources.

Welcome to the Red Hat System Administration II (RH134) group in the Red Hat Learning Community!

Deanna

18 lip 2023

We are excited to launch a space dedicated to the Red Hat Training course Red Hat System Administration II! To gain the most value from this group - click the "Join Group" button in the upper right hand corner.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to RH134.Read more about Red Hat System Administration II here.

417

Revision: rh134-9.3-5fd2368

Click CREATE to build all of the virtual machines needed for the classroom lab environment. This may take several minutes to complete. Once created the environment can then be stopped and restarted to pause your experience.

If you DELETE your lab, you will remove all of the virtual machines in your classroom and lose all of your progress.