RH199 - ch17s05

In this review, you will configure a container on your server that provides web content from persistent storage and starts automatically with the server.

Outcomes

You should be able to:

Create rootless detached containers.
Configure port redirection and persistent storage.
Configure systemd for containers to start when the host machine starts.

On the workstation machine, log in as the student user with student as the password.

On the workstation machine, run the lab rhcsa-compreview4 start command. This command runs a start script that determines if the serverb machine is reachable on the network. It also creates an archive file with some web content and the containers user account that you use to run an Apache HTTP Server container.

[student@workstation ~]$ lab rhcsa-compreview4 start

Instructions

Perform the following tasks on serverb as the containers user to complete the comprehensive review:

On serverb, create the /srv/web/ directory, and then extract the /home/containers/rhcsa-compreview4/web-content.tgz archive in that directory. Configure the directory so that a rootless container can use it for persistent storage.
On serverb, install the container tools.
On serverb, as the containers user, create a detached Apache HTTP Server container named web. Use the rhel8/httpd-24 image with the tag 1-105 from the registry.lab.example.com registry. Map port 8080 in the container to port 8888 on the host. Mount the /srv/web directory on the host as /var/www in the container. Declare the environment variable HTTPD_MPM with event for the value.
On serverb, as the containers user, configure systemd so that the web container starts automatically with the server.

The password for the containers user is redhat. To access the container image registry at registry.lab.example.com, use the admin account with redhat321 as the password. You can copy and paste the web container parameters from the /home/containers/rhcsa-compreview4/variables file on serverb.

On serverb, create the /srv/web/ directory, and then extract the /home/containers/rhcsa-compreview4/web-content.tgz archive in that directory. Configure the directory so that a rootless container can use it for persistent storage.
Use the ssh command to log in to serverb as the containers user. The systems are configured to use SSH keys for authentication, so a password is not required.
[student@workstation ~]$ ssh containers@serverb ...output omitted... [containers@serverb ~]$
Use the sudo -i command to switch to the root user. The password for the containers user is redhat.
[containers@serverb ~]$ sudo -i [sudo] password for containers: redhat [root@serverb ~]#
Create the /srv/web/ directory.
[root@serverb ~]# mkdir /srv/web/ [root@serverb ~]#
Extract the /home/containers/rhcsa-compreview4/web-content.tgz archive in the /srv/web/ directory.
[root@serverb ~]# cd /srv/web/ [root@serverb web]# tar xvf /home/containers/rhcsa-compreview4/web-content.tgz html/ html/index.html [root@serverb web]#
Rootless containers require read access to the /srv/web/ directory and its contents. Also, the podman command running as the containers user must be able to relabel the directory for SELinux. Set the directory owner to containers, and then confirm that everyone has access to the content.
[root@serverb web]# chown -R containers: /srv/web [root@serverb web]# ls -ld /srv/web/ drwxr-xr-x. 3 containers containers 18 Sep 7 04:43 /srv/web/ [root@serverb web]# ls -ld /srv/web/html/ drwxr-xr-x. 2 containers containers 24 Sep 7 04:01 /srv/web/html/ [root@serverb web]# ls -l /srv/web/html/index.html -rw-r--r--. 1 containers containers 546 Sep 7 04:01 /srv/web/html/index.html

On serverb, install the container tools.

Install the container-tools Yum module using the yum command.

[root@serverb web]# yum module install container-tools
...output omitted...
Is this ok [y/N]: y
...output omitted...
Complete!

Exit from the root account.

[root@serverb web]# exit
logout
[containers@serverb ~]$

On serverb, as the containers user, create a detached container named web. Use the rhel8/httpd-24 image with the tag 1-105 from the registry.lab.example.com registry. Map port 8080 in the container to port 8888 on the host. Mount the /srv/web directory on the host as /var/www in the container. Declare the environment variable HTTPD_MPM with a value of event.
You can copy and paste these parameters from the /home/containers/rhcsa-compreview4/variables file on serverb.
Log in to the container image registry at registry.lab.example.com using the admin account with redhat321 as the password.
[containers@serverb ~]$ podman login registry.lab.example.com Username: admin Password: redhat321 Login Succeeded!
Use the podman run command to create the container. The following podman run command is very long and should be entered as a single line.
[containers@serverb ~]$ podman run -d --name web -p 8888:8080 -v /srv/web:/var/www:Z -e HTTPD_MPM=event registry.lab.example.com/rhel8/httpd-24:1-105 ...output omitted...
Use the curl command to confirm that the Apache HTTP Server is running.
[containers@serverb ~]$ curl http://localhost:8888/ Comprehensive Review Web Content Test Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed sit amet lacus vestibulum, varius magna sit amet, tempus neque. ...output omitted...
That content comes from the web-content.tgz archive you previously extracted.

On serverb, as the containers user, configure systemd so that the web container starts automatically with the server.

If you used sudo or su to log in as the containers user, then exit serverb and use the ssh command to directly log in to serverb as the containers user.
```
[student@workstation ~]$ ssh containers@serverb
...output omitted...
[containers@serverb ~]$ 
```

Create the ~/.config/systemd/user/ directory.

[containers@serverb ~]$ mkdir -p ~/.config/systemd/user/
[containers@serverb ~]$

Use the podman generate systemd command to create the systemd unit file from the running container.

[containers@serverb ~]$ cd ~/.config/systemd/user/
[containers@serverb user]$ podman generate systemd --name web --files --new
/home/containers/.config/systemd/user/container-web.service

Stop and then delete the web container.

[containers@serverb user]$ podman stop web
d16a826c936efc7686d8d8e5617b727f5d272361c54f8a0ca65c57d012347784
[containers@serverb user]$ podman rm web
d16a826c936efc7686d8d8e5617b727f5d272361c54f8a0ca65c57d012347784

Instruct systemd to reload its configuration, and then enable and start the container-web service.

[containers@serverb user]$ systemctl --user daemon-reload
[containers@serverb user]$ systemctl --user enable --now container-web.service
Created symlink /home/containers/.config/systemd/user/multi-user.target.wants/container-web.service → /home/containers/.config/systemd/user/container-web.service.
Created symlink /home/containers/.config/systemd/user/default.target.wants/container-web.service → /home/containers/.config/systemd/user/container-web.service.

Confirm that the container is running.

[containers@serverb user]$ curl http://localhost:8888/
Comprehensive Review Web Content Test

Lorem ipsum dolor sit amet, consectetur adipiscing elit.
Sed sit amet lacus vestibulum, varius magna sit amet, tempus neque.
...output omitted...

Run the loginctl enable-linger command for the user services to start automatically with the server.
```
[containers@serverb ~]$ loginctl enable-linger
[containers@serverb ~]$ 
```

Exit from serverb.

[containers@serverb ~]$ exit
logout
Connection to serverb closed.
[student@workstation ~]$

Evaluation

As the student user on the workstation machine, use the lab rhcsa-compreview4 grade command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab rhcsa-compreview4 grade

Finish

As the student user on the workstation machine, use the lab rhcsa-compreview4 finish command to complete this exercise.

[student@workstation ~]$ lab rhcsa-compreview4 finish

This concludes the comprehensive review.

Revision: rh199-8.2-3beeb12