Containers

Question 1

What are key technologies needed in containers?

Answer 1

1) namespaces
2) cgroups
3) SELinux
4) Sec Comp

Question 2

What is the purpose of cgroups?

Answer 2

set limitations on system resources such as memory and cpu.

Question 3

What is the purpose of sec comp?

Answer 3

define allow and deny list of system calls from namespaces.

Question 4

Known container runtimes

Answer 4

1) Cri-O
2) Docker
3) Runc

Question 5

Purpose of container management tools

Answer 5

Allows you to communicate with the container engine / runtime

Question 6

Examples of container management tools

Answer 6

1) Docker
2) Podman
3) K8S

Question 7

Install podman

Answer 7

dnf install container-tools

Question 8

List containers currently running

Answer 8

podman ps

Question 9

List images downloaded for your user account

Answer 9

podman images

Question 10

Download image quay.io/centos7/nginx-114-centos7

Answer 10

podman pull quay.io/centos7/nginx-114-centos7

Question 11

How to find images

Answer 11

podman search

Question 12

Delete image from your local account

Answer 12

podman image rm quay.io/centos7/nginx-114-centos7

Question 13

Run container quay.io/centos7/nginx-114-centos7

Answer 13

podman run -d quay.io/centos7/nginx-114-centos7

Question 14

What is your container storage location?

Answer 14

~/.local/share/containers/storage

Question 15

Start an interactive terminal to the container called relaxed_dirac

Answer 15

podman exec -it relaxed_dirac bash

Question 16

List all podman commands

Answer 16

1) podman tab tab
2) man podman

Question 17

Use an image file stored on your local storage

Answer 17

podman load

Question 18

Start a container with name silabus

Answer 18

podman run -d --name sylabus quay.io/centos7/nginx-114-centos7

Question 19

Login into a registry

Answer 19

podman login -u user -p password quay.io

Question 20

List images available in a registry

Answer 20

podman search registry.lab.example.com/

(with ending slash)

Question 21

Without downloading an image review its metadata

Answer 21

skopeo inspect docker://quay.io/ubi8/python-38

Question 22

Build an image using a container file

Answer 22

podman build -t python39:1.0 path/to/container/file/.

Question 23

Show the property of an image that is in local storage

Answer 23

podman inspect localhost/python39:1.0

Question 24

podman create

Answer 24

create a container without starting it

Question 25

Copy a file from local to inside a container

Answer 25

podman cp /path/to/file python38:/target/path

Question 26

Run container and forward its internal port 80 to host port 8080

Answer 26

```podman run -d -p 8080:80 quay.io/cloud-bulldozer/nginx```

Question 27

Run container and mount folder /tmp/html into /var/httpd/html

Answer 27

podman run -d -v /tmp/html:/var/httpd/html:Z quay.io/cloud-bulldozer/nginx:latest

Question 28

Read a container logs

Answer 28

podman logs compassionate_engelbart

Question 29

Launch documentation on podman run

Answer 29

man podman-run

Question 30

Create a network

Answer 30

```podman network create --subnet 10.89.1.0/24 --gateway 10.89.1.1 frontend```

Question 31

Run a container attaching it to a network previously created

Answer 31

```podman run -d --network frontend quay.io/cloud-bulldozer/nginx:latest```

Question 32

podman unshare chown 27:27 databases

Answer 32

Change the ownership of databases directory on the container host so that inside the container user id 27 has access to the databases folder

Question 33

Connect a running container to an existing network

Answer 33

```podman network connect backend engel```

Question 34

Where is systemd storing configuration for user services?

Answer 34

~/.config/systemd/user

Question 35

Configure container engel to start as a systemd service

Answer 35

```mkdir -pv ~/.config/systemd/user && cd $_``` ```podman generate systemd --name engel --files --new``` ```podman stop engel && podman rm engel``` ```systemctl --user daemon-reload``` ```systemctl --user enable --now container-engel``` ```loginctl enable-linger```