Thursday 26 October 2023

Plodman


Podman has the same interface as Docker

so you can do this:

$ time podman run -v .:/app:exec -p 9000:5000 --rm -it --name cos2 cos bash -c 'exit'

real 0m3.115s

Which shall:
time    prints the various times (real time included above) it takes to run that command
run    as opposed to rm, start, resume, build, etc
-v    maps some filesystem (. = current directory) to /app (where it wakes up as per WORKDIR /app in the Containerfile it was built with)
and the :exec option to the -v option I needed somewhere (running something in the container said something like "permission denied", I can't remember)
 another useful -v option is :ro for when you don't want the container to be able to change the mounted filesystem. Good for showing media files to media sorters.
-p 9000:5000    a port mapping: localhost:9000 to the container's 0.0.0.0:5000, where the app listens
--rm    destroy the cos2 fork of cos when it exits. So we constantly start fresh from cos, as opposed to the trad computer OS instance that just keep accumulating state until succumb to entropy.
-i    interactive? keep stdin open even if not attached, which I guess allows you to come and go from their terminal without them knowing?
-t    Allocate a pseudo-TTY or you will not have their terminal decorated properly
--name    finally, names this instance cos2, a fork from cos
bash ...    exits immediately

This is a bit slow for what is basically creating a user and running a nothing-program. Voicing your general complaints like this (to AI) can help!

overlayfs > vfs for speed

As is the default in Docker and makes it faster and less secure. Lets use that instead:
$ mkdir ~/.config/containers/
$ vi ~/.config/containers/storage.conf
storage.driver = 'overlay'

then you will be blasted with noise doing anything podman:
$ podman ... 
ERRO[0000] User-selected graph driver "overlay" overwritten by graph driver "vfs" from database - delete libpod local files to resolve.  May prevent use of images created by other tools 

so rebuild all your containers and try afresh:
$ mv ~/.local/share/containers/ ~/.local/share/not-containers/
$ podman build -t cos .
$ time podman run -v .:/app:exec -p 9000:5000 --rm -it --name cos2 cos bash -c 'exit'

real 0m0.222s

Faster! Fantastic.

It should be the default. I am no expert.

Back to it

The keycode to escape from podman attach is Ctrl + P followed by Ctrl + Q.

I use zap - supervisor running|monitoring all these commands, a task-manager sort of script so I don't have to run the above commands manually except to investigate this kind of stuff.

You might have something built into your IDE to do this? What is it?
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)