podman snippet

不同用户下执行 podman ps，只能查看当前用户的运行容器（即使是root用户，也不能查看其他普通用户启用的容器信息）

command

image

# load tar file to image
podman load -i <image-tar-file>

best practices

change default data dir

• rootful mode

  Default graphroot: /var/lib/containers/storage.

# check
podman info | grep 'GraphRoot'

# Edit Podman’s Storage Configuration
sudo mkdir -p /etc/containers
sudo vim /etc/containers/storage.conf # root用户默认采用的配置

# edit storage.conf
[storage]
driver = "overlay"
graphroot = "/mnt/podman-root-data"

• rootless mode

  Default graphroot: ~/.local/share/containers/storage.

# check
podman info | grep 'GraphRoot'

# Edit Podman’s Storage Configuration
sudo mkdir -p ~/.config/containers
sudo vim ~/.config/containers/storage.conf   # 普通用户默认采用的配置

# edit storge.conf
[storage]
driver = "overlay"
graphroot = "/mnt/podman-<userName>-data" # 普通用户和root用户的数据必须要区分开，不然会有目录权限操作的问题

troubleshooting

potentially insufficient UIDs or GIDs available in user namespace

If the requested UID/GID still falls outside or Podman needs more mappings, you can edit /etc/subuid and /etc/subgid (as root) to increase the range

# Increase UID/GID Range (Optional):
sudo vim /etc/subuid  # dingofs:60000:131072
sudo vim /etc/subgid  # dingofs:60000:131072

podman system migrate

error while loading shared libraries

when execute ‘podman run -it –entrypoint bash xxx’, occur ‘bash: error while loading shared libraries: /usr/lib64/libc.so.6: cannot apply additional memory protection after relocation: Permission denied’

sudo setenforce 0

ulimit: open files: cannot modify limit: Operation not permitted

use regular use could not operate ulimit command

1. Set ulimit when starting the container

   podman run -it --ulimit nofile=1048576:1048576 your_image

2. Adjust host user limits (Edit /etc/security/limits.conf as root)

   your_username soft nofile 1048576
   your_username hard nofile 1048576