1 00:00:06,920 --> 00:00:10,700 - So Docker is kind of old school according to Red Hat. 2 00:00:10,700 --> 00:00:11,880 Red Hat has their own stack, 3 00:00:11,880 --> 00:00:14,500 that's podman for running containers. 4 00:00:14,500 --> 00:00:16,120 Let's talk podman. 5 00:00:16,120 --> 00:00:17,550 So what is there to know? 6 00:00:17,550 --> 00:00:19,840 Well, podman is the Red Hat Enterprise Linux eight 7 00:00:19,840 --> 00:00:22,230 and later native way to run containers. 8 00:00:22,230 --> 00:00:24,940 You'll find it on Red Hat, on Fedora, on CentOS, 9 00:00:24,940 --> 00:00:28,599 on Rocky, on all the Red Hat related distributions 10 00:00:28,599 --> 00:00:32,390 and even on other distributions it's finding its way. 11 00:00:32,390 --> 00:00:34,020 To start podman containers, 12 00:00:34,020 --> 00:00:37,040 you need to ensure that a podman software is installed 13 00:00:37,040 --> 00:00:40,350 and in podman there is no need to run any daemon 14 00:00:40,350 --> 00:00:44,220 to start podman containers. They call it native support. 15 00:00:44,220 --> 00:00:46,940 Also, podman can do this thing that we call 16 00:00:46,940 --> 00:00:49,840 our rootless containers and rootless containers 17 00:00:49,840 --> 00:00:51,840 do not require any root privileges 18 00:00:51,840 --> 00:00:54,880 but can run with ordinary user credentials. 19 00:00:54,880 --> 00:00:56,963 Isn't that cool? Let's go check it out. 20 00:00:58,000 --> 00:01:01,650 So the podman containers are in Putman dot YAML. 21 00:01:01,650 --> 00:01:03,699 And what do we see? 22 00:01:03,699 --> 00:01:07,630 We see that, oh, 23 00:01:07,630 --> 00:01:10,460 apparently this is based on containers. 24 00:01:10,460 --> 00:01:11,293 Do pop man. 25 00:01:11,293 --> 00:01:15,749 So we need Ansible galaxy in salt containers dot pop, man. 26 00:01:15,749 --> 00:01:17,740 It's kind of curious 27 00:01:17,740 --> 00:01:20,510 but SBO galaxy salt doesn't work really well 28 00:01:20,510 --> 00:01:21,510 from a playbook. 29 00:01:21,510 --> 00:01:23,010 So let me do that 30 00:01:23,010 --> 00:01:24,723 and let me do that right now. 31 00:01:33,810 --> 00:01:35,227 Now let's get back. 32 00:01:35,227 --> 00:01:37,860 I also need to tweak my inventory because I 33 00:01:37,860 --> 00:01:40,470 know the inventory does not have my Rocky machines. 34 00:01:40,470 --> 00:01:42,577 So I am going to use Rocky 35 00:01:42,577 --> 00:01:47,283 for Ansible one as well as Ansible two. 36 00:01:49,860 --> 00:01:52,910 Right now, let's get back to this pop man. 37 00:01:52,910 --> 00:01:57,810 Yamo so host Rocky, the collections, I'm calling 38 00:01:57,810 --> 00:02:01,560 the collections so that we can use short, short names. 39 00:02:01,560 --> 00:02:06,040 After that, the task I'm installing pop man using packets 40 00:02:06,040 --> 00:02:09,000 that's straightforward, nothing, nothing very complicated 41 00:02:09,000 --> 00:02:10,640 about it. 42 00:02:10,640 --> 00:02:13,670 Then I'm pulling an image, not because it is needed 43 00:02:13,670 --> 00:02:16,708 but just because I wanted to show you pop an image 44 00:02:16,708 --> 00:02:20,560 which allows you to pull an image, then I'm copying a file 45 00:02:20,560 --> 00:02:21,810 into home. 46 00:02:21,810 --> 00:02:24,870 So the content, the content is hello, and the destination 47 00:02:24,870 --> 00:02:28,280 is TMP index HTML. 48 00:02:28,280 --> 00:02:32,960 And then I'm creating an H CTP container with lots of surf. 49 00:02:32,960 --> 00:02:34,400 So what do we do? 50 00:02:34,400 --> 00:02:36,010 The name is test H C TPD. 51 00:02:36,010 --> 00:02:38,910 The image is HTPD the data start detaches 52 00:02:38,910 --> 00:02:42,660 through expose ports, 80 ports that is port forwarding. 53 00:02:42,660 --> 00:02:46,768 So port 44, 44 on the local host, that is the Rocky 54 00:02:46,768 --> 00:02:51,768 local host is going to forward to port 80 on the container. 55 00:02:51,860 --> 00:02:53,829 And then we have the volumes where I'm doing a Mount 56 00:02:53,829 --> 00:02:55,970 inside the container. 57 00:02:55,970 --> 00:02:58,840 So you need to know what happens in a container in order 58 00:02:58,840 --> 00:03:00,690 to understand stuff like this. 59 00:03:00,690 --> 00:03:03,500 But this is a bind Mount that is presenting the contents 60 00:03:03,500 --> 00:03:07,051 of TMP in user local, Apache to HT docs 61 00:03:07,051 --> 00:03:10,460 with the results that the Apache server is going to 62 00:03:10,460 --> 00:03:14,510 be able to serve some web server document route. 63 00:03:14,510 --> 00:03:16,100 So this is going to work. 64 00:03:16,100 --> 00:03:18,040 Let's check it out. 65 00:03:18,040 --> 00:03:21,030 Ansible playbook on pop man Yamo 66 00:03:23,580 --> 00:03:25,350 Oops minus K. 67 00:03:25,350 --> 00:03:27,570 Apparently we need a pseudo password. 68 00:03:27,570 --> 00:03:29,520 Well, let's give it to pseudo password. 69 00:03:30,410 --> 00:03:31,390 So there we go. 70 00:03:31,390 --> 00:03:35,722 We can see that it has been created. 71 00:03:35,722 --> 00:03:38,500 So how we, how can we verify? 72 00:03:38,500 --> 00:03:43,500 Well, Ansible on Ansible two minus a what? 73 00:03:46,330 --> 00:03:49,780 Well pop man, PS that'll show 74 00:03:49,780 --> 00:03:52,690 if there are any containers that are running and yay 75 00:03:52,690 --> 00:03:55,397 we can see that there is indeed the container 76 00:03:55,397 --> 00:03:58,570 that is running and curled to 77 00:03:59,576 --> 00:04:00,590 Ansible 78 00:04:00,590 --> 00:04:05,437 to colon 4, 4, 4, 4, instead giving access. 79 00:04:05,437 --> 00:04:08,540 And oh no, that is giving an error message. 80 00:04:08,540 --> 00:04:11,410 You don't have permission to access this resource. 81 00:04:11,410 --> 00:04:12,376 Now that is something else. 82 00:04:12,376 --> 00:04:15,740 And that might have to do with se Linux. 83 00:04:15,740 --> 00:04:17,416 You know, the thing is that if you are running 84 00:04:17,416 --> 00:04:21,037 if you're running se Linux on a system, that's security 85 00:04:21,037 --> 00:04:24,840 enhanced Linux, and in the security enhanced Linux 86 00:04:24,840 --> 00:04:27,030 you might have an issue with port forwarding. 87 00:04:27,030 --> 00:04:31,288 You might also have an issue with bind mappings in volumes. 88 00:04:31,288 --> 00:04:34,870 This is not the place to talk about SELinux considerations 89 00:04:34,870 --> 00:04:36,797 for running pop man on, on Rocky. 90 00:04:36,797 --> 00:04:40,280 That would be too specific for discourse. 91 00:04:40,280 --> 00:04:42,176 So I consider this successful. 92 00:04:42,176 --> 00:04:43,640 If you're not happy with it 93 00:04:43,640 --> 00:04:46,160 I would say just remove the ports as well 94 00:04:46,160 --> 00:04:50,787 as the volumes and you'll see that it's working anyways. 95 00:04:50,787 --> 00:04:52,393 So that's all.