Chapter 26. Using the container-tools API

1. Use systemd to activate the Podman API socket.
2. Use a Podman client to perform basic commands.

Procedure

1. Start the service immediately:

   Copy to Clipboard Toggle word wrap

   # systemctl enable --now podman.socket

2. To enable the link to var/lib/docker.sock using the docker-podman package:

   Copy to Clipboard Toggle word wrap

   # yum install podman-docker

Verification

1. Display system information of Podman:

   Copy to Clipboard Toggle word wrap

   # podman-remote info

2. Verify the link:

   Copy to Clipboard Toggle word wrap

   # ls -al /var/run/docker.sock
   lrwxrwxrwx. 1 root root 23 Nov  4 10:19 /var/run/docker.sock -> /run/podman/podman.sock

Procedure

1. Enable and start the service immediately:

   Copy to Clipboard Toggle word wrap

   $ systemctl --user enable --now podman.socket

2. Optional: To enable programs using Docker to interact with the rootless Podman socket:

   Copy to Clipboard Toggle word wrap

   $ export DOCKER_HOST=unix:///run/user/<uid>/podman//podman.sock

Verification

1. Check the status of the socket:

   Copy to Clipboard Toggle word wrap

   $ systemctl --user status podman.socket
   ● podman.socket - Podman API Socket
    Loaded: loaded (/usr/lib/systemd/user/podman.socket; enabled; vendor preset: enabled)
   Active: active (listening) since Mon 2021-08-23 10:37:25 CEST; 9min ago
   Docs: man:podman-system-service(1)
   Listen: /run/user/1000/podman/podman.sock (Stream)
   CGroup: /user.slice/user-1000.slice/user@1000.service/podman.socket

   The podman.socket is active and is listening at /run/user/<uid>/podman.podman.sock, where <uid> is the user’s ID.

2. Display system information of Podman:

   Copy to Clipboard Toggle word wrap

   $ podman-remote info

Procedure

1. Run the service for the REST API:

   Copy to Clipboard Toggle word wrap

   # podman system service -t 0 --log-level=debug

   • The value of 0 means no timeout. The default endpoint for a rootful service is unix:/run/podman/podman.sock.
   • The --log-level <level> option sets the logging level. The standard logging levels are debug, info, warn, error, fatal, and panic.

2. In another terminal, display system information of Podman. The podman-remote command, unlike the regular podman command, communicates through the Podman socket:

   Copy to Clipboard Toggle word wrap

   # podman-remote info

3. To troubleshoot the Podman API and display request and responses, use the curl comman. To get the information about the Podman installation on the Linux server in JSON format:

   Copy to Clipboard Toggle word wrap

   # curl -s --unix-socket /run/podman/podman.sock http://d/v1.0.0/libpod/info | jq
       {
     "host": {
       "arch": "amd64",
       "buildahVersion": "1.15.0",
       "cgroupVersion": "v1",
       "conmon": {
         "package": "conmon-2.0.18-1.module+el8.3.0+7084+c16098dd.x86_64",
         "path": "/usr/bin/conmon",
         "version": "conmon version 2.0.18, commit: 7fd3f71a218f8d3a7202e464252aeb1e942d17eb"
       },
       …
     "version": {
       "APIVersion": 1,
       "Version": "2.0.0",
       "GoVersion": "go1.14.2",
       "GitCommit": "",
       "BuiltTime": "Thu Jan  1 01:00:00 1970",
       "Built": 0,
       "OsArch": "linux/amd64"
     }
   }

   A jq utility is a command-line JSON processor.

4. Pull the registry.access.redhat.com/ubi8/ubi container image:

   Copy to Clipboard Toggle word wrap

   # curl -XPOST --unix-socket /run/podman/podman.sock -v 'http://d/v1.0.0/images/create?fromImage=registry.access.redhat.com%2Fubi8%2Fubi'
   *   Trying /run/podman/podman.sock...
   * Connected to d (/run/podman/podman.sock) port 80 (#0)
   > POST /v1.0.0/images/create?fromImage=registry.access.redhat.com%2Fubi8%2Fubi HTTP/1.1
   > Host: d
   > User-Agent: curl/7.61.1
   > Accept: /
   >
   < HTTP/1.1 200 OK
   < Content-Type: application/json
   < Date: Tue, 20 Oct 2020 13:58:37 GMT
   < Content-Length: 231
   <
   {"status":"pulling image () from registry.access.redhat.com/ubi8/ubi:latest, registry.redhat.io/ubi8/ubi:latest","error":"","progress":"","progressDetail":{},"id":"ecbc6f53bba0d1923ca9e92b3f747da8353a070fccbae93625bd8b47dbee772e"}
   * Connection #0 to host d left intact

5. Display the pulled image:

   Copy to Clipboard Toggle word wrap

   # curl --unix-socket /run/podman/podman.sock -v 'http://d/v1.0.0/libpod/images/json' | jq
   *   Trying /run/podman/podman.sock...
     % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                    Dload  Upload   Total   Spent    Left  Speed
     0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to d (/run/podman/podman.sock) port 80 (0) > GET /v1.0.0/libpod/images/json HTTP/1.1 > Host: d > User-Agent: curl/7.61.1 > Accept: / > < HTTP/1.1 200 OK < Content-Type: application/json < Date: Tue, 20 Oct 2020 13:59:55 GMT < Transfer-Encoding: chunked < { [12498 bytes data] 100 12485 0 12485 0 0 2032k 0 --:--:-- --:--:-- --:--:-- 2438k * Connection #0 to host d left intact [ { "Id": "ecbc6f53bba0d1923ca9e92b3f747da8353a070fccbae93625bd8b47dbee772e", "RepoTags": [ "registry.access.redhat.com/ubi8/ubi:latest", "registry.redhat.io/ubi8/ubi:latest" ], "Created": "2020-09-01T19:44:12.470032Z", "Size": 210838671, "Labels": { "architecture": "x86_64", "build-date": "2020-09-01T19:43:46.041620", "com.redhat.build-host": "cpt-1008.osbs.prod.upshift.rdu2.redhat.com", ... "maintainer": "Red Hat, Inc.", "name": "ubi8", ... "summary": "Provides the latest release of Red Hat Universal Base Image 8.", "url": "https://access.redhat.com/containers//registry.access.redhat.com/ubi8/images/8.2-347",
         ...
       },
       "Names": [
         "registry.access.redhat.com/ubi8/ubi:latest",
         "registry.redhat.io/ubi8/ubi:latest"
       ],
       ...
       ]
     }
   ]