Podman 고급 운영
1. Commit
컨테이너 내부 내용을 변경한 후 변경된 내용을 이미지에 적용시킬 때 # podman commit 명령어를 사용한다.
- 컨테이너 내부 내용 변경
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 27 seconds ago Up 27 seconds ago 0.0.0.0:23306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@590e604eda6e:/# ls -l /root
total 0
root@590e604eda6e:/# mkdir /root/test
root@590e604eda6e:/# ls -l /root
total 0
drwxr-xr-x 2 root root 6 Feb 6 01:00 test
root@590e604eda6e:/#
exit- 변경된 내용 적용
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 2 minutes ago Up 2 minutes ago 0.0.0.0:23306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman commit jh-mariadb01 jh/mariadb:240206
WARN[0000] archive: skipping "/var/lib/containers/storage/overlay/d806adecb73622f42e9c71fff81ccbda46d8996b64ad4c348b7fc4704a84b67c/merged/run/mysqld/mysqld.sock" since it is a socket
Getting image source signatures
Copying blob 8e87ff28f1b5 skipped: already exists
Copying blob d35acfab0e41 skipped: already exists
Copying blob 56fc83f4f5a4 skipped: already exists
Copying blob a3bf637726fe skipped: already exists
Copying blob 40fbc2d141b9 skipped: already exists
Copying blob d1db136ff347 skipped: already exists
Copying blob 4db62f20d419 skipped: already exists
Copying blob 07943e317bab skipped: already exists
Copying blob 44a706cad00c done
Copying config e2cfae12f3 done
Writing manifest to image destination
Storing signatures
e2cfae12f3e38843657aae9f5da3acc288da055116f2972baf1606bdedf7263f
[root@jh-container-rocky86 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/jh/mariadb 240206 e2cfae12f3e3 9 seconds ago 411 MB
docker.io/library/mariadb latest 2b54778e06a3 2 months ago 411 MB- 변경된 이미지 컨테이너로 실행
[root@jh-container-rocky86 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/jh/mariadb 240206 e2cfae12f3e3 2 minutes ago 411 MB
docker.io/library/mariadb latest 2b54778e06a3 2 months ago 411 MB
[root@jh-container-rocky86 ~]# podman run -itd -p 13307:3306 -e MYSQL_ROOT_PASSWORD=1234 --restart always --name jh-mariadb01-new localhost/jh/mariadb:240206
f2c869f07c6fec224a5208b47e445e6c58561bc1eb7b02a6afb9e845a91fd73a
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 6 minutes ago Up 6 minutes ago 0.0.0.0:23306->3306/tcp jh-mariadb01
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 3 seconds ago Up 4 seconds ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01-new bash
root@f2c869f07c6f:/# ls -l /root
total 0
drwxr-xr-x 2 root root 6 Feb 6 01:00 test2. Conmon
Podman 은 기본적으로 데몬 프로세스를 실행하지 않고 바로 컨테이너를 관리할 수 있도록 설계된 컨테이너 관리 도구이지만, 컨테이너를 실행할 때 마다 프로세스를 따로 생성하여 컨테이너 생명 주기를 관리하고 제어한다.
이 프로세스가 바로 Conmon 프로세스이다.
[root@jh-container-rocky86 ~]# ps -ef | grep conmon.pid | grep -v grep
root 14678 1 0 Feb06 ? 00:00:00 /usr/bin/conmon ... -n jh-mariadb01 ...
- VS KVM
KVM 에서 가상머신이 시작되면 호스트 OS가 가상머신을 관리하기 때문에 프로세스 형태로 생성된다.[root@is1 no-qcow2]# virsh list | grep jh-container-rocky86 477 jh-container-rocky86 running [root@is1 no-qcow2]# ps -ef | grep jh-container-rocky86 | grep -v grep qemu 1399811 1 1 Jan29 ? 02:40:56 /usr/libexec/qemu-kvm -name guest=jh-container-rocky86 ...
3. Data 유지를 위한 Directory 마운트
Mariadb, Apache, Nginx 등 여러 이미지가 있지만 데이터 디렉터리를 따로 마운트하지 않은 상태에서 컨테이너가 삭제되면 데이터 또한 삭제된다.
이러한 데이터 유실을 방지하기 위해 Host OS 의 일부 디렉터리를 컨테이너 실행 시 내부에 마운트를 하는 방법이 존재한다.
아래 예시는 Mariadb 에 데이터를 저장하고 Stop/Start 와 rm 을 시도할 때 데이터 유지 상태를 확인한다.
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 24 hours ago Up 24 hours ago 0.0.0.0:23306->3306/tcp jh-mariadb01
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 23 hours ago Up 23 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@590e604eda6e:/#
root@590e604eda6e:/# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.001 sec)
MariaDB [(none)]> ^DBye
<DB의 데이터는 /var/lib/mysql/ 디렉터리 내부에 파일 형태로 저장된다.>
root@590e604eda6e:/# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log
aria_log_control ibdata1 mysql undo001
ddl_recovery.log ibtmp1 performance_schema undo002
ib_buffer_pool mariadb_upgrade_info sys undo003- DB 예제 파일을 현재 실행중인 Maraidb 컨테이너에 복사한다.
[root@jh-container-rocky86 ~]# ls
anaconda-ks.cfg backup EMP_EXAMPLE.sql jh-mariadb01.tar.gz repo
[root@jh-container-rocky86 ~]# podman cp EMP_EXAMPLE.sql jh-mariadb01:/root/
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@590e604eda6e:/# pwd
/
root@590e604eda6e:/# cd /root
root@590e604eda6e:~# ls
EMP_EXAMPLE.sql test- 아래 명령어를 통해 SQL 예제 파일을 DB 데이터로 삽입한다.
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@590e604eda6e:/#
root@590e604eda6e:/# cd /root/
root@590e604eda6e:~# ls
EMP_EXAMPLE.sql test
root@590e604eda6e:~# mariadb -uroot -p < EMP_EXAMPLE.sql
Enter password:
ERROR 1051 (42S02) at line 3: Unknown table 'test.EMPLOYEE'
<테스트용 DB 파일을 삽입한 것으로 에러는 무시한다.>- 컨테이너에 접속하여 DB 데이터가 정상적으로 저장됐는지 확인한다.
root@590e604eda6e:/# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| test |
+--------------------+
5 rows in set (0.001 sec)
MariaDB [(none)]> ^DBye
<파일 리스트에 "test" 항목이 추가된 것을 확인할 수 있다.>
root@590e604eda6e:/# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log undo003
aria_log_control ibdata1 mysql test
ddl_recovery.log ibtmp1 performance_schema undo001
ib_buffer_pool mariadb_upgrade_info sys undo002- 컨테이너를 재기동하여 데이터 유무를 확인한다.
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:23306->3306/tcp jh-mariadb01
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman restart jh-mariadb01
590e604eda6e97f19eff8f21b54c821ffcb49d4a8c3389a99ce759a6b90e6740
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 25 hours ago Up 4 seconds ago 0.0.0.0:23306->3306/tcp jh-mariadb01
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@590e604eda6e:/# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log undo003
aria_log_control ibdata1 mysql test
ddl_recovery.log ibtmp1 performance_schema undo001
ib_buffer_pool mariadb_upgrade_info sys undo002
root@590e604eda6e:/# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| test |
+--------------------+
5 rows in set (0.001 sec)
MariaDB [(none)]>- DB의 데이터는 컨테이너 내부에만 존재하여 재생성할 경우 내부 데이터는 지워질 것이다.
정확히는 지워진다는 개념보단# podman images명령어에 출력되는 기존 이미지를 실행하는 것이므로 데이터는 당연히 없을 것이다.
[root@jh-container-rocky86 ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
590e604eda6e docker.io/library/mariadb:latest mariadbd 25 hours ago Up 5 minutes ago 0.0.0.0:23306->3306/tcp jh-mariadb01
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman stop jh-mariadb01
jh-mariadb01
[root@jh-container-rocky86 ~]# podman rm jh-mariadb01
590e604eda6e97f19eff8f21b54c821ffcb49d4a8c3389a99ce759a6b90e6740
[root@jh-container-rocky86 ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# podman run -itd -p 13306:3306 -e MYSQL_ROOT_PASSWORD=1234 --restart always --name jh-mariadb01 mariadb:latest
c1423054489aff76010115f36b25b4147c15dcd507aaf6ebac1f46f0f33590f1
[root@jh-container-rocky86 ~]# podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
c1423054489a docker.io/library/mariadb:latest mariadbd 3 seconds ago Up 3 seconds ago 0.0.0.0:13306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@c1423054489a:/# cd /var/lib/mysql/
root@c1423054489a:/var/lib/mysql# ls
aria_log.00000001 ib_logfile0 multi-master.info tc.log
aria_log_control ibdata1 mysql undo001
ddl_recovery.log ibtmp1 performance_schema undo002
ib_buffer_pool mariadb_upgrade_info sys undo003
root@c1423054489a:/var/lib/mysql# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.001 sec)
MariaDB [(none)]> ^DBye- 기존 컨테이너 삭제 후 Host OS의 특정 디렉토리를 마운트하며 컨테이너를 생성한다.
컨테이너에 특정 디렉터리 마운트를 하는 옵션은 -v 이다.
# podman run ... -v <Host OS 디렉터리 경로>:<컨테이너 디렉터리 경로>
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
c1423054489a docker.io/library/mariadb:latest mariadbd 7 minutes ago Up 7 minutes ago 0.0.0.0:13306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman rm -f jh-mariadb01
c1423054489aff76010115f36b25b4147c15dcd507aaf6ebac1f46f0f33590f1
[root@jh-container-rocky86 ~]# mkdir /jh-mariadb01_data
[root@jh-container-rocky86 ~]# ls -d /jh-mariadb01_data/
/jh-mariadb01_data/
[root@jh-container-rocky86 ~]# podman run -itd -p 13306:3306 -v /jh-mariadb01_data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=1234 --restart always --name jh-mariadb01 mariadb:latest
42d88b6fde4e58bd7b5666ddb7867c86bb2d5b0e28f55ec92064ce37bea23f29
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 25 hours ago Up 25 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
42d88b6fde4e docker.io/library/mariadb:latest mariadbd 7 seconds ago Up 6 seconds ago 0.0.0.0:13306->3306/tcp jh-mariadb01
<Host OS의 디렉터리 데이터와 컨테이너의 디렉터리 데이터가 동일한 것을 확인할 수 있다.>
[root@jh-container-rocky86 ~]# ls /jh-mariadb01_data/
aria_log.00000001 ibdata1 multi-master.info tc.log
aria_log_control ib_logfile0 mysql undo001
ddl_recovery.log ibtmp1 performance_schema undo002
ib_buffer_pool mariadb_upgrade_info sys undo003
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@42d88b6fde4e:/# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log
aria_log_control ibdata1 mysql undo001
ddl_recovery.log ibtmp1 performance_schema undo002
ib_buffer_pool mariadb_upgrade_info sys undo003- 데이터 입력 후 디렉터리 내용을 확인한다
[root@jh-container-rocky86 ~]# ls
anaconda-ks.cfg backup EMP_EXAMPLE.sql jh-mariadb01.tar.gz repo
[root@jh-container-rocky86 ~]# podman cp EMP_EXAMPLE.sql jh-mariadb01:/root/
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@42d88b6fde4e:/# cd /root/
root@42d88b6fde4e:~# ls
EMP_EXAMPLE.sql
root@42d88b6fde4e:~# mariadb -uroot -p < EMP_EXAMPLE.sql
Enter password:
ERROR 1051 (42S02) at line 4: Unknown table 'test.EMPLOYEE'
root@42d88b6fde4e:~# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log undo003
aria_log_control ibdata1 mysql test
ddl_recovery.log ibtmp1 performance_schema undo001
ib_buffer_pool mariadb_upgrade_info sys undo002
root@42d88b6fde4e:~# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 4
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| test |
+--------------------+
5 rows in set (0.001 sec)
MariaDB [(none)]> ^DBye
root@42d88b6fde4e:~#
exit
[root@jh-container-rocky86 ~]# ls /jh-mariadb01_data/
aria_log.00000001 ibdata1 multi-master.info tc.log undo003
aria_log_control ib_logfile0 mysql test
ddl_recovery.log ibtmp1 performance_schema undo001
ib_buffer_pool mariadb_upgrade_info sys undo002- 컨테이너 삭제 시 Host OS 디렉터리에 데이터가 유지되는지 확인한다.
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 31 hours ago Up 31 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
42d88b6fde4e docker.io/library/mariadb:latest mariadbd 6 hours ago Up 6 hours ago 0.0.0.0:13306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman rm -f jh-mariadb01
42d88b6fde4e58bd7b5666ddb7867c86bb2d5b0e28f55ec92064ce37bea23f29
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 31 hours ago Up 31 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
[root@jh-container-rocky86 ~]# ls /jh-mariadb01_data/
aria_log.00000001 ibdata1 multi-master.info sys undo002
aria_log_control ib_logfile0 mysql test undo003
ib_buffer_pool mariadb_upgrade_info performance_schema undo001
- 컨테이너 재생성한 후 마운트했을 때 저장된 데이터가 정상적인지 확인한다.
[root@jh-container-rocky86 ~]# podman run -itd -p 13306:3306 -v /jh-mariadb01_data:/var/lib/mysql -e MYSQL_ROOT_PASSWORD=1234 --restart always --name jh-mariadb01 mariadb:latest
4d03e0b62af631fd4acd6192c36d60c6007057b7f5dfb8935d76e19045551da2
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f2c869f07c6f localhost/jh/mariadb:240206 mariadbd 31 hours ago Up 31 hours ago 0.0.0.0:13307->3306/tcp jh-mariadb01-new
4d03e0b62af6 docker.io/library/mariadb:latest mariadbd 4 seconds ago Up 4 seconds ago 0.0.0.0:13306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman exec -it jh-mariadb01 bash
root@4d03e0b62af6:/# ls /var/lib/mysql/
aria_log.00000001 ib_logfile0 multi-master.info tc.log undo003
aria_log_control ibdata1 mysql test
ddl_recovery.log ibtmp1 performance_schema undo001
ib_buffer_pool mariadb_upgrade_info sys undo002
root@4d03e0b62af6:/# mariadb -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 11.2.2-MariaDB-1:11.2.2+maria~ubu2204 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| test |
+--------------------+
5 rows in set (0.001 sec)4. 컨테이너 이미지 빌드
컨테이너 이미지를 직접 빌드할 수 있다.
테스트 환경은 Rockey Linux 8.6 + Mariadb 를 동일하게 사용한다.
기존에 진행했던 테스트는 Mariadb 컨테이너 자체에 접속은 가능하지만,
컨테이너 내부에 설치된 OS의 SSH 원격 접속은 불가능하도록 설정되어 있다.
(SSH 자체가 없다.)
아무런 어플리케이션이 설치되지 않은 Core 형태의 Rockey Linux 컨테이너가 필요하다.
이를 기반으로 Mariadb 최신 버전을 설치하고 작동하도록 하는 것이 테스트의 목적이다.
- 컨테이너 이미지를 다운로드한 후 초기 환경을 확인한다.
[root@jh-container-rocky86 ~]# podman pull rockylinux:8.6
Resolved "rockylinux" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/rockylinux:8.6...
Getting image source signatures
Copying blob 0049b869cecb done
Copying config 8cf70153e0 done
Writing manifest to image destination
Storing signatures
8cf70153e06229087a76d2a36c833efba1ee71fa89fedec60cd2661947446fd8
[root@jh-container-rocky86 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/jh/mariadb 240206 e2cfae12f3e3 31 hours ago 411 MB
docker.io/library/mariadb latest 2b54778e06a3 2 months ago 411 MB
docker.io/library/rockylinux 8.6 8cf70153e062 19 months ago 202 MB
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8422260cafd0 docker.io/library/mariadb:latest mariadbd 15 hours ago Up 15 hours ago 0.0.0.0:13306->3306/tcp jh-mariadb01
[root@jh-container-rocky86 ~]# podman run --privileged -itd --name jh-rk86 rockylinux:8.6 /sbin/init
b80bf8fe4059d487808968e1b7d6bbb8b46c2bdea5ecb04e09d6a909a39eaa85
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8422260cafd0 docker.io/library/mariadb:latest mariadbd 15 hours ago Up 15 hours ago 0.0.0.0:13306->3306/tcp jh-mariadb01
b80bf8fe4059 docker.io/library/rockylinux:8.6 /sbin/init 4 seconds ago Up 4 seconds ago jh-rk86
[root@jh-container-rocky86 ~]# podman exec -it jh-rk86 bash
<# systemtl 명령어가 정상 작동하는지 확인한다.>
[root@b80bf8fe4059 /]# systemctl
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File>
-.mount loaded active mounted Root Mount
dev-mqueue.mount loaded active mounted POSIX Message Queue File >
...--privileged: 컨테이너가 권한을 가진 상태로 실행한다.
컨테이너가 호스트 시스템의 모든 기능에 대한 액세스 권한을 갖는 것을 의미한다.
일반적으로 보안상 권장되지 않지만, 예시에서는 # systemctl 명령어 사용을 위해 옵션이 사용되었다./sbin/init: 컨테이너에서 실행될 명령으로, 컨테이너의 메인 프로세스를 시작한다.
시스템 초기화에 사용되는 명령어다.
- 필요한 패키지를 설치 및 업그레이드 한다.
[root@b80bf8fe4059 /]# dnf install iproute net-tools vim bash-completion net-tools chrony tmux openssh openssh-server openssh-clients passwd -y
...
Installed:
bash-completion-1:2.7-5.el8.noarch
chrony-4.2-1.el8.rocky.1.0.x86_64
gpm-libs-1.20.7-17.el8.x86_64
iproute-6.2.0-5.el8_9.x86_64
libbpf-0.5.0-1.el8.x86_64
libedit-3.1-23.20170329cvs.el8.x86_64
libevent-2.1.8-5.el8.x86_64
libmnl-1.0.4-6.el8.x86_64
libpkgconf-1.4.2-1.el8.x86_64
mozjs60-60.9.0-4.el8.x86_64
net-tools-2.0-0.52.20160912git.el8.x86_64
openssh-8.0p1-19.el8_9.2.x86_64
openssh-clients-8.0p1-19.el8_9.2.x86_64
openssh-server-8.0p1-19.el8_9.2.x86_64
pkgconf-1.4.2-1.el8.x86_64
pkgconf-m4-1.4.2-1.el8.noarch
pkgconf-pkg-config-1.4.2-1.el8.x86_64
polkit-0.115-15.el8.x86_64
polkit-libs-0.115-15.el8.x86_64
polkit-pkla-compat-0.1-12.el8.x86_64
psmisc-23.1-5.el8.x86_64
timedatex-0.5-3.el8.x86_64
tmux-2.7-3.el8.x86_64
vim-common-2:8.0.1763-19.el8_6.4.x86_64
vim-enhanced-2:8.0.1763-19.el8_6.4.x86_64
vim-filesystem-2:8.0.1763-19.el8_6.4.noarch
which-2.21-20.el8.x86_64
Complete!
[root@b80bf8fe4059 /]# dnf update -y
...
Upgraded:
audit-libs-3.0.7-5.el8.x86_64
bash-4.4.20-4.el8_6.x86_64
binutils-2.30-123.el8.x86_64
ca-certificates-2023.2.60_v7.0.306-80.0.el8_8.noarch
chkconfig-1.19.2-1.el8.x86_64
coreutils-single-8.30-15.el8.x86_64
crypto-policies-20230731-1.git3177e06.el8.noarch
cryptsetup-libs-2.3.7-7.el8.x86_64
curl-7.61.1-33.el8.x86_64
dbus-1:1.12.8-26.el8.x86_64
dbus-common-1:1.12.8-26.el8.noarch
dbus-daemon-1:1.12.8-26.el8.x86_64
dbus-libs-1:1.12.8-26.el8.x86_64
dbus-tools-1:1.12.8-26.el8.x86_64
device-mapper-8:1.02.181-13.el8_9.x86_64
device-mapper-libs-8:1.02.181-13.el8_9.x86_64
dnf-4.7.0-19.el8.noarch
dnf-data-4.7.0-19.el8.noarch
elfutils-default-yama-scope-0.189-3.el8.noarch
elfutils-libelf-0.189-3.el8.x86_64
elfutils-libs-0.189-3.el8.x86_64
expat-2.2.5-11.el8.x86_64
file-libs-5.33-25.el8.x86_64
gdbm-1:1.18-2.el8.x86_64
gdbm-libs-1:1.18-2.el8.x86_64
glib2-2.56.4-161.el8.x86_64
glibc-2.28-236.el8_9.7.x86_64
glibc-common-2.28-236.el8_9.7.x86_64
glibc-minimal-langpack-2.28-236.el8_9.7.x86_64
gnupg2-2.2.20-3.el8_6.x86_64
gnutls-3.6.16-8.el8_9.x86_64
iputils-20180629-11.el8.x86_64
krb5-libs-1.18.2-26.el8.x86_64
libarchive-3.3.3-5.el8.x86_64
libblkid-2.32.1-43.el8.x86_64
libcap-2.48-6.el8_9.x86_64
libcom_err-1.45.6-5.el8.x86_64
libcurl-minimal-7.61.1-33.el8.x86_64
libdnf-0.63.0-17.el8_9.x86_64
libfdisk-2.32.1-43.el8.x86_64
libffi-3.1-24.el8.x86_64
libgcc-8.5.0-20.el8.x86_64
libksba-1.3.5-9.el8_7.x86_64
libmount-2.32.1-43.el8.x86_64
libnghttp2-1.33.0-5.el8_8.x86_64
libpwquality-1.4.4-6.el8.x86_64
librepo-1.14.2-4.el8.x86_64
libselinux-2.9-8.el8.x86_64
libsemanage-2.9-9.el8_6.x86_64
libsmartcols-2.32.1-43.el8.x86_64
libsolv-0.7.20-6.el8.x86_64
libstdc++-8.5.0-20.el8.x86_64
libtasn1-4.13-4.el8_7.x86_64
libtirpc-1.1.4-8.el8.x86_64
libuuid-2.32.1-43.el8.x86_64
libverto-0.3.2-2.el8.x86_64
libxml2-2.9.7-18.el8_9.x86_64
ncurses-base-6.1-10.20180224.el8.noarch
ncurses-libs-6.1-10.20180224.el8.x86_64
openssl-libs-1:1.1.1k-12.el8_9.x86_64
passwd-0.80-4.el8.x86_64
pam-1.3.1-27.el8.x86_64
pcre2-10.32-3.el8_6.x86_64
platform-python-3.6.8-56.el8_9.3.rocky.0.x86_64
platform-python-setuptools-39.2.0-7.el8.noarch
python3-dnf-4.7.0-19.el8.noarch
python3-hawkey-0.63.0-17.el8_9.x86_64
python3-libdnf-0.63.0-17.el8_9.x86_64
python3-libs-3.6.8-56.el8_9.3.rocky.0.x86_64
python3-pip-wheel-9.0.3-23.el8.rocky.0.noarch
python3-rpm-4.14.3-26.el8.x86_64
python3-setuptools-wheel-39.2.0-7.el8.noarch
rocky-gpg-keys-8.9-1.8.el8.noarch
rocky-release-8.9-1.8.el8.noarch
rocky-repos-8.9-1.8.el8.noarch
rpm-4.14.3-26.el8.x86_64
rpm-build-libs-4.14.3-26.el8.x86_64
rpm-libs-4.14.3-26.el8.x86_64
setup-2.12.2-9.el8.noarch
shadow-utils-2:4.6-19.el8.x86_64
sqlite-libs-3.26.0-19.el8_9.x86_64
systemd-239-78.el8.x86_64
systemd-libs-239-78.el8.x86_64
systemd-pam-239-78.el8.x86_64
tar-2:1.30-9.el8.x86_64
tpm2-tss-2.3.2-5.el8.x86_64
tzdata-2023d-1.el8.noarch
util-linux-2.32.1-43.el8.x86_64
vim-minimal-2:8.0.1763-19.el8_6.4.x86_64
yum-4.7.0-19.el8.noarch
zlib-1.2.11-25.el8.x86_64
Installed:
cpio-2.12-11.el8.x86_64
crypto-policies-scripts-20230731-1.git3177e06.el8.noarch
diffutils-3.6-6.el8.x86_64
dracut-049-228.git20230802.el8.x86_64
elfutils-debuginfod-client-0.189-3.el8.x86_64
file-5.33-25.el8.x86_64
findutils-1:4.6.0-21.el8.x86_64
gettext-0.19.8.1-17.el8.x86_64
gettext-libs-0.19.8.1-17.el8.x86_64
glibc-gconv-extra-2.28-236.el8_9.7.x86_64
glibc-langpack-en-2.28-236.el8_9.7.x86_64
gnupg2-smime-2.2.20-3.el8_6.x86_64
grub2-common-1:2.02-150.el8.rocky.0.1.noarch
grub2-tools-1:2.02-150.el8.rocky.0.1.x86_64
grub2-tools-minimal-1:2.02-150.el8.rocky.0.1.x86_64
grubby-8.40-48.el8.x86_64
hardlink-1:1.3-6.el8.x86_64
kbd-2.0.4-11.el8.x86_64
kbd-legacy-2.0.4-11.el8.noarch
kbd-misc-2.0.4-11.el8.noarch
kmod-25-19.el8.x86_64
kpartx-0.8.4-39.el8.x86_64
libcroco-0.6.12-4.el8_2.1.x86_64
libgomp-8.5.0-20.el8.x86_64
libkcapi-1.2.0-2.el8.x86_64
libkcapi-hmaccalc-1.2.0-2.el8.x86_64
libsecret-0.18.6-1.el8.0.2.x86_64
libxkbcommon-0.9.1-1.el8.x86_64
memstrack-0.2.5-2.el8.x86_64
openssl-1:1.1.1k-12.el8_9.x86_64
openssl-pkcs11-0.4.10-3.el8.x86_64
os-prober-1.74-9.el8.x86_64
pigz-2.4-4.el8.x86_64
pinentry-1.1.0-2.el8.x86_64
platform-python-pip-9.0.3-23.el8.rocky.0.noarch
procps-ng-3.3.15-14.el8.x86_64
python3-unbound-1.16.2-5.el8.x86_64
rpm-plugin-systemd-inhibit-4.14.3-26.el8.x86_64
shared-mime-info-1.9-3.el8.x86_64
sqlite-3.26.0-19.el8_9.x86_64
systemd-udev-239-78.el8.x86_64
trousers-0.3.15-1.el8.x86_64
trousers-lib-0.3.15-1.el8.x86_64
unbound-libs-1.16.2-5.el8.x86_64
xkeyboard-config-2.28-1.el8.noarch
xz-5.2.4-4.el8_6.x86_64
Complete!- 업데이트 이후 컨테이너 재기동 및 sshd 데몬을 시작하고 확인한다.
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8422260cafd0 docker.io/library/mariadb:latest mariadbd 16 hours ago Up 16 hours ago 0.0.0.0:13306->3306/tcp jh-mariadb01
b80bf8fe4059 docker.io/library/rockylinux:8.6 /sbin/init 16 minutes ago Up 16 minutes ago jh-rk86
[root@jh-container-rocky86 ~]# podman restart jh-rk86
b80bf8fe4059d487808968e1b7d6bbb8b46c2bdea5ecb04e09d6a909a39eaa85
[root@jh-container-rocky86 ~]# podman exec -it jh-rk86 bash
[root@b80bf8fe4059 /]# systemctl enable --now sshd
[root@b80bf8fe4059 /]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: en>
Active: active (running) since Thu 2024-02-08 00:02:28 UTC; 1min 0s ago- Mariadb 최신 버전을 설치하고 활성화한다.
또한 추후 ssh 접속을 위해 컨테이너의 root 비밀번호를 변경한다.
[root@b80bf8fe4059 /]# dnf install -y mariadb*
...
Installed:
Judy-1.0.5-18.module+el8.4.0+427+adf35707.x86_64
avahi-libs-0.7-21.el8_9.1.x86_64
boost-program-options-1.66.0-13.el8.x86_64
checkpolicy-2.9-1.el8.x86_64
copy-jdk-configs-4.0-2.el8.noarch
cups-libs-1:2.2.6-54.el8_9.x86_64
freetype-2.9.1-9.el8.x86_64
galera-25.3.37-1.module+el8.8.0+1452+2a7eab68.x86_64
groff-base-1.22.3-18.el8.x86_64
java-1.8.0-openjdk-headless-1:1.8.0.402.b06-2.el8.x86_64
javapackages-filesystem-5.3.0-2.module+el8.3.0+125+5da1ae29.noarch
jna-4.5.1-5.el8.x86_64
keyutils-libs-devel-1.5.10-9.el8.x86_64
krb5-devel-1.18.2-26.el8.x86_64
libaio-0.3.112-1.el8.x86_64
libaio-devel-0.3.112-1.el8.x86_64
libcom_err-devel-1.45.6-5.el8.x86_64
libibverbs-46.0-1.el8.1.x86_64
libkadm5-1.18.2-26.el8.x86_64
libnl3-3.7.0-1.el8.x86_64
libpcap-14:1.9.1-5.el8.x86_64
libpng-2:1.6.34-5.el8.x86_64
libselinux-devel-2.9-8.el8.x86_64
libselinux-utils-2.9-8.el8.x86_64
libsepol-devel-2.9-3.el8.x86_64
libtool-ltdl-2.4.6-25.el8.x86_64
libverto-devel-0.3.2-2.el8.x86_64
lksctp-tools-1.0.18-3.el8.x86_64
lsof-4.93.2-1.el8.x86_64
lua-5.3.4-12.el8.x86_64
mariadb-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-backup-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-common-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-connector-c-3.1.11-2.el8_3.x86_64
mariadb-connector-c-config-3.1.11-2.el8_3.noarch
mariadb-connector-c-devel-3.1.11-2.el8_3.x86_64
mariadb-connector-odbc-3.1.12-1.el8.x86_64
mariadb-devel-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-embedded-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-embedded-devel-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-errmsg-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-gssapi-server-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-java-client-2.7.1-2.el8.noarch
mariadb-oqgraph-engine-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-server-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-server-galera-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-server-utils-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
mariadb-test-3:10.3.39-1.module+el8.8.0+1452+2a7eab68.x86_64
ncurses-6.1-10.20180224.el8.x86_64
nmap-ncat-2:7.92-1.el8.x86_64
nspr-4.35.0-1.el8_8.x86_64
nss-3.90.0-4.el8_9.x86_64
nss-softokn-3.90.0-4.el8_9.x86_64
nss-softokn-freebl-3.90.0-4.el8_9.x86_64
nss-sysinit-3.90.0-4.el8_9.x86_64
nss-util-3.90.0-4.el8_9.x86_64
openssl-devel-1:1.1.1k-12.el8_9.x86_64
pcre2-devel-10.32-3.el8_6.x86_64
pcre2-utf16-10.32-3.el8_6.x86_64
pcre2-utf32-10.32-3.el8_6.x86_64
perl-Carp-1.42-396.el8.noarch
perl-DBD-MySQL-4.046-3.module+el8.9.0+1501+450eec3b.x86_64
perl-DBI-1.641-4.module+el8.9.0+1495+f278a004.x86_64
perl-Data-Dumper-2.167-399.el8.x86_64
perl-Digest-1.17-395.el8.noarch
perl-Digest-MD5-2.55-396.el8.x86_64
perl-Encode-4:2.97-3.el8.x86_64
perl-Env-1.04-395.el8.noarch
perl-Errno-1.28-422.el8.x86_64
perl-Exporter-5.72-396.el8.noarch
perl-File-Path-2.15-2.el8.noarch
perl-File-Temp-0.230.600-1.el8.noarch
perl-Getopt-Long-1:2.50-4.el8.noarch
perl-HTTP-Tiny-0.074-2.el8.noarch
perl-IO-1.38-422.el8.x86_64
perl-IO-Socket-IP-0.39-5.el8.noarch
perl-IO-Socket-SSL-2.066-4.module+el8.9.0+1517+e71a7a62.noarch
perl-MIME-Base64-3.15-396.el8.x86_64
perl-Math-BigInt-1:1.9998.11-7.el8.noarch
perl-Math-Complex-1.59-422.el8.noarch
perl-Memoize-1.03-422.el8.noarch
perl-Mozilla-CA-20160104-7.module+el8.9.0+1521+0101edce.noarch
perl-Net-SSLeay-1.88-2.module+el8.9.0+1517+e71a7a62.x86_64
perl-PathTools-3.74-1.el8.x86_64
perl-Pod-Escapes-1:1.07-395.el8.noarch
perl-Pod-Perldoc-3.28-396.el8.noarch
perl-Pod-Simple-1:3.35-395.el8.noarch
perl-Pod-Usage-4:1.69-395.el8.noarch
perl-Scalar-List-Utils-3:1.49-2.el8.x86_64
perl-Socket-4:2.027-3.el8.x86_64
perl-Storable-1:3.11-3.el8.x86_64
perl-Term-ANSIColor-4.06-396.el8.noarch
perl-Term-Cap-1.17-395.el8.noarch
perl-Test-Simple-1:1.302135-1.el8.noarch
perl-Text-ParseWords-3.30-395.el8.noarch
perl-Text-Tabs+Wrap-2013.0523-395.el8.noarch
perl-Time-HiRes-4:1.9758-2.el8.x86_64
perl-Time-Local-1:1.280-1.el8.noarch
perl-URI-1.73-3.el8.noarch
perl-Unicode-Normalize-1.25-396.el8.x86_64
perl-constant-1.33-396.el8.noarch
perl-interpreter-4:5.26.3-422.el8.x86_64
perl-libnet-3.11-3.el8.noarch
perl-libs-4:5.26.3-422.el8.x86_64
perl-macros-4:5.26.3-422.el8.x86_64
perl-parent-1:0.237-1.el8.noarch
perl-podlators-4.11-1.el8.noarch
perl-threads-1:2.21-2.el8.x86_64
perl-threads-shared-1.58-2.el8.x86_64
policycoreutils-2.9-24.el8.x86_64
policycoreutils-python-utils-2.9-24.el8.noarch
python3-audit-3.0.7-5.el8.x86_64
python3-libselinux-2.9-8.el8.x86_64
python3-libsemanage-2.9-9.el8_6.x86_64
python3-policycoreutils-2.9-24.el8.noarch
python3-setools-4.3.0-5.el8.x86_64
rsync-3.1.3-19.el8_7.1.x86_64
tzdata-java-2023d-1.el8.noarch
unixODBC-2.3.7-1.el8.x86_64
zlib-devel-1.2.11-25.el8.x86_64
Complete!
[root@b80bf8fe4059 /]# systemctl enable --now mariadb
Created symlink /etc/systemd/system/mysql.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/mysqld.service → /usr/lib/systemd/system/mariadb.service.
Created symlink /etc/systemd/system/multi-user.target.wants/mariadb.service → /usr/lib/systemd/system/mariadb.service.
[root@b80bf8fe4059 /]# systemctl status mariadb
● mariadb.service - MariaDB 10.3 database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset:>
Active: active (running) since Thu 2024-02-08 00:32:55 UTC; 4s ago
[root@b80bf8fe4059 /]# mysql -uroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
Server version: 10.3.39-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> Ctrl-C -- exit!
Aborted
[root@5b322a3d7f80 /]# passwd root
Changing password for user root.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
- 컨테이너 설정이 정상 적용됐는지 확인하기 위해 컨테이너를 Commit 한다.
[root@jh-container-rocky86 ~]# podman commit jh-rk86 jh/rk86-mariadb:240208
WARN[0080] archive: skipping "/var/lib/containers/storage/overlay/d7af589d34a7a50f2114c3e626b53c35061a8fb487b6ff149d1f9cc40f31efd7/merged/var/lib/mysql/mysql.sock" since it is a socket
Getting image source signatures
Copying blob 879054335f94 skipped: already exists
Copying blob 3d7146b69636 done
Copying config 6e709759b8 done
Writing manifest to image destination
Storing signatures
6e709759b833a504a3db1505d3e8a0bdff89e092b92cf76c35e27afce10a43c4
[root@jh-container-rocky86 ~]# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/jh/rk86-mariadb 240208 6e709759b833 5 minutes ago 1.51 GB
localhost/jh/mariadb 240206 e2cfae12f3e3 2 days ago 411 MB
docker.io/library/mariadb latest 2b54778e06a3 2 months ago 411 MB
docker.io/library/rockylinux 8.6 8cf70153e062 19 months ago 202 MB- 생성된 이미지를 실행한다.
[root@jh-container-rocky86 ~]# podman run --privileged -itd -p 53306:3306 -p 50022:22 --name jh-rk86-mariadb rk86-mariadb:240208 /sbin/init
5b322a3d7f80e0c16ea4c55ff2d8675556248776b84a7c430f70d0d387d71fbc
[root@jh-container-rocky86 ~]# podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8422260cafd0 docker.io/library/mariadb:latest mariadbd 17 hours ago Up 17 hours ago 0.0.0.0:13306->3306/tcp jh-mariadb01
b80bf8fe4059 docker.io/library/rockylinux:8.6 /sbin/init About an hour ago Up 44 minutes ago jh-rk86
5b322a3d7f80 localhost/jh/rk86-mariadb:240208 /sbin/init 14 seconds ago Up 12 seconds ago 0.0.0.0:50022->22/tcp, 0.0.0.0:53306->3306/tcp jh-rk86-mariadb- 다른 서버에서 ssh 접속을 확인한다.
[root@jh-up-test-rhel84 ~]# ssh -p 50022 root@10.65.121.86
root@10.65.121.86's password:
Last login: Thu Feb 8 00:56:09 2024 from 10.65.121.84
[root@5b322a3d7f80 ~]# ip -4 -o a
1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever
2: eth0 inet 10.88.0.18/16 brd 10.88.255.255 scope global eth0\ valid_lft forever preferred_lft forever
- Mariadb 접속을 확인한다.
Mariadb 설정 문제로 인해 외부 접속이 불가능한 상태이다.
컨테이너에 진입하여 Mariadb 설정을 수정한다.
[root@jh-up-test-rhel84 ~]# mysql -uroot -h 10.65.121.86 -P 53306
ERROR 1130 (HY000): Host '10.65.121.84' is not allowed to connect to this MariaDB server
[root@jh-up-test-rhel84 ~]# ssh -p 50022 root@10.65.121.86
root@10.65.121.86's password:
Last login: Thu Feb 8 00:59:34 2024 from 10.65.121.84
[root@5b322a3d7f80 ~]# mysql -uroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.3.39-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
<아래 명령어를 통하여 현재 비밀번호가 설정되어 있지 않아 접속이 불가능한 것을 확인할 수 있다.>
MariaDB [(none)]> SELECT host, user, password FROM mysql.user;
+--------------+------+----------+
| host | user | password |
+--------------+------+----------+
| localhost | root | |
| b80bf8fe4059 | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
+--------------+------+----------+
4 rows in set (0.001 sec)
<비밀번호를 추가한다.>
MariaDB [(none)]> grant all privileges on *.* to 'root'@'%' identified by '1234';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> SELECT host, user, password FROM mysql.user;
+--------------+------+-------------------------------------------+
| host | user | password |
+--------------+------+-------------------------------------------+
| localhost | root | |
| b80bf8fe4059 | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| % | root | *5ADB1A2AA5D43B4BE58FD21099E41221AB03CCEA |
+--------------+------+-------------------------------------------+
5 rows in set (0.000 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> exit
Bye
[root@jh-up-test-rhel84 ~]# mysql -uroot -p -h 10.65.121.86 -P 53306
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.3.39-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> 
Linux/Cluster/Infra Engineer