实验环境:centos7.7.1908
1.安装podman并查看版本
yum install podman
podman -v
当前podman版本信息是1.6.4
2.更新podman版本
通过查看资料显示centos 7 支持最高版本为 3.4.4,更新podman大致有以下四步:
- golang 安装(本次使用版本: 1.18)
- conmon 安装(本次使用版本: 2.1.0)
- runc 安装(本次使用版本: 1.1.1)
- podman安装(centos 7支持最高版本: 3.4.4)
下面先实验安装podman3.4.4,之后会实验安装当前最新版podman4.6.1
2.1安装go
# 临时关闭selinux
setenforce 0
# 安装golang,版本需要在 v1.6 以上
wget https://golang.google.cn/dl/go1.18.linux-amd64.tar.gz
tar xf go1.18.linux-amd64.tar.gz
mv go /usr/local/
ln -s /usr/local/go/bin/go /usr/local/bin/go
go version
# go version go1.18 linux/amd64
安装依赖
yum install -y \
btrfs-progs-devel \
containernetworking-plugins \
containers-common \
crun \
device-mapper-devel \
glib2-devel \
glibc-devel \
glibc-static \
golang-github-cpuguy83-md2man \
gpgme-devel \
iptables \
libassuan-devel \
libgpg-error-devel \
libseccomp-devel \
libselinux-devel \
make \
pkgconfig
2.2安装conmon 和 runc
# conmon是用C语言编写的工具,用于单个容器的管理器
wget https://github.com/containers/conmon/archive/refs/tags/v2.1.0.tar.gz
tar xf v2.1.0.tar.gz
cd conmon-2.1.0/
export GOCACHE="$(mktemp -d)"
make
make podman
#install -D -m 755 bin/conmon /usr/local/libexec/podman/conmon
conmon --version
#conmon version 2.0.8
#commit: f85c8b1ce77b73bcd48b2d802396321217008762
# runc是golang写的关于CLI工具,用于根据OCI规范在 Linux上生成和运行容器
wget https://github.com/opencontainers/runc/releases/download/v1.1.1/runc.amd64
chmod +x runc.amd64
mv runc.amd64 /usr/local/bin/runc
/usr/local/bin/runc -version
#runc version 1.1.1
#commit: v1.1.0-20-g52de29d7
#spec: 1.0.2-dev
#go: go1.17.6
#libseccomp: 2.5.3
上面是由于当前环境下没有gcc编译器造成的,要通过yum install gcc安装gcc
之后重新执行 make 和 make podman 命令重新编译即可
2.3设置CNI网络
mkdir /etc/containers
wget https://src.fedoraproject.org/rpms/containers-common/raw/main/f/registries.conf
wget https://src.fedoraproject.org/rpms/containers-common/raw/main/f/default-policy.json
cp default-policy.json /etc/containers/default-policy.json
cp registries.conf /etc/containers/registries.conf
# 默认情况下,CNI网络配置文件下载好后,无需配置,即可使用 podman
# registries.conf: 容器镜像注册配置文件,文件格式为 TOML
# policy.json:证书安全策略文件,文件格式为 JSON
/etc/containers如果存在就不用创建了,不存在需要创建
cp registries.conf /etc/containers/registries.conf命令如果containers文件夹存在的话registries.conf文件也会存在,直接替换即可
2.4安装podman
wget https://github.com/containers/podman/archive/refs/tags/v3.4.4.tar.gz
tar xf v3.4.4.tar.gz
cd podman-3.4.4/
make BUILDTAGS="selinux seccomp"
# 存在问题
yum install git -y
vim Makefile
####
# 800行 github.com/cpuguy83/go-md2man 改为
gitee.com/mirrors/go-md2man
####
# 再次make
make BUILDTAGS="selinux seccomp"
make install PREFIX=/usr
# 会自动在usr的bin、lib、share 中 创建相关内容
podman --version
# podman version 3.4.4
podman version
#Version: 3.4.4
#API Version: 3.4.4
#Go Version: go1.18
#Built: Thu Sep 7 07:07:51 2023
#OS/Arch: linux/amd64
首次执行make BUILDTAGS="selinux seccomp"需要安装git以及在Makefile文件需要在800行进行修改,然后再次make
然后我尝试了安装最新版podman4.6.1,操作基本与上面一致
wget https://golang.google.cn/dl/go1.20.4linux-amd64.tar.gz
wget https://github.com/containers/podman/archive/refs/tags/v4.6.1.tar.gz
首次 make BUILDTAGS="selinux seccomp"编译
安装git以后,再次make
[root@ee283976513d podman-4.6.1]# make BUILDTAGS="selinux seccomp"
fatal: Not a git repository (or any of the parent directories): .git
Podman is being compiled without the systemd build tag. Install libsystemd on Ubuntu or systemd-devel on rpm based distro for journald support.
CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build \
\
-ldflags ' -X github.com/containers/podman/v4/libpod/define.buildInfo=1694077099 -X github.com/containers/podman/v4/libpod/config._installPrefix=/usr/local -X github.com/containers/podman/v4/libpod/config._etcDir=/etc -X github.com/containers/podman/v4/pkg/systemd/quadlet._binDir=/usr/local/bin -X github.com/containers/common/pkg/config.additionalHelperBinariesDir= ' \
-tags "selinux seccomp" \
-o bin/podman ./cmd/podman
go build github.com/proglottis/gpgme:
# pkg-config --cflags -- gpgme
Package gpgme was not found in the pkg-config search path.
Perhaps you should add the directory containing `gpgme.pc'
to the PKG_CONFIG_PATH environment variable
No package 'gpgme' found
pkg-config: exit status 1
make: *** [bin/podman] Error 1
之后通过wget https://www.gnupg.org/ftp/gcrypt/gpgme/gpgme-1.22.0.tar.bz2
tar -xvjf gpgme-1.22.0.tar.bz2