mirror of https://github.com/containers/podman.git
Make the hello image leaner
[NO TESTS NEEDED] Change from using a bash script to a c file for running the image. With thanks to discussions with @afbjorklund, the Containerfile was rigged up to make the final image be only KB's in size. Also add USER 1000 to make the image test/run as non-root, and update the README.md Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This commit is contained in:
parent
6d2b54a731
commit
40ba9f10e5
|
@ -1,8 +1,11 @@
|
||||||
FROM registry.access.redhat.com/ubi8-micro:latest
|
FROM docker.io/alpine as builder
|
||||||
|
RUN apk add gcc libc-dev
|
||||||
|
ADD podman_hello_world.c .
|
||||||
|
RUN gcc -O2 -static -o podman_hello_world podman_hello_world.c
|
||||||
|
|
||||||
|
FROM scratch
|
||||||
LABEL maintainer="Podman Maintainers"
|
LABEL maintainer="Podman Maintainers"
|
||||||
LABEL artist="Máirín Ní Ḋuḃṫaiġ, Twitter:@mairin"
|
LABEL artist="Máirín Ní Ḋuḃṫaiġ, Twitter:@mairin"
|
||||||
WORKDIR /tmp
|
USER 1000
|
||||||
|
COPY --from=builder podman_hello_world /usr/local/bin/podman_hello_world
|
||||||
COPY podman_hello_world.bash .
|
CMD ["/usr/local/bin/podman_hello_world"]
|
||||||
ENTRYPOINT ./podman_hello_world.bash
|
|
||||||
|
|
|
@ -19,7 +19,7 @@ Using this image is helpful to:
|
||||||
|
|
||||||
The contents of this directory contain:
|
The contents of this directory contain:
|
||||||
* ./Containerfile
|
* ./Containerfile
|
||||||
* ./podman_hello_world.bash
|
* ./podman_hello_world.c
|
||||||
|
|
||||||
## Sample Usage
|
## Sample Usage
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ To simply run the image:
|
||||||
```
|
```
|
||||||
podman run quay.io/podman/hello
|
podman run quay.io/podman/hello
|
||||||
|
|
||||||
! ... Hello Podman World ...!
|
!... Hello Podman World ...!
|
||||||
|
|
||||||
.--"--.
|
.--"--.
|
||||||
/ - - \
|
/ - - \
|
||||||
|
@ -49,7 +49,29 @@ To build the image yourself, copy the files from this directory into
|
||||||
a local directory and issue these commands:
|
a local directory and issue these commands:
|
||||||
|
|
||||||
```
|
```
|
||||||
chmod 755 ./podman_hello_world.bash
|
|
||||||
podman build -t myhello .
|
podman build -t myhello .
|
||||||
podman run myhello
|
podman run myhello
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Potential Issues:
|
||||||
|
|
||||||
|
The image runs as a rootless user with the UID set to `1000`.
|
||||||
|
If the /etc/subuid and /etch/subgid values are not set appropriately to run as a
|
||||||
|
rootless user on the host, an error like this might be raised:
|
||||||
|
|
||||||
|
```
|
||||||
|
Copying blob acab339ca1e8 done
|
||||||
|
ERRO[0002] Error while applying layer: ApplyLayer exit status 1 stdout: stderr: potentially insufficient UIDs or GIDs available in user namespace (requested 0:12 for /var/spool/mail): Check /etc/subuid and /etc/subgid: lchown /var/spool/mail: invalid argument
|
||||||
|
Error: writing blob: adding layer with blob "sha256:ee0cde9de8a68f171a8c03b0e9954abf18576947e2f3187e84d8c31ccd8f6a09": ApplyLayer exit status 1 stdout: stderr: potentially insufficient UIDs or GIDs available in user namespace (requested 0:12 for /var/spool/mail): Check /etc/subuid and /etc/subgid: lchown /var/spool/mail: invalid argument
|
||||||
|
```
|
||||||
|
|
||||||
|
Please refer to this [blog post](https://www.redhat.com/sysadmin/rootless-podman) for further configuration information.
|
||||||
|
|
||||||
|
## THANKS!
|
||||||
|
|
||||||
|
Many Thanks to @afbjorklund for a great discussion during the
|
||||||
|
first revision of this container image that resulted in moving
|
||||||
|
from using bash to using C, and the ensuing changes to the
|
||||||
|
Containerfile.
|
||||||
|
|
||||||
|
Also many thanks to @mairin for the awesome ASCII art!
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
###
|
|
||||||
# ASCII art by the incomparable Máirín Duffy,
|
|
||||||
# duffy@redhat.com, Twitter: @mairin
|
|
||||||
# January 2022
|
|
||||||
###
|
|
||||||
echo " "
|
|
||||||
echo "! ... Hello Podman World ... !"
|
|
||||||
echo " "
|
|
||||||
echo " .--\"--. "
|
|
||||||
echo " / - - \\ "
|
|
||||||
echo " / (O) (O) \\ "
|
|
||||||
echo " ~~~| -=(,Y,)=- | "
|
|
||||||
echo " .---. /\` \\ |~~ "
|
|
||||||
echo " ~/ o o \\~~~~.----. ~~ "
|
|
||||||
echo " | =(X)= |~ / (O (O) \\ "
|
|
||||||
echo " ~~~~~~~ ~| =(Y_)=- | "
|
|
||||||
echo " ~~~~ ~~~| U |~~ "
|
|
||||||
echo ""
|
|
||||||
echo "Project: https://github.com/containers/podman"
|
|
||||||
echo "Website: https://podman.io"
|
|
||||||
echo "Documents: https://docs.podman.io"
|
|
||||||
echo "Twitter: @Podman_io"
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
//###
|
||||||
|
// ASCII art by the incomparable Máirín Duffy,
|
||||||
|
// duffy@redhat.com, Twitter: @mairin
|
||||||
|
// January 2022
|
||||||
|
//###
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
|
int main() {
|
||||||
|
puts("\
|
||||||
|
!... Hello Podman World ...!\n\
|
||||||
|
\n\
|
||||||
|
.--\"--. \n\
|
||||||
|
/ - - \\ \n\
|
||||||
|
/ (O) (O) \\ \n\
|
||||||
|
~~~| -=(,Y,)=- | \n\
|
||||||
|
.---. /` \\ |~~ \n\
|
||||||
|
~/ o o \\~~~~.----. ~~ \n\
|
||||||
|
| =(X)= |~ / (O (O) \\ \n\
|
||||||
|
~~~~~~~ ~| =(Y_)=- | \n\
|
||||||
|
~~~~ ~~~| U |~~ \n\
|
||||||
|
\n\
|
||||||
|
Project: https://github.com/containers/podman\n\
|
||||||
|
Website: https://podman.io\n\
|
||||||
|
Documents: https://docs.podman.io\n\
|
||||||
|
Twitter: @Podman_io");
|
||||||
|
}
|
Loading…
Reference in New Issue