What Should I know About The RHCSA Exam
RHCSA 8 Exam Practice Question 9
Question
As the student user, create a detached apache http web server container with the name, (site1) and with the tag that has the lowest version(1-112) from rhel8/httpd-24 image. Use the registry.redhat.io registry.
Use the username, administrator and the password, admin123
Create and mount the ~/storage/html/ directory as a persistent storage to the container as /var/www/. The content of ~/storage/html should be extracted from /tmp/image/containers.tgz
Also, Port 8080 on the container should be mapped to port 8080 on the host. Declare the environment variables, HTTPD_USER and HTTPD_PASSWORD and use admin as their values.
configure the container as a service using systemd and make the web server/container persistent across reboot.
The question is based On managing containers In The RHCSA 8 Course on this website. If you have gone through this course, solving this wouldn’t be a problem.
Answer
1. Before we can configure containers, we need the container-tools module. Verify if the container-tools module is installed.
[student@DRDEV1 ~]# sudo yum module list --installed |grep container-tools2. Install container-tools module.
[student@DRDEV1 ~]# sudo yum module install container-tools -y
Updating Subscription Management repositories.
Last metadata expiration check: 0:00:30 ago on Mon 30 Nov 2020 05:15:34 PM GMT.
Dependencies resolved.3. login to the image registry using the credentials given.
NB: see the lesson pertaining to this course to see how I was able to login.
[student@DRDEV1 ~]$ podman login registry.redhat.io
Username: administrator
Password:
Login Succeeded!
[student@DRDEV1 ~]$
4. Inspect the httpd-24 image and search for the lowest tag.
NB: Sometimes, you may be given the tag to use.
[student@DRDEV1 ~]$ skopeo inspect docker://registry.redhat.io/rhel8/httpd-24 |more
{
"Name": "registry.redhat.io/rhel8/httpd-24",
"Digest": "sha256:43b6a13d3e6674ec684ba2cdf433633cabe4963a24e00b59f32532b31bbf1ce5",
"RepoTags": [
"1-112",
"1-118",
"1-118-source",
"1-70",
"1-30.1562749848",
"1-76",
"1-52",
"1-42",
"1-30",
"1",
"1-76.1584015406",
"1-98",
"1-112.1599745027",
"1-92",
"1-104",
"1-105",
"1-60",
"1-63",
"1-92.1590691900",
"1-30.1561731107",
"1-28",
"1-25",
"1-89",
"latest"
5. download the container image from the registry.
[student@DRDEV1 ~]$ podman pull registry.redhat.io/rhel8/httpd-24:1-112
Trying to pull registry.redhat.io/rhel8/httpd-24:1-112...
Getting image source signatures
Copying blob da1cc572023a done
Copying blob c4d668e229cd done
Copying blob ec1681b6a383 done
Copying blob f32fb687aa09 done
Copying config e00cffb90b done
Writing manifest to image destination
Storing signatures
e00cffb90b6479531b8c5baa0d0ba57019c811184824246d73628079644b8ca6
Before we create the container, Let’s prepare the persistent storage that will be attached to the container.
6. verify if /home/student/storage/html exists.
[student@DRDEV1 ~]$ ls -l /home/student/storage/html
ls: cannot access '/home/student/storage/html: No such file or directory
7. make the ~/storage/html directory
[student@DRDEV1 ~]$ mkdir -p /home/student/storage/html8. Extract the content of /tmp/image/containers.tgz to ~/storage/html directory.
[student@DRDEV1 ~]$ tar xfv /tmp/image/containers.tgz -C /home/student/storage/html/
index.html
9. view the content of storage/html directory
[student@DRDEV1 ~]$ cat storage/html/index.html
###################This is a web file for your container images on storage#################
10. verify others have the read permission on the file. Other users should be able to read the file.
so make sure the directory has the read and execute permission and the file has the read permission.
[student@DRDEV1 ~]$ ls -ld storage/
drwxrwxr-x. 3 student student 18 Dec 7 17:19 storage/[student@DRDEV1 ~]$ ls -ld storage/html/index.html
-rw-rw-r--. 1 student student 92 Dec 7 17:22 storage/html/index.html11. Now, let’s create the container
[student@DRDEV1 ~]$ podman run -d --name site1 -p 8080:8080 -e HTTPD_USER=admin -e HTTPD_PASSWORD=admin -v /home/student/storage:/var/www:Z registry.redhat.io/rhel8/httpd-24:1-112
20432130c52d9c1cec9eac62f24503da8c0a271a51aba9324548a11194c7555012. Verify that the container is running.
[student@DRDEV1 ~]$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20432130c52d registry.redhat.io/rhel8/httpd-24:1-112 /usr/bin/run-http... 50 seconds ago Up 50 seconds ago 0.0.0.0:8080->8080/tcp site1
13. Verify that you can access the storage on the container with the forwarded port.
[student@DRDEV1 ~]$ curl http://localhost:8080
###################This is a web file for your container images on storage#################
Now, we need to configure the container as a systemd service
14. create the systemd directory where a user’s unit files can be defined (~/.config/systemd/user). In this case, the student user.
[student@DRDEV1 ~]$ mkdir -p /home/student/.config/systemd/user15. generate student user’s unit file so that we can make use of container as a service
NB: make sure the unit file is generated in (~/.config/systemd/user) directory.
[student@DRDEV1 ~]$ cd /home/student/.config/systemd/user/[student@DRDEV1 user]$ podman generate systemd --name site1 --files --new16. Verify that the unit file has been generated
[student@DRDEV1 user]$ ls
container-site1.service17. make the “container as a service” persistent across reboot
[student@DRDEV1 user]$ loginctl enable-lingerVerify that linger is enabled for the student user
[student@DRDEV1 user]$ loginctl show-user student
UID=1005
GID=1005
Name=student
Timestamp=Mon 2020-12-07 09:19:31 GMT
TimestampMonotonic=245042201
RuntimePath=/run/user/1005
Service=user@1005.service
Slice=user-1005.slice
Display=47
State=active
Sessions=47 4 2
IdleHint=no
IdleSinceHint=0
IdleSinceHintMonotonic=0
Linger=yes
18. so now, let’s start the container as a service
* stop the container first, and remove the archived container
[student@DRDEV1 ~]$ podman stop site1
28d99a8041ccb30fc9335af638cadb22544fcf13a6319d6086c74d3539040473
[student@DRDEV1 ~]$ podman rm site1
28d99a8041ccb30fc9335af638cadb22544fcf13a6319d6086c74d3539040473
* verify that the container has been stopped and removed
[student@DRDEV1 ~]$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES[student@DRDEV1 ~]$ podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES*start the container as a service
[student@DRDEV1 ~]$ systemctl --user daemon-reload* enable the container as a service to start across reboot.
[student@DRDEV1 ~]$ systemctl --user enable --now container-site1
Created symlink /home/student/.config/systemd/user/multi-user.target.wants/container-site1.service → /home/student/.config/systemd/user/container-site1.service.
Created symlink /home/student/.config/systemd/user/default.target.wants/container-site1.service → /home/student/.config/systemd/user/container-site1.service.
19. verify that the container has started.
[student@DRDEV1 ~]$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20432130c52d registry.redhat.io/rhel8/httpd-24:1-112 /usr/bin/run-http... About a minute ago Up About a minute ago 0.0.0.0:8080->8080/tcp site1
20. Verify the content of the container storage
[student@DRDEV1 ~]$ curl http://localhost:8080
###################This is a web file for your container images on storage#################
21. stop the container and reboot the system if you wish and verify that the container is persistent.
[root@DRDEV1 ~]# systemctl --user stop container-site1[root@DRDEV1 ~]# reboot[student@DRDEV1 ~]$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
20432130c52d registry.redhat.io/rhel8/httpd-24:1-112 /usr/bin/run-http... 12 minutes ago Up 12 minutes ago 0.0.0.0:8080->8080/tcp site1
Solution Summary
sudo yum module list –installed |grep container-tools
sudo yum module install container-tools -y
podman login registry.redhat.io
skopeo inspect docker://registry.redhat.io/rhel8/httpd-24 |more
podman pull registry.redhat.io/rhel8/httpd-24:1-112
ls -l /home/student/storage/html
mkdir -p /home/student/storage/html
tar xfv /tmp/image/containers.tgz -C /home/student/storage/html/
podman run -d –name site1 -p 8080:8080 -e HTTPD_USER=admin -e HTTPD_PASSWORD=admin -v /home/student/storage:/var/www:Z registry.redhat.io/rhel8/httpd-24:1-112
curl http://localhost:8080
mkdir -p /home/student/.config/systemd/user
cd /home/student/.config/systemd/user/
podman generate systemd –name site1 –files –new
loginctl enable-linger
systemctl –user daemon-reload
systemctl –user enable –now container-site1
You can also watch the Video on RHCSA 8 Exam Practice Question 9 by clicking the link below.
Click To Watch Video On RHCSA 8 EX200 Exam Practice Question & Answer On Managing Container In Linux
Other RHCSA 8 Exam Practice Question & Answer
Your feedback is welcomed. If you love others, you will share with others
Hello Victor\
thanks for valuable info when i run systemctl status container-ihs1.service, i am getting `unit container-ihs1.service could not be found`
any idea
Hello Victor\
I changed generated containder-ihs.service content; replaced wants line with `wants=syslog.servic` and it is working, br
That’s great. You encounter this kind of problem mostimes when you use su command to switch user to the rootless container user. your problem is similar to Mayur’s own in the comment section of this link (https://www.youtube.com/watch?v=1ZLThVl1aTw&list=PLPmshpW0EvYBFSx0RRRov9C5juxs2_k_Y&index=104)
Thanks a lot. I got your premium Questions and answers and your site has really helped me. I am preparing for my next phase which is RHCE. Do you have any package for RHCE.
Victor h ,
the question states ” Create and mount the ~/storage/html/ directory as a persistent storage to the container as /var/www/…”
And your answer states ” podman run -d –name site1 -p 8080:8080 -e HTTPD_USER=admin -e HTTPD_PASSWORD=admin -v /home/student/storage:/var/www:Z registry.redhat.io/rhel8/httpd-24:1-112 ”
Why did you not enter “/home/student/storage/html ” does this do the same…?
it can be any but i will strongly recommend “/home/student/storage/html” since that was what the question explicitly said. Nice observation though. Good one!!!
Redhat they remove docker but i see here u still use it? is not issues?
it’s not an issue.
Why adding a –new, once you stop it and you generate the service file, without the new you wont neet to remove the stopped container. Does it make any difference for the examn, as I read to take care with the new option in production environments.
Hello Pablo, can you please rephrase your question as I don’t fully understand?
actually new comment is not supported in exam environment . when we put new it show an error like new comment not found. if u ignore this command and try to execute podman generate without new then you can not start the service . how can we fix this issue.
Kindly please address this issue and provide a solution.
how will you be able to answer a question like this on the exam if there is no internet connection during the exam? you would need to be able to log on to the registry and pull the image.
how would tasks like these be asked as a question on the exam if you don’t have an internet connection during the exam?
In exam they will ask u to login in to another registry.. like lab.registry.example.com…
Hi,
I have a confusion with the persistent storage part.
The q says:
“Create and mount the ~/storage/html/ directory as a persistent storage to the container as /var/www/. The content of ~/storage/html should be extracted from /tmp/image/containers.tgz”
So from here it stands: /home/student/storage/html:/var/www
If so, when the container will look for its index.html file, it will look for: “/var/www/html/index.html”
Now if I mount as per the question (ie. /home/student/storage/html:/var/www)
then, that /var/www/html/index.html file eventually should be this file (by replacing /var/www by /home/student/storage/html): /home/student/storage/html/html/index.html, NOT /home/student/storage/html/index.html
So if I want to follow the Q exactly, I have to mount like this /home/student/storage/html:/var/www and I have to have directory/index file in host like this: /home/student/storage/html/html/index.html, with 2 html directory created.
Is my understanding correct? I have checked it; it does work only the way I explained;
Thanks and Reg
I will also recommend to add this:
after extracting archive files
1.) semanage fcontext -a -t container_file_t ‘/storage(/.*)?’
2.) restorecon -R /storage
In container I receive a problem after systemctl — user deamon reload
The output is showing as
D- bus error
you have to use ssh user directly don’t use su – user
I have a question on step 8. What is this file /tmp/image/containers.tgz I don’t have this file on my system.