Podman build
podman build . -t=image1
podman run -d --name=container1 image1
Then podman build . -t=image1 and podman run -d --name=container1 image1 to start it detached.
Containerfile
FROM docker.io/library/ubuntu:22.04
# show backtraces
ENV RUST_BACKTRACE 1
# install tools and dependencies
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates && \
# apt cleanup
apt-get autoremove -y && \
apt-get clean && \
find /var/lib/apt/lists/ -type f -not -name lock -delete; \
# add user and link ~/.local/share/polkadot to /data
useradd -m -u 1000 -U -s /bin/sh -d /polkadot polkadot && \
mkdir -p /data /polkadot/.local/share && \
chown -R polkadot:polkadot /data && \
ln -s /data /polkadot/.local/share/node-template
USER polkadot
# copy the compiled binary to the container
COPY --chown=polkadot:polkadot --chmod=774 target/release/node-template /usr/bin/node-template
# check if executable works in this container
RUN /usr/bin/node-template --version
# ws_port
EXPOSE 9930 9333 9944 30333 30334
CMD ["/usr/bin/node-template"]
Breakdown of file
Here is a breakdown of the Dockerfile:
FROM docker.io/library/ubuntu:22.04
: This line specifies the base image to use for the container. In this case, it is using the Ubuntu 22.04 image from the official Docker library.ENV RUST_BACKTRACE 1
: This line sets an environment variableRUST_BACKTRACE
to1
inside the container. This variable controls whether Rust programs print a backtrace on panic.RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends ca-certificates
: This line runs a command inside the container to update the package repository and install theca-certificates
package. TheDEBIAN_FRONTEND=noninteractive
option tellsapt-get
to run in non-interactive mode, which means that it will not prompt the user for input during the installation process.apt-get autoremove -y && apt-get clean && find /var/lib/apt/lists/ -type f -not -name lock -delete
: These lines perform some cleanup tasks after the package installation. Theapt-get autoremove -y
command removes any packages that were automatically installed as dependencies but are no longer needed. Theapt-get clean
command removes the package cache, and thefind
command deletes any leftover package list files.useradd -m -u 1000 -U -s /bin/sh -d /polkadot polkadot
: This line creates a new user account inside the container with the usernamepolkadot
. The-m
option creates a home directory for the user, the-u 1000
option sets the user ID to 1000, the-U
option creates a group with the same name as the user, the-s /bin/sh
option sets the default shell to/bin/sh
, and the-d /polkadot
option sets the home directory to/polkadot
.mkdir -p /data /polkadot/.local/share && chown -R polkadot:polkadot /data && ln -s /data /polkadot/.local/share/node-template
: These lines create some directories and set up the permissions for thepolkadot
user. Themkdir -p
command creates the/data
and/polkadot/.local/share
directories, thechown -R
command changes the ownership of the/data
directory to thepolkadot
user, and theln -s
command creates a symbolic link from/data
to/polkadot/.local/share/node-template
.USER polkadot
: This line sets the user inside the container to thepolkadot
user that was created earlier. This means that any subsequent commands in the Dockerfile will be executed as thepolkadot
user.COPY --chown=polkadot:polkadot --chmod=774 node-template /usr/bin/node-template
: This line copies thenode-template
binary from the host machine into the container and sets the ownership and permissions for the file. The--chown
option sets the ownership of the file to thepolkadot
user and group, and the--chmod
option sets the permissions to774
, which means that the owner and group have read, write, and execute permissions, and others have only read and execute permissions.RUN /usr/bin/node-template --version
: This line runs thenode-template
binary inside the container to check if it is working correctly. The--version
option prints the version of the binary.EXPOSE 9930 9333 9944 30333 30334
: This line exposes several ports on the container. This means that the application running inside the container will be accessible on these ports.CMD ["/usr/bin/node-template"]
: This line sets the command that will be run when the container starts. In this case, it will run thenode-template
binary.