NAME¶ 名称
podman-machine-init - Initialize a new virtual machine
podman-machine-init - 初始化一个新的虚拟机
SYNOPSIS¶ 概要
podman machine init [options] [name]
podman machine init [选项] [名称]
DESCRIPTION¶ 描述
Initialize a new virtual machine for Podman.
为 Podman 初始化一个新的虚拟机
The default machine name is podman-machine-default
. If a machine name is not specified as an argument,
then the new machine will be named podman-machine-default
.
默认机器名称为 podman-machine-default
。如果未指定机器名称作为参数,则新机器将被命名为 podman-machine-default
。
Rootless only. 仅支持 Rootless。
Podman on MacOS and Windows requires a virtual machine. This is because containers are Linux -
containers do not run on any other OS because containers’ core functionality are
tied to the Linux kernel. Podman machine must be used to manage MacOS and Windows machines,
but can be optionally used on Linux.
MacOS 和 Windows 上的 Podman 需要虚拟机。这是因为容器是 Linux 容器 - 容器不在任何其他操作系统上运行,因为容器的核心功能与 Linux 内核绑定。必须使用 Podman 机器来管理 MacOS 和 Windows 机器,但在 Linux 上可以选择性地使用。
podman machine init initializes a new Linux virtual machine where containers are run.
SSH keys are automatically generated to access the VM, and system connections to the root account
and a user account inside the VM are added.
podman machine init 初始化一个新的 Linux 虚拟机,容器在其中运行。自动生成 SSH 密钥以访问虚拟机,并添加到根帐户和虚拟机内的用户帐户的系统连接。
By default, the VM distribution is Fedora CoreOS except for
WSL which is based on a custom Fedora image. While Fedora CoreOS upgrades come out every 14 days, the automatic
update mechanism Zincata is disabled by Podman machine.
默认情况下,VM 发行版是 Fedora CoreOS,除了基于自定义 Fedora 映像的 WSL。虽然 Fedora CoreOS 每 14 天发布一次升级,但 Podman machine 禁用了自动更新机制 Zincata。
To check if there is an upgrade available for your machine os, you can run the following command:
要检查您的机器操作系统是否有可用的升级,您可以运行以下命令:
$ podman machine ssh 'sudo rpm-ostree upgrade --check'
If an update is available, you can rerun the above command and remove the --check
and your operating system will
be updated. After updating, you must stop and start your machine with podman machine stop && podman machine start
for
it to take effect.
如果有更新可用,您可以重新运行上述命令并删除 --check
,您的操作系统将会更新。更新后,您必须使用 podman machine stop && podman machine start
停止并启动您的机器,以使其生效。
Note: Updating as described above can result in version mismatches between Podman on the host and Podman in the
machine. Executing podman info
should reveal versions of both. A configuration where the Podman host and machine
mismatch are unsupported.
注意:按上述描述进行更新可能导致主机上的 Podman 与机器中的 Podman 版本不匹配。执行 podman info
应该会显示两者的版本。不支持 Podman 主机和机器不匹配的配置。
For more information on updates and advanced configuration,
see the Fedora CoreOS documentation about auto-updates and update strategies.
有关更新和高级配置的更多信息,请参阅 Fedora CoreOS 文档中关于自动更新和更新策略的内容。
Fedora CoreOS upgrades come out every 14 days and are detected and installed automatically. The VM is rebooted during the upgrade.
For more information on updates and advanced configuration,
see the Fedora CoreOS documentation about auto-updates and update strategies.
Fedora CoreOS 升级每 14 天发布一次,并且会自动检测和安装。在升级期间,VM 会重新启动。有关更新和高级配置的更多信息,请参阅有关 Fedora CoreOS 自动更新和更新策略的文档。
OPTIONS¶ 选项
--cpus=number¶
Number of CPUs. CPU 数量。
--disk-size=number¶ --disk-size=number
Size of the disk for the guest VM in GiB.
客户 VM 的磁盘大小(GiB)。
--help¶ --帮助 ¶
Print usage statement. 打印使用说明。
--ignition-path¶
Fully qualified path of the ignition file.
Ignition 文件的完全限定路径。
If an ignition file is provided, the file
is copied into the user’s CONF_DIR and renamed. Additionally, no SSH keys are generated, nor are any system connections made. It is assumed that the user does these things manually or handled otherwise.
如果提供了点火文件,则将文件复制到用户的 CONF_DIR 中并重命名。此外,不会生成任何 SSH 密钥,也不会建立任何系统连接。假定用户会手动执行这些操作或以其他方式处理。
--image¶
Fully qualified registry, path, or URL to a VM image.
Registry target must be in the form of docker://registry/repo/image:version
.
完全合格的注册表、路径或 VM 镜像的 URL。注册表目标必须采用 docker://registry/repo/image:version
的形式。
--memory, -m=number¶ --memory, -m=数量 ¶
Memory (in MiB). Note: 1024MiB = 1GiB.
内存(以 MiB 为单位)。注意:1024MiB = 1GiB。
--now¶
Start the virtual machine immediately after it has been initialized.
初始化完成后立即启动虚拟机。
--rootful¶
Whether this machine prefers rootful (true
) or rootless (false
)
container execution. This option determines the remote connection default
if there is no existing remote connection configurations.
此机器是更倾向于 rootful( true
)还是 rootless( false
)容器执行。如果没有现有的远程连接配置,此选项将确定远程连接的默认设置。
API forwarding, if available, follows this setting.
如果可用,API 转发将遵循此设置。
--timezone¶
Set the timezone for the machine and containers. Valid values are local
or
a timezone
such as America/Chicago
. A value of local
, which is the default,
means to use the timezone of the machine host.
设置机器和容器的时区。有效值为 local
或 timezone
,例如 America/Chicago
。默认值为 local
,表示使用机器主机的时区。
The timezone setting is not used with WSL. WSL automatically sets the timezone to the same
as the host Windows operating system.
时区设置不适用于 WSL。WSL 会自动将时区设置为与主机 Windows 操作系统相同。
--usb=bus=number,devnum=number or vendor=hexadecimal,product=hexadecimal¶
--usb=bus=number,devnum=number 或 vendor=十六进制,product=十六进制 ¶
Assign a USB device from the host to the VM via USB passthrough.
Only supported for QEMU Machines.
通过 USB 透传将主机上的 USB 设备分配给虚拟机。仅支持 QEMU Machines。
The device needs to have proper permissions in order to be passed to the machine. This
means the device needs to be under your user group.
设备需要适当的权限才能传递给机器。这意味着设备需要在您的用户组下。
Note that using bus and device number are simpler but the values can change every boot
or when the device is unplugged.
请注意,使用总线和设备号更简单,但这些值可能在每次启动或设备拔出时发生变化。
When specifying a USB using vendor and product ID’s, if more than one device has the
same vendor and product ID, the first available device is assigned.
当使用供应商和产品 ID 指定 USB 时,如果有多个设备具有相同的供应商和产品 ID,则将分配第一个可用设备。
--user-mode-networking¶ --用户模式网络
Indicates that this machine relays traffic from the guest through a user-space
process running on the host. In some VPN configurations the VPN may drop
traffic from alternate network interfaces, including VM network devices. By
enabling user-mode networking (a setting of true
), VPNs observe all
podman machine traffic as coming from the host, bypassing the problem.
表示此计算机通过在主机上运行的用户空间进程中继承来自客户端的流量。在某些 VPN 配置中,VPN 可能会丢弃来自其他网络接口的流量,包括 VM 网络设备。通过启用用户模式网络( true
的设置),VPN 将观察所有 podman 机器流量都来自主机,从而避开问题。
When the qemu backend is used (Linux, Mac), user-mode networking is
mandatory and the only allowed value is true
. In contrast, The Windows/WSL
backend defaults to false
, and follows the standard WSL network setup.
Changing this setting to true
on Windows/WSL informs Podman to replace
the WSL networking setup on start of this machine instance with a user-mode
networking distribution. Since WSL shares the same kernel across
distributions, all other running distributions reuses this network.
Likewise, when the last machine instance with a true
setting stops, the
original networking setup is restored.
当使用 qemu 后端(Linux、Mac)时,用户模式网络是强制的,唯一允许的值是 true
。相比之下,Windows/WSL 后端默认为 false
,并遵循标准的 WSL 网络设置。将此设置更改为 true
在 Windows/WSL 上通知 Podman 在启动此机器实例时用用户模式网络分发替换 WSL 网络设置。由于 WSL 在各个发行版之间共享相同的内核,所有其他正在运行的发行版都会重用此网络。同样,当具有 true
设置的最后一个机器实例停止时,原始网络设置将被恢复。
--username¶ --用户名 ¶
Username to use for executing commands in remote VM. Default value is core
for FCOS and user
for Fedora (default on Windows hosts). Should match the one
used inside the resulting VM image.
用于在远程虚拟机中执行命令的用户名。FCOS 的默认值为 core
,Fedora 的默认值为 user
(Windows 主机上的默认值)。应与生成的虚拟机镜像中使用的用户名匹配。
--volume, -v=source:target[:options]¶
--卷, -v=源:目标[:选项] ¶
Mounts a volume from source to target.
将一个卷从源挂载到目标。
Create a mount. If /host-dir:/machine-dir is specified as the *source:target*
,
Podman mounts host-dir in the host to machine-dir in the Podman machine.
创建一个挂载点。如果将/host-dir:/machine-dir 指定为 *source:target*
,Podman 将主机上的 host-dir 挂载到 Podman 机器中的 machine-dir。
Additional options may be specified as a comma-separated string. Recognized
options are:
可以将其他选项指定为逗号分隔的字符串。已识别的选项有:
ro: mount volume read-only
ro: 挂载卷为只读rw: mount volume read/write (default)
rw: 挂载卷为读写(默认)security_model=[model]: specify 9p security model (see below)
security_model=[model]: 指定 9p 安全模型(见下文)
The 9p security model [determines] https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
if and how the 9p filesystem translates some filesystem operations before
actual storage on the host.
9p 安全模型确定了 9p 文件系统在实际存储到主机之前如何翻译一些文件系统操作。[决定] https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
In order to allow symlinks to work, on MacOS the default security model is
none.
为了使符号链接正常工作,在 MacOS 上默认的安全模型是 none。
The value of mapped-xattr specifies that 9p store symlinks and some file
attributes as extended attributes on the host. This is suitable when the host
and the guest do not need to interoperate on the shared filesystem, but has
caveats for actual shared access; notably, symlinks on the host are not usable
on the guest and vice versa. If interoperability is required, then choose
none instead, but keep in mind that the guest is not able to do things
that the user running the virtual machine cannot do, e.g. create files owned by
another user. Using none is almost certainly the best choice for read-only
volumes.
mapped-xattr 的值指定了 9p 将符号链接和一些文件属性作为扩展属性存储在主机上。当主机和客户机不需要在共享文件系统上进行互操作时,这是合适的,但对于实际的共享访问有一些注意事项;特别是,主机上的符号链接在客户机上无法使用,反之亦然。如果需要互操作性,则选择 none,但请记住客户机无法执行用户运行虚拟机的用户无法执行的操作,例如创建属于另一个用户的文件。对于只读卷,使用 none 几乎肯定是最佳选择。
Example: -v "$HOME/git:$HOME/git:ro,security_model=none"
示例: -v "$HOME/git:$HOME/git:ro,security_model=none"
Default volume mounts are defined in containers.conf. Unless changed, the default values
is $HOME:$HOME
.
默认卷挂载在 containers.conf 中定义。除非更改,默认值为 $HOME:$HOME
。
--volume-driver¶
Driver to use for mounting volumes from the host, such as virtfs
.
用于从主机挂载卷的驱动程序,例如 virtfs
。
EXAMPLES¶ 示例
Initialize the default Podman machine, pulling the content from the internet.
初始化默认的 Podman 机器,从互联网上拉取内容。
$ podman machine init
Initialize a Podman machine for the specified name pulling the content from the internet.
为指定名称初始化一个 Podman 机器,从互联网上拉取内容。
$ podman machine init myvm
Initialize the default Podman machine pulling the content from the internet defaulting to rootful mode. The default is rootless.
初始化默认的 Podman 机器,从互联网拉取内容,默认为 rootful 模式。默认为非 root 模式。
$ podman machine init --rootful
Initialize the default Podman machine overriding its disk size override, pulling the content from the internet.
初始化默认的 Podman 机器,覆盖其磁盘大小设置,从互联网拉取内容。
$ podman machine init --disk-size 50
Initialize the specified Podman machine overriding its memory size, pulling the content from the internet.
初始化指定的 Podman 机器,覆盖其内存大小设置,从互联网拉取内容。
$ podman machine init --memory=1024 myvm
Initialize the default Podman machine with the host directory /Users
mounted into the VM at /mnt/Users
.
使用主机目录 /Users
初始化默认的 Podman 虚拟机,并将其挂载到 VM 中的 /mnt/Users
。
$ podman machine init -v /Users:/mnt/Users
Initialize the default Podman machine with a usb device passthrough specified with options. Only supported for QEMU Machines.
使用指定选项初始化默认的 Podman 虚拟机,并通过 USB 设备透传进行设置。仅支持 QEMU 虚拟机。
$ podman machine init --usb vendor=13d3,product=5406
Initialize the default Podman machine with a usb device passthrough with specified with options. Only supported for QEMU Machines.
使用指定选项初始化默认的 Podman 虚拟机,并通过 USB 设备透传进行设置。仅支持 QEMU 虚拟机。
$ podman machine init --usb bus=1,devnum=3
SEE ALSO¶ 参见 ¶
podman(1), podman-machine(1)
podman(1),podman-machine(1)
HISTORY¶ 历史 ¶
March 2021, Originally compiled by Ashley Cui acui@redhat.com
2021 年 3 月,最初由 Ashley Cui acui@redhat.com 编写