Podman is a daemonless container engine for developing, managing, and running Open Container Initiative (OCI) containers and container images on your Linux System. It is an open-source project that is available on most Linux platforms and resides on GitHub. Containers under the control of Podman can either be run by root or by a non-privileged user. Podman provides a docker engine compatible command interface and most of the commands can simply be used by alias docker=podman
for experience professionals on docker. However, that said, Podman is not a replacement of dockerd, docker compose and docker swarm yet. In this post, we’ll learn the basic operations with Podman as container engine.
Installing Podman
For installing or building Podman, please see the official instructions at installation instructions. Do note that like other container engines such as docker, Podman binaries are combination of many other packages such as runc, criu, etc. Here’s some of them from list (this might vary depending upon your distro and already available packages):
Packages Altered: Install protobuf-c-1.3.0-4.el8.x86_64 @rhel-8-appstream-rhui-rpms Install libnet-1.1.6-15.el8.x86_64 @rhel-8-appstream-rhui-rpms Install container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch @rhel-8-appstream-rhui-rpms Install criu-3.15-1.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install libslirp-4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 @rhel-8-appstream-rhui-rpms Install podman-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install slirp4netns-1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install containernetworking-plugins-0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install podman-catatonit-2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install runc-1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install fuse-overlayfs-1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 @rhel-8-appstream-rhui-rpms Install fuse3-3.2.1-12.el8.x86_64 @rhel-8-baseos-rhui-rpms Install fuse3-libs-3.2.1-12.el8.x86_64 @rhel-8-baseos-rhui-rpms Install libvarlink-18-3.el8.x86_64 @rhel-8-baseos-rhui-rpms Install nftables-1:0.9.3-16.el8.x86_64 @rhel-8-baseos-rhui-rpms
Verify Podman Version Installed
This can simply be verified by running podman --version
:
$ podman --version podman version 2.2.1
Searching for Help in Podman
This can simply be archived by using below commands such as: podman --help
or man podman
or podman <subcommand> --help
.
Searching, Pulling and Listing Images
We can search for OCI images using podman search
command. We can also apply some filters like --is-official
to list only official images, or limit results using --limit
, etc:
$ podman search --filter=is-official --limit 3 nginx INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/library/nginx Official build of Nginx. 14523 [OK]
To pull specific image, we need to provide its full image name:
$ podman search --filter=is-official --limit 3 nginx INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED docker.io docker.io/library/nginx Official build of Nginx. 14523 [OK] [cloud_user@f05268942b1c ~]$ podman pull docker.io/library/nginx Trying to pull docker.io/library/nginx:latest... Getting image source signatures Copying blob 19e2441aeeab done Copying blob 83500d851118 done Copying blob 45b42c59be33 done Copying blob f5a38c5f8d4e done Copying blob ec3bd7de90d7 done Copying blob 8acc495f1d91 done Copying config 35c43ace92 done Writing manifest to image destination Storing signatures 35c43ace9216212c0f0e546a65eec93fa9fc8e96b25880ee222b7ed2ca1d2151
After pulling some images, we can list all images using podman images
:
$ podman images REPOSITORY TAG IMAGE ID CREATED SIZE docker.io/library/nginx latest 35c43ace9216 2 weeks ago 137 MB
Running, Listing and Inspecting Containers
Similiar to docker, we can run containers using podman run command. Here’s for nginx to run in the detached mode:
$ podman run -d -p 8080:8080/tcp docker.io/library/nginx 53292de2c61e27638946d12ce7a700a85ae37d2126423277310f4e933e3fe205 $ podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 53292de2c61e docker.io/library/nginx nginx -g daemon o... 6 seconds ago Up 5 seconds ago 0.0.0.0:8080->8080/tcp naughty_bhabha
Again, running containers can be listed using podman ps
with optional -a (to indicate to list all previous running/exited containers as well).
To inspect container’s metadata we can use podman inspect
command along with the container id in reference:
$ podman inspect naughty_bhabha | grep -i ipaddress "IPAddress": "", $ podman inspect naughty_bhabha | grep -i port "Ports": { "HostPort": "8080" "PortBindings": { "HostPort": "8080" "PublishAllPorts": false, $ podman inspect naughty_bhabha | grep -i cpu "CpuShares": 0, "NanoCpus": 0, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "CpuCount": 0, "CpuPercent": 0,
To check container logs on stdout, we can use podman logs
command along with the container id in reference:
$ podman logs naughty_bhabha /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up
We can use podman top
command to check process id for processes running inside container:
$ podman top naughty_bhabha USER PID PPID %CPU ELAPSED TTY TIME COMMAND root 1 0 0.000 9m11.999832817s ? 0s nginx: master process nginx -g daemon off; nginx 30 1 0.000 9m11.000193505s ? 0s nginx: worker process
Stopping and Removing Containers
Similar to docker, we can use podman stop
and podman rm
to stop and remove containers:
$ podman stop naughty_bhabha 53292de2c61e27638946d12ce7a700a85ae37d2126423277310f4e933e3fe205$ $ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 53292de2c61e docker.io/library/nginx nginx -g daemon o... 11 minutes ago Exited (0) 8 seconds ago 0.0.0.0:8080->8080/tcp naughty_bhabha $ podman rm naughty_bhabha 53292de2c61e27638946d12ce7a700a85ae37d2126423277310f4e933e3fe205 $ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES $
Removing Images
We can remove images simply using podman rmi
command:
$ podman rmi docker.io/library/nginx Untagged: docker.io/library/nginx:latest Deleted: 35c43ace9216212c0f0e546a65eec93fa9fc8e96b25880ee222b7ed2ca1d2151 $ podman images REPOSITORY TAG IMAGE ID CREATED SIZE $
[…] had earlier discussed the basics of installing and working with Podman in our previous blog post. Alternatively, follow instructions to install podman for your specific linux […]
LikeLike