Podman

From ArchWiki
Jump to navigation Jump to search

Podman is an alternative to Docker, providing a similar interface.

Installation

Install the podman package. Additionally if you want to build container images look at Buildah.

Unlike Docker, Podman doesn't require a daemon, but there is one providing an API for services like cockpit via cockpit-podman.

By default it is only possible to run Podman containers as root. See Rootless Podman to set up running containers as a non-root user.

Configuration

Configuration files for configuring how containers behave are located at /etc/containers. To configure the network bridge interface used by Podman see /etc/cni/net.d/87-podman-bridge.conflist

Rootless Podman

By default only root is allowed to run containers (or namespaces in kernelspeak).

To allow rootless operation of Podman containers, first determine which user(s) and group(s) you want to use for the containers, and then add their corresponding entries to /etc/subuid and /etc/subgid respectively.

The following example enables the podman user and group to run Podman containers (or other types of containers in that case). It allocates the UIDs/GIDs from 165536 to 169631 to the podman user and group respectively. See subuid(5) and subgid(5) for more information.

/etc/subuid
podman:165536:4096
/etc/subgid
podman:165536:4096

After this the user/group podman is able to start and run podman containers.

Images

Note: You may omit the registry prefix from the images, as Podman will automatically search for the image in all registries defined in /etc/containers/registries.conf at registries.search in the defined order. The following images will always contain the prefix, to allow for configurations without docker.io in the configuration.

Arch Linux

The following command pulls the Arch Linux x86_64 image from Docker Hub. This is a stripped down version of Arch core without network, etc.

# podman pull docker.io/archlinux

See also README.md.

For a full Arch base, clone the repo from above and build your own image.

$ git clone https://github.com/archlinux/archlinux-docker.git

Make sure that the devtools package is installed.

Edit the packages file so it only contains 'base'. Then run:

# make rootfs
# podman build -t archlinux .

Alpine Linux

Alpine Linux is a popular choice for small container images, especially for software compiled as static binaries. The following command pulls the latest Alpine Linux image from Docker Hub:

# podman pull docker.io/alpine

Alpine Linux uses the musl libc implementation instead of the glibc libc implementation used by most Linux distributions. Because Arch Linux uses glibc, there are a number of functional differences between an Arch Linux host and an Alpine Linux container that can impact the performance and correctness of software. A list of these differences is documented here.

Note that dynamically linked software built on Arch Linux (or any other system using glibc) may have bugs and performance problems when run on Alpine Linux (or any other system using a different libc). See [1], [2] and [3] for examples.

CentOS

The following command pulls the latest Centos image from Docker Hub:

# podman pull docker.io/centos

See the Docker Hub page for a full list of available tags for each CentOS release.

Debian

The following command pulls the latest Debian image from Docker Hub:

# podman pull docker.io/debian

See the Docker Hub page for a full list of available tags, including both standard and slim versions for each Debian release.

See also