Podman is a container management tool that provides a command-line interface for managing containers. It is similar to Docker but focuses on providing a daemonless and rootless container experience. Here’s an overview of Podman for users:
Overview of Podman:
- Daemonless Architecture:
- Unlike Docker, Podman operates in a daemonless mode, which means it does not require a background daemon process to manage containers. This is beneficial for users who want a lightweight and more secure container experience.
- Rootless Containers:
- Podman allows users to run containers without requiring root privileges. This is achieved through the use of user namespaces, providing a more secure approach to container execution.
- Pod Support:
- Podman introduces the concept of pods, which are groups of one or more containers that share the same network namespace, allowing them to communicate easily. This concept is similar to Kubernetes pods.
- Compatibility with Docker:
- Podman aims to be compatible with the Docker command-line interface, making it easier for users familiar with Docker to transition to Podman seamlessly. This compatibility extends to Docker-compose files as well.
- Image Management:
- Podman supports the management of container images. Users can pull images from container registries, build custom images, and push images to registries. The images can be stored locally or on remote registries.
- Container Lifecycle:
- Users can create, start, stop, restart, and remove containers using Podman commands. The lifecycle management closely resembles Docker commands, providing familiarity to users.
- Networking:
- Podman provides networking capabilities for containers, allowing them to communicate with each other or with external networks. Users can define custom networks and connect containers to them.
- Volume Support:
- Podman supports the use of volumes for persisting data between container runs. Volumes can be mounted into containers to store and share data.
- Security Features:
- Podman includes security features such as user namespaces, seccomp, and SELinux support. These features contribute to creating more isolated and secure containers.
- Remote Container Management:
- Podman allows users to manage containers on remote systems. This is useful for scenarios where containers need to be managed on a server from a local machine.
- Extensive Documentation:
- Podman has comprehensive documentation available, providing users with detailed information on its features, commands, and best practices.
Example
Launch a container as user80 with /data01 mapped to /data01 using the latest version of the ubi8 image. Configure a systemd service to auto-start the container on system reboots without the need for user80 to log in. Create files under the shared mount point and validate data persistence.
- Create user 80 and run podman container.
Bash
adduser user80
passwd user80
# after we create user we need to relogin using ssh terminal or relogin , we cannot using su - command
podman run -id --name user-container -v /home/user80/data01:/data01:Z ubi8- Create systemd file to make this container autostart when server is reboot.
Bash
mkdir -p .config/systemd/user
podman generate systemd --new --files --name user-container
podman generate systemd --new --name user-container | tee .config/systemd/user/container-user-container.service
# we need to terminate existing container first
podman rm -f user-container
# relaod systemd
systemctl --user daemon-reload
# start service podman with systemd
systemctl --user enable --now container-user-container.service
- verify the podman is start using command
Bash
podman ps - we need to set linger on, without this command every time user logout , the container is termintaed
Bash
loginctl enable-linger user80Conclusion
We can verify all the task with rebooted the server and make sure the podman is running and all persistent data is available on /data01. I hope this information is informative for you, see you on next