Podman: Getting Started

Your getting started guide to kickstart the Podman journey

This post is based on the video I made in TechPrimers. If you like the video format, the link for the video is here

What is Podman? How is it different from Docker?

Podman is a Daemonless Container Engine which can run OCI compatible images. It can run only on Linux machines (for now). If you have either Windows or OSX, you will have to use a Virtual Linux VM in VM Box or Hyperkit.

The major differences between Docker and podman (Pod Manager Tool) are —

• Daemoneless — This feature differentiates itself from Docker, which runs a docker daemon to execute tasks. Podman is light-weight and doesn’t require an always running instance for running containers.
• Rootless — Podman can be run as either root or non-root. We can run podman containers as non-root user and still be compliant with running containers.
• Pods — The term Pods originated from Kubernetes. Pods are a collections of containers which are run as close as possible. Podman provides this feature out of the box for running multiple containers together.

Install Podman in Linux

Based on your runtime, you can choose the steps for Podman installation from the official documentation here. I will be using an Amazon EC2 with Linux, hence i will be using the following commands:

sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_7/devel:kubic:libcontainers:stable.repo
sudo yum -y install yum-plugin-copr
sudo yum -y copr enable lsm5/container-selinux
sudo yum -y install podman

To verify if podman is installed successfully, we can check the version of the podman cli. In this case, I’m using 1.9.3 version of podman cli.

podman version
Version:            1.9.3
RemoteAPI Version:  1
Go Version:         go1.13.4
OS/Arch:            linux/amd64

If you are familiar with docker, all the commands work on the same format with podman. There is a getting-started page in the podman site as well.

Some of the most commonly used commands are listed below

podman ps
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
podman images
REPOSITORY   TAG   IMAGE ID   CREATED   SIZE

How to run Docker images with Podman?

In order to run containers, I will be using an existing Docker image which I built using Docker sometime ago. The image is present in Github Package Registry (docker.pkg.github.com) here.

To pull the image from Github Package Registry, we need to connect the podman cli with the registry

podman login docker.pkg.github.com -u MovingToWeb
Password:
Login Succeeded!

Once the login is successful, I’m going to pull the image which we require using the podman pull command

podman pull docker.pkg.github.com/techprimers/container-images/containers-demo:v2
Trying to pull docker.pkg.github.com/techprimers/container-images/containers-demo:v2...
Getting image source signatures
Copying blob f910a506b6cb done
Copying blob c2274a1a0e27 [==================================] 67.5MiB / 67.5MiB
Copying blob f1e7efdf3e83 done
Copying blob e7c96db7181b done
Copying config d0871171aa done
Writing manifest to image destination
Storing signatures
d0871171aaf802ebb4a80c6f2ec9ea6de95f957529bc89e1bae7d294a83e64a5Summary

podman images shows the downloaded images in the local cache

podman images
REPOSITORY                                                           TAG   IMAGE ID       CREATED         SIZE
docker.pkg.github.com/techprimers/container-images/containers-demo   v2    d0871171aaf8   11 months ago   125 MB

This image contains a Spring Boot package with actuators enabled in it. We can run this image as a daemon container using the below podman command

podman run -dt -p 8080:8080 containers-demo:v2
2270e63621e8b7f6db6f17c9eb3c8bfe4270ff208d95462139651b6c2532a56c
podman ps
CONTAINER ID  IMAGE                                                     COMMAND  CREATED         STATUS             PORTS                   NAMES
2270e63621e8  docker.pkg.github.com/techprimers/container-images/containers-demo:v2           11 seconds ago  Up 10 seconds ago  0.0.0.0:8080->8080/tcp  mystifying_edison

This command starts a new container and maps the port 8080 from local VM to the 8080 from the container since the spring boot app is running on 8080.

To check the logs, podman logs <CONTAINER_ID> the command will help us

podman logs 2270e63621e8
.   ____          _            __ _ _
 /\\ / ___'_ __ _ _(_)_ __  __ _ \ \ \ \
( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
 \\/  ___)| |_)| | | | | || (_| |  ) ) ) )
  '  |____| .__|_| |_|_| |_\__, | / / / /
 =========|_|==============|___/=/_/_/_/
 :: Spring Boot ::        (v2.2.0.RELEASE)
2020-09-25 12:21:21.257  INFO 1 --- [           main] c.t.c.ContainersDemoApplication          : Starting ContainersDemoApplication v0.0.1-SNAPSHOT on 2270e63621e8 with PID 1 (/containers-demo.jar started by root in /)
2020-09-25 12:21:21.261  INFO 1 --- [           main] c.t.c.ContainersDemoApplication          : No active profile set, falling back to default profiles: default
2020-09-25 12:21:24.712  INFO 1 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat initialized with port(s): 8080 (http)
2020-09-25 12:21:24.753  INFO 1 --- [           main] o.apache.catalina.core.StandardService   : Starting service [Tomcat]
2020-09-25 12:21:24.753  INFO 1 --- [           main] org.apache.catalina.core.StandardEngine  : Starting Servlet engine: [Apache Tomcat/9.0.27]
2020-09-25 12:21:24.937  INFO 1 --- [           main] o.a.c.c.C.[Tomcat].[localhost].[/]       : Initializing Spring embedded WebApplicationContext
2020-09-25 12:21:24.937  INFO 1 --- [           main] o.s.web.context.ContextLoader            : Root WebApplicationContext: initialization completed in 3533 ms
2020-09-25 12:21:26.925  INFO 1 --- [           main] o.s.s.concurrent.ThreadPoolTaskExecutor  : Initializing ExecutorService 'applicationTaskExecutor'
2020-09-25 12:21:27.474  INFO 1 --- [           main] o.s.b.a.e.web.EndpointLinksResolver      : Exposing 2 endpoint(s) beneath base path '/actuator'
2020-09-25 12:21:27.625  INFO 1 --- [           main] o.s.b.w.embedded.tomcat.TomcatWebServer  : Tomcat started on port(s): 8080 (http) with context path ''
2020-09-25 12:21:27.628  INFO 1 --- [           main] c.t.c.ContainersDemoApplication          : Started ContainersDemoApplication in 7.456 seconds (JVM running for 8.582)

Now that the application is UP and running, let’s to access the container’s actuator endpoint, we can use curl to verify the status of the application

curl http://localhost:8080/actuator/health
{"status":"UP"}

I have not covered the build part using Podman. Do try building images from a Dockerfile. They should be seamless to run with Docker since podman also follows OCI compatible image format.

Summary

In short, Podman wraps up the features of Docker for providing a light-weight container runtime which can be run as Daemonless and Rootless mode.

Let’s Podman!