Ask a Question

Podman: the container engine without daemon

+3 votes
186 views
in Tools by (242k points)
reopened
Podman: the container engine without daemon

1 Answer

+4 votes
by (1.6m points)
edited
 
Best answer

What is Podman?
Podman design and main functions
Podman tutorial: getting started with Podman
Install Podman on Linux
Install Podman on Windows and MacOS
How does container image management work with Podman?
image

Podman: the container engine without daemon

In recent years, container virtualization has become increasingly important. Specifically, this technology became popular with the launch of Docker in 2013 and is currently part of different tools to control namespaces (in Spanish, namespaces ). One of the most interesting solutions is Podman, which was originally conceived as a debugging tool for CRI-O, in order to facilitate working with Kubernetes groups. However, the software has quickly become a comprehensive and independent engine for container management ..

Note

The namespaces or spaces of names allow to group in a container selected elements of a code (for example, the class).

Here's what makes Podman so special, and how to get the most out of this container tool..

Index
  1. What is Podman?
  2. Podman design and main functions
  3. Podman tutorial: getting started with Podman
    1. Install Podman on Linux
    2. Install Podman on Windows and MacOS
    3. How does container image management work with Podman?

What is Podman?

Podman (short for Pod Manager ) is a container engine first released in February 2018 by American software company Red Hat , known primarily for its high-performance business solutions for different open source projects, such as Red Hat Enterprise Linux. (RHEL) or OpenStack. Building on Docker's experience, Podman was originally intended to be not a standalone engine, but rather a simple debugging tool for CRI-O, a plan that was soon rejected.

This container software is similar to Docker in many ways and uses, for example, the same command line interpreter as the industry standard. That makes it even possible to use the typical Docker commands in Podman. To do this, it is only necessary to set the alias docker = podman . So switching from Docker to Podman is usually relatively straightforward. The key innovation that Podman brings with it is that it foregoes a central daemon as the controlling instance for each of the containers. This provides the opportunity to access the various virtualized applications without root privileges ..

Note

In Unix / Linux operating systems, a daemon is a program that runs in the background and makes specific services and processes available to the user.

Podman works on all major Linux distributions , like Ubuntu, Fedora, CentOS, Debian and RHEL, as well as on Raspbian (Raspberry Pi operating system). In most cases, the engine can be installed directly from the corresponding system package configuration.

Podman design and main functions

In addition to giving up a central daemon , another of the most prominent features of Podman are the so-called pods . These pods , inspired by the concept of pods of Kubernetes are merging several containers in a namespace Common Linux share resources concrete. In this way, a wide variety of virtualized applications can be combined.

As we have already mentioned, it is possible to run the containers on the main computer as a regular user without root privileges , although within a container the processes are executed by root . Podman does this by resorting to the Linux kernel user namespaces , which assign special privileges and a user ID to processes. The fact that the containers actually run as an administrator gives the Podman virtualized environment a high standard of security.

The core of a pod is made up of so-called infra containers , which are solely responsible for the functionality of the merge. To this end, the infra containers manage and guarantee resources such as namespaces , network ports, CPU, main memory, etc. In addition, with regard to the management of pods , Podman commitment monitoring tool Conmon, stored on disk C, which controls each of the virtualized components and, among other things, ensures the logs . Also, the tool acts as an interface to the terminal of each container. As a runtime for the container, Podman uses the runC software, which is also integrated into many other solutions such as Docker or rkt.

image
A Podman pod can include many containers - in this example there are two.

Podman tutorial: getting started with Podman

Having presented the basic features of Podman, in the following tutorial we summarize the main points to start working with this container engine .

Install Podman on Linux

Podman is software for running Linux containers . In Linux distributions such as CentOS, Ubuntu or Debian it is installed quickly and easily. In most cases, the installation packages can be found directly in the package management of the respective software and installed using the typical system terminal commands.

Note

As an alternative to the native packages in the system repository, the Kubic project at opensuse.org offers different Podman installation packages for different distributions and versions.

Debian, Ubuntu, Raspbian : 

  sudo apt-get update -qq sudo apt-get -qq -y install podman

Fedora, CentOS, Amazon Linux 2, RHEL 7 : 

  sudo yum -y install podman

OpenSUSE : 

  sudo zipper install podman

Install Podman on Windows and MacOS

Podman feels right at home in Linux environments. However, you can also use this container engine on devices with Windows or MacOS operating systems. The sine qua non requirement is that you have access to a Linux installation from these devices , which can be run from a virtual machine on the host or be accessible from the network .

If you have the possibility to access this installation, you will only need a remote Podman client with which to establish an SSH connection with the Podman's backend server .

Note

Information about the SSH connection must be entered in the Podman-remote.conf configuration file . You will find detailed information about its use and installation in the Podman remote client tutorial on GitHub.

How does container image management work with Podman?

When it comes to features and syntax, Podman is based on Docker. Therefore, by configuring the desired container, you can access the large library of ready-to-use Docker images, also known as the Docker Hub. With the help of the pull command you can download the images of the applications you want, such as the latest version of Ubuntu : 

  podman pull hub.docker.com/_/ubuntu:latest

The official storage path for each of the images is the local path /.local/share/containers/, where each user has their own namespace. Thus, the configuration of the container itself, for example, is separate from the root configuration. With the following command you will get an overview of the images saved on the local hard drive: 

  podman images

If what you want is a list of root images , you will have to type the typical Linux command sudo : 

  sudo podman images
...