(Last Updated On: June 16, 2019)

Background check

If you are familiar with containers, you must have heard of Docker and maybe Kubernetes (the orchestrator). Here comes Podman which brings innovation to container tools in the spirit of Unix commands which do “one thing” well. If you have used Docker before, Podman offers a similar experience as the Docker CLI.

How Docker CLI Works

The Docker CLI is a client/server operation and the Docker CLI communicates with the Docker engine when it wants to create or manipulate the operations of a container. This client/server architecture can lead into problems in production because one, you have to start the Docker daemon before Docker CLI comes alive. The Docker CLI then sends an API call to the Docker Engine to launch Open Container Initiative (OCI) Container runtime, in most cases runc, to start the container (projectatomic.io). What this means is that the launched containers are child processes of the Docker Engine.

What is Podman?

What then is Podman? Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System.

Docker vs Podman

The major difference between Docker and Podman is that there is no daemon in Podman. It uses container runtimes as well for example runc but the launched containers are direct descendants of the podman process. This kind of architecture has its advantages such as the following:

  • Applied Cgroups or security constraints still control the container: Whatever cgroup constraints you apply on the podman command, the containers launched will receive those same constraints directly.
  • Advanced features of systemd can be utilized using this model: This can be done by placing podman into a systemd unit file and hence achieving more.

What about Libpod?

You must have seen Libpod on the title of this guide. Libpod just provides a library for applications looking to use the Container Pod concept, popularized by Kubernetes. It allows other tools to manage pods/container (projectatomic.io). Podman is the default CLI tool for using this library. There are other two important Libraries that make Podman possible:

  • containers/storage – This library allows one to use copy-on-write (COW) file systems, required to run containers.
  • containers/image – This library that allows one to download and install OCI Based Container Images from containers registries like Docker.io, Quay, and Artifactory, as well as many others (projectatomic.io).

These two libraries were built from the ground up to support multiple independent processes to interact with the libraries at the same time. A good example is that you can be running a full Kubernetes environment with CRI-O, building container images using Buildah and managing your containers and pods with Podman at the same time (projectatomic.io). This brings the spirit of Unix commands which do “one thing” well. Such a combination of tools is not possible with Docker.

Install Podman on CentOS / Fedora / Ubuntu

Let us look at how Podman is installed in CentOS and Fedora

How To Install Podman on CentOS & Fedora

If you are on Ubuntu, please check: How to install Podman on Ubuntu

Pull image using Podman

# podman pull ubuntu
 Trying to pull registry.access.redhat.com/ubuntu:latest…Failed
 Trying to pull docker.io/ubuntu:latest…Getting image source signatures
 Copying blob sha256:6abc03819f3e00a67ed5adc1132cfec041d5f7ec3c29d5416ba0433877547b6f
  27.52 MB / 27.52 MB [=====================================================] 17s
 Copying blob sha256:05731e63f21105725a5c062a725b33a54ad8c697f9c810870c6aa3e3cd9fb6a2
  844 B / 844 B [============================================================] 0s
 Copying blob sha256:0bd67c50d6beeb55108476f72bea3b4b29a9f48832d6e045ec66b7ac4bf712a0
  164 B / 164 B [============================================================] 0s
 Copying config sha256:7698f282e5242af2b9d2291458d4e425c75b25b0008c1e058d66b717b4c06fa9
  3.27 KB / 3.27 KB [========================================================] 0s
 Writing manifest to image destination
 Storing signatures
 7698f282e5242af2b9d2291458d4e425c75b25b0008c1e058d66b717b4c06fa9

# podman images
REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
 docker.io/library/ubuntu   latest   7698f282e524   4 weeks ago   72.3 MB

Run a simple command inside your container

# podman run ubuntu /bin/echo "Computing for Geeks" 
Computing for Geeks

Searching in Podman

$ sudo podman search httpd

Run a shell in a container

# podman run -it ubuntu bash
[email protected]:/#
[email protected]:/# apt update
 Get:1 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
 Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]          
 Get:3 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [717 kB]
 Get:4 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]        
 Get:5 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [535 kB]
 Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]

# podman ps
CONTAINER ID  IMAGE                            COMMAND  CREATED         STATUS             PORTS  NAMES
 cf4267fb7a2b  docker.io/library/ubuntu:latest  bash     28 seconds ago  Up 27 seconds ago         nostalgic_archimedes

Tagging images

You can add your custom name to images to make it more intuitive and to remind you what the image does in your set up

# podman tag 7698f282e524 webserver

# podman images                    
 REPOSITORY                 TAG      IMAGE ID       CREATED       SIZE
 docker.io/library/ubuntu   latest   7698f282e524   4 weeks ago   72.3 MB
 localhost/webserver        latest   7698f282e524   4 weeks ago   72.3 MB

Removing Images

# podman rmi localhost/webserver

Inspecting Containers

# podman inspect 024a277cc474
[
    {
        "ID": "024a277cc4748ab48539c9ddea15d98c0e0bccc307506c44fbce12ec6c568dfc",
        "Created": "2019-06-14T10:58:07.764967058-04:00",
        "Path": "/bin/bash",
        "Args": [
            "/bin/bash"

Removing containers

# podman ps -a

CONTAINER ID  IMAGE                            COMMAND               CREATED        STATUS                    PORTS  NAMES
 024a277cc474  docker.io/library/ubuntu:latest  /bin/bash             3 minutes ago  Exited (0) 3 minutes ago         laughing_blackwell
 cf4267fb7a2b  docker.io/library/ubuntu:latest  bash                  4 hours ago    Exited (0) 2 hours ago           nostalgic_archimedes
 b800dd64ba11  docker.io/library/ubuntu:latest  /bin/bash             4 hours ago    Exited (0) 4 hours ago           optimistic_hypatia

# podman rm 024a277cc474
024a277cc4748ab48539c9ddea15d98c0e0bccc307506c44fbce12ec6c568dfc

To remove all containers: Do
# podman rm $(podman ps -a -q)

Conclusion

Podman shows a lot of promise in the future of Containerization. In fact, Red Hat did not just remove the Docker container engine from OpenShift. It also removed the Docker container engine, along with the docker command, from Red Hat Enterprise Linux 8 entirely. Thank you for reading through.

Reference :

Red Hat Documentation

Podman Documentation

Also Read:

How to Install and use Packer on Ubuntu

How to Setup Docker Private Registry on Ubuntu 

How to setup 3 node Kubernetes Cluster on Ubuntu 18.04 with Weave Net CNI