Skip to content

Podman.md

Latest commit

 

History

History
221 lines (144 loc) · 3.75 KB

Podman.md

File metadata and controls

221 lines (144 loc) · 3.75 KB

Podman Cheatsheet

text

1. Introduction:

  • Podman is an open-source container engine that performs much like Docker but without the daemon dependency. It supports the Open Container Initiative (OCI) standards for both containers and container images.

2. Key Concepts:

  • Pod: A group of containers that run together and share resources, similar to a Kubernetes Pod.
  • Rootless Containers: Podman can run containers as a non-root user.
  • Docker Compatibility: Podman commands are similar to Docker, making it easy to switch between the two.

3. Installation:

  • On Fedora:

    sudo dnf install podman

  • On Ubuntu:

    sudo apt-get -y install podman

4. Basic Podman Commands:

  • Run a Container:

    podman run -dt -p 8080:80 nginx

  • List Running Containers:

    podman ps

  • Stop a Container:

    podman stop container_id

  • Remove a Container:

    podman rm container_id

  • Build an Image:

    podman build -t my-image:latest .

5. Podman vs Docker:

  • No Daemon: Podman does not rely on a central daemon; each container is an isolated process.
  • Rootless Mode: Allows running containers without root privileges, enhancing security.
  • Podman Pods: Group containers under a single network namespace.

6. Pods in Podman:

  • Create a Pod:

    podman pod create --name mypod -p 8080:80

  • Run a Container in a Pod:

    podman run -dt --pod mypod nginx

  • Inspect a Pod:

    podman pod inspect mypod

  • Stop a Pod:

    podman pod stop mypod

7. Networking:

  • Podman Network Command:

    podman network create mynetwork

  • Attaching a Container to a Network:

    podman run -dt --network mynetwork nginx

8. Storage Management:

  • Mount a Volume:

    podman run -dt -v /host/data:/container/data nginx

  • List Volumes:

    podman volume ls

  • Create a Volume:

    podman volume create myvolume

9. Rootless Containers:

  • Running Rootless:

    podman --rootless run -dt -p 8080:80 nginx

  • Inspect Rootless Mode:

    podman info --format '{{.Host.Rootless}}'

10. Podman Compose:

  • Install Podman Compose:

    pip3 install podman-compose

  • Using Docker Compose with Podman:

    podman-compose up

11. Troubleshooting Podman:

  • Check Podman Logs:

    podman logs container_id

  • Check Network Configuration:

    podman network inspect mynetwork

  • Debugging Podman Containers:

    podman exec -it container_id /bin/bash

12. Podman in CI/CD:

  • Using Podman in GitLab CI:

    image: quay.io/podman/stable

build:
  script:
    - podman build -t myimage .
    - podman push myimage registry.example.com/myimage:latest

13. Security Best Practices:

  • Run Containers as Non-Root:

    • Use rootless mode or specify a non-root user in the container.
    podman run -dt -u 1001 nginx

  • Use SELinux:

    • Enable SELinux for added security on supported systems.
    podman run -dt --security-opt label=type:container_runtime_t nginx

14. Migrating from Docker to Podman:

  • Docker Compatibility Mode:

    alias docker=podman

  • Importing Docker Images:

    podman pull docker-daemon:nginx:latest

15. Podman on Kubernetes:

  • CRI-O Integration:
    • Podman can be used with CRI-O as a runtime for Kubernetes, allowing seamless integration with Kubernetes clusters.