Podman

Written March 19, 2023

Similar to nerdctl, podman is also a fairly docker cli compatible alternative. podman actually works rootless by default without any extra configuration, which is pretty nice.

Removing Docker (if you have it)

# remove Docker
sudo apt autoremove docker-ce docker-ce-cli containerd.io
# remove the Docker Ubuntu repository
sudo rm /usr/share/keyrings/docker-archive-keyring.gpg /etc/apt/sources.list.d/docker.list

Install podman

If you're running Ubuntu >= 22.04, you're in luck, podman is already in the official repos.

sudo apt install podman

If you are running Ubuntu 20.04, add a 3rd party repository:

wget -q https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x$(lsb_release -is)_$(lsb_release -rs)/Release.key -O - | gpg --dearmor | sudo tee /usr/share/keyrings/devel_kubic_libcontainers_stable.gpg >/dev/null
archType="amd64"
if test "$(uname -m)" = "aarch64"
then
    archType="arm64"
fi
echo "deb [arch=${archType} signed-by=/usr/share/keyrings/devel_kubic_libcontainers_stable.gpg] http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x$(lsb_release -is)_$(lsb_release -rs)/ /" | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list >/dev/null
sudo apt update
sudo apt install podman
# test it was installed
podman --version

Configure docker hub

By default, podman does not understand repository "library/" means docker hub, so you need to create an alias:

mkdir -p ~/.config/containers
> ~/.config/containers/registries.conf cat <<EOF
unqualified-search-registries=["docker.io"]

[aliases]
"library"="docker.io/library"
EOF

Prepare your filesystem

On WSL, you need to do this extra step before the first podman process starts, otherwise you will see this warning:

WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers

sudo mount --make-rshared /

Test running a container

# check what's running
podman ps -a
# check what images are cached
podman images
# run something
podman run --name podmantest --rm library/alpine:3.17.2 cat /etc/os-release

# does networking work?
podman run -d --name nginxtest -p 8080:80 library/nginx:1.23.3-alpine
curl -I http://localhost:8080
podman rm -f nginxtest
ln -s $(which podman) ~/.local/bin/docker

I purposely did not use a bash alias because some programs are specifically looking for a binary called "docker" in the $PATH

Test building an image

>Dockerfile cat <<EOF
FROM library/alpine:3.17.2

RUN echo hello > /tmp/hello.txt
EOF
podman build -t mytestimage .
podman run --rm mytestimage cat /tmp/hello.txt

# delete all images
podman images -q | xargs podman rmi

Sources

https://podman.io/getting-started/installation.html

https://software.opensuse.org/download.html?project=devel%3Akubic%3Alibcontainers%3Astable&package=podman