How to install and use Podman in Fedora 34/35

Podman is a container engine that’s compatible with the OCI Containers specification. It is part of RedHat Linux, but can also be installed on other distributions. As it’s OCI-compliant, Podman can be used as a drop-in replacement for the better-known Docker runtime. Most Docker commands can be directly translated to Podman commands. Podman implements almost all the Docker CLI commands (apart from the ones related to Docker Swarm). 

Podman complements Buildah and Skopeo by offering an experience similar to the Docker command line: allowing users to run standalone (non-orchestrated) containers. And Podman doesn’t require a daemon to run containers and pods, so we can easily say goodbye to big fat daemons. There are no daemons in the background doing stuff, and this means that Podman can be integrated into system services through systemd.

In this guide we will learn how to install Podman in Fedora.

Prerequisites

To follow along, ensure that you have the following:

  • An updated Fedora Server/Workstation
  • Root access or User with sudo access
  • Access to the internet

Table of content

  1. Ensuring that the server is up to date
  2. Installing podman
  3. Command line examples
  4. Runa postgres persistent container
  5. Managing containers as system services through systemd and Podman

1. Ensuring that the server is up to date

Use this command to ensure that our server packages are updated

sudo dnf update -y

Let us ensure common packages are installed

sudo dnf install -y vim

2. Installing Podman

Podman is available in the default repositories for Fedora. Install it using this command:

sudo dnf install -y podman

This command will install Podman and also its dependencies.

That’s all. Now we can now play with Podman.

3. Command line examples

Let us explore running Rocky Linux Container using podman.

On docker we would use this command to run a rocky linux container:

docker run -it fedora:35 sh

This will fail since there is no docker command on my Fedora machine. We can replace docker with podman:

podman run -it fedora:35 sh

Let us run some commands to confirm that it is working as expected:

$ podman run -it fedora:35 sh
Resolved "fedora" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull registry.fedoraproject.org/fedora:35...
Getting image source signatures
Copying blob 791199e77b3d done
Copying config 1b52edb081 done
Writing manifest to image destination
Storing signatures
sh-5.1# whoami
root
sh-5.1# exit
exit

To check the container status use podman ps command

$ podman ps -a
CONTAINER ID  IMAGE                                 COMMAND     CREATED         STATUS                     PORTS       NAMES
cd8f63c2e3f2  registry.fedoraproject.org/fedora:35  sh          50 seconds ago  Exited (0) 17 seconds ago              musing_ishizaka

To delete the container, use podman rm:

$ podman rm cd8f63c2e3f2
cd8f63c2e3f2fe5799d619104522892fca3ada2d3a5b7e4601648ac0de20cb89

To list the images:

$ podman images
REPOSITORY                         TAG         IMAGE ID      CREATED      SIZE
registry.fedoraproject.org/fedora  35          1b52edb08181  11 days ago  159 MB

We can delete the image using the image podman image rm command:

$ podman image rm fedora
Untagged: registry.fedoraproject.org/fedora:35
Deleted: 1b52edb0818147bea39780625ec01ab46944284acf16d8bcfa4055f8a854a9f5

From the above, we can confirm that the podman commandn uses the same syntax as docker

4. Run a Postgres persistent container

Next, let us explore how we can run a persistent container. In this example, we are going to run a Postgres 14 container and mount the postgres data to a local volume so it can persist restarts. Since containers are ephimeral, data will be lost if we do not save in a local volume.

Pull docker.io/library/postgres:14.0-alpine image

$ podman pull docker.io/library/postgres:14.0-alpine
Trying to pull docker.io/library/postgres:14.0-alpine...
Getting image source signatures
Copying blob 3da258773353 done
Copying blob 5034a66b99e6 done
Copying blob 82e9eb77798b done
Copying blob a0d0a0d46f8b done
Copying blob ccd761727716 done
Copying blob c6b2245b2f36 done
Copying blob 028554d3b6cc done
Copying blob 2c7ee7bc69e8 done
Copying config 87440f4e7f done
Writing manifest to image destination
Storing signatures
87440f4e7f9e60607dc11a4f0590a1c69b3a1c075211df478e22b0c27fb263e6

Confirm images

$ podman images
REPOSITORY                  TAG          IMAGE ID      CREATED      SIZE
docker.io/library/postgres  14.0-alpine  87440f4e7f9e  2 weeks ago  198 MB

Inspect the image with

$ podman inspect <meta charset="utf-8">87440f4e7f9e

Let’s set up a folder that will handle Postgres data once we start our container:

$ mkdir -p ~/apps/postgres/data

Run it

podman run -d \
    -p 5432:5432 \
    -v ~/apps/postgres/data:/var/lib/postgresql/data \
    -e POSTGRES_PASSWORD=Sup3rSecre7 \
    -e POSTGRES_USER=citizix_user \
    -e POSTGRES_DB=citizix_db \
    docker.io/library/postgres:14.0-alpine

This is my output

$ podman run -d \
    -p 5432:5432 \
    -v ~/apps/postgres/data:/var/lib/postgresql/data \
    -e POSTGRES_PASSWORD=Sup3rSecre7 \
    -e POSTGRES_USER=citizix_user \
    -e POSTGRES_DB=citizix_db \
    docker.io/library/postgres:14.0-alpine
dc5117faeb431c021f54a60e6303707fe7b48aef199fe53b751236eaf2c08136

Check processes:

$ podman ps
CONTAINER ID  IMAGE                                   COMMAND     CREATED        STATUS            PORTS                   NAMES
dc5117faeb43  docker.io/library/postgres:14.0-alpine  postgres    9 seconds ago  Up 9 seconds ago  0.0.0.0:5432->5432/tcp  cool_hermann

Confirm the container logs with this. You can see that it is initializing the db

$ podman logs dc5117faeb43 | head
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /var/lib/postgresql/data ... ok

Let us connect to the database and do some operations

$ podman exec -it dc5117faeb43 /bin/bash
bash-5.1# psql -U citizix_user -d citizix_db;
psql (14.0)
Type "help" for help.

citizix_db=# select version();
                                                   version
--------------------------------------------------------------------------------------------------------------
 PostgreSQL 14.0 on x86_64-pc-linux-musl, compiled by gcc (Alpine 10.3.1_git20210424) 10.3.1 20210424, 64-bit
(1 row)

citizix_db=#

Next let us explore killing and removing the container. We can use podman kill to stop the container. This will stop the container, but it will still be there. Use podman ps -a&nbsp;to list. To complately remove it then podman rm -f.

$ podman kill dc5117faeb43
dc5117faeb43

$ podman ps -a
CONTAINER ID  IMAGE                                   COMMAND     CREATED        STATUS                           PORTS                   NAMES
dc5117faeb43  docker.io/library/postgres:14.0-alpine  postgres    3 minutes ago  Exited (137) About a minute ago  0.0.0.0:5432->5432/tcp  cool_hermann

$ podman rm -f dc5117faeb43
dc5117faeb431c021f54a60e6303707fe7b48aef199fe53b751236eaf2c08136

5. Managing containers as system services through systemd and Podman

We can manage podman containers through systemd. Let us create a systemd resource file for handling the postgres container we just created above.

Create a postgres podman file:

sudo vim /etc/systemd/system/postgres-podman.service

Add this content

[Unit]
Description=Custom Postgres Podman Container
After=network.target

[Service]
Type=simple
TimeoutStartSec=5m
ExecStartPre=-/usr/bin/podman rm -f postgrespodman

ExecStart=/usr/bin/podman run \
    -p 5432:5432 \
    -v /home/fedora/apps/postgres/data:/var/lib/postgresql/data \
    -e POSTGRES_PASSWORD=Sup3rSecre7 \
    -e POSTGRES_USER=citizix_user \
    -e POSTGRES_DB=citizix_db \
    docker.io/library/postgres:14.0-alpine

ExecReload=-/usr/bin/podman stop postgrespodman
ExecReload=-/usr/bin/podman rm postgrespodman
ExecStop=-/usr/bin/podman stop postgrespodman
Restart=always
RestartSec=30

[Install]

Then we can reload the systemd catalog and start the service:

sudo systemctl daemon-reload
sudo systemctl start postgres-podman

Confirm the service status

$ sudo systemctl status postgres-podman
● postgres-podman.service - Custom Postgres Podman Container
     Loaded: loaded (/etc/systemd/system/postgres-podman.service; static)
     Active: active (running) since Mon 2021-11-15 05:20:35 UTC; 5s ago
    Process: 29565 ExecStartPre=/usr/bin/podman rm -f postgrespodman (code=exited, status=1/FAILURE)
   Main PID: 29596 (podman)
      Tasks: 15 (limit: 4585)
     Memory: 262.3M
        CPU: 5.362s
     CGroup: /system.slice/postgres-podman.service
             ├─29596 /usr/bin/podman run -p 5432:5432 -e POSTGRES_PASSWORD=Sup3rSecre7 -e POSTGRES_USER=citizix_user -e POSTGRES_DB=citizix_db docker.io/library/postgres:14.0-alpine
             └─29646 storage-untar / /var/lib/containers/storage/overlay/772aeee45322a287d8cfed4d3a774519a5a1bfb20750bf46584a8f7a9713fcaf/diff

Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:82e9eb77798bd506a06a9adab733c822c718be829c54d514b5789b07c0f1c164
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:c6b2245b2f36c7d2a1e9071eeede220cca1f2e0662350115a22e7cac7f973a8c
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:ccd761727716597fddb7d24aa4d7d68b3b638897b9351ccc295aa86407bd85e6
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:5034a66b99e67db609bf6b4f82bea915e39a42e6f03d11889f7406b4de9e99da
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:a0d0a0d46f8b52473982a3c466318f479767577551a53ffc9074c9fa7035982e
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:3da258773353ad3725cb0ef73e28bd60fdd9078df3790b06b98198a86ef0424f
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:2c7ee7bc69e85f0517dccf3edfa293c2bfc147e3794ab403fda249c2e59a58ab
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:028554d3b6ccc72641ab3b2a68597bf04cdbb49e03bb977c69198fd35c098e87
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:2c7ee7bc69e85f0517dccf3edfa293c2bfc147e3794ab403fda249c2e59a58ab
Nov 15 05:20:37 fedora-client.citizix.com podman[29596]: Copying blob sha256:028554d3b6ccc72641ab3b2a68597bf04cdbb49e03bb977c69198fd35c098e87

We just set up a custom system service based on a container managed through Podman!

Conclusion

We managed to explore how to install Podman in our Rocky Linux/Centos 8 server in this guide.

comments powered by Disqus
Built with Hugo
Theme Stack designed by Jimmy