Reading Time: 5 minutes

What is Podman?

Podman (Pod Manager) is a tool used to develop, manage, and run containers and images. It can perform functions that support and modify container images and also retrieve and tag containers.

Podman and Docker are similar software packages. However, the key difference is that Podman doesn’t require a daemon to run containers, while Docker needs the Docker Engine daemon. Because of this, Podman requires runComplete to start containers while it is inherent to the Docker Engine daemon. Podman also uses Skopeo (container porting) and Buildah (container building) libraries to implement some functionality, but the daemon service is not used.

Running as root or non-root, Podman uses the libpod library to manage an entire container ecosystem and volume images. In the Podman libpod library, you get:

  • Support for multiple image formats, including image OCI and Docker.
  • Several ways to load images, including checking images.
  • Image and layer management.
  • Full container lifecycle management.
  • Resource isolation of containers.
  • And so much more.

Installing Podman on Ubuntu 20.04

While this article focuses on installation on Ubuntu 20.04, the Podman installation package is included in the native repositories of Ubuntu 20.10. Podman can be installed on Ubuntu 20.10, but please note installation instructions may differ between Ubuntu versions.

Installation Requirements

  • Server 4 GB RAM and 2 kernels.
  • OS Ubuntu 20.04.
  • Root user. Podman runs without root by default, but you will need root access to work with images. Use the sudo command if you are running commands and do not have root privileges.
Note:
Some installations of Ubuntu may not have the VERSION_ID variable defined, which would cause issues with the commands used in this tutorial. Use source /etc/os-release to resolve any problems that come up.


Advanced Package Tool (APT) is a command-line utility used for managing packages (installing, updating, and removing) on Ubuntu, Debian, and Linux. Use the apt update && apt upgrade -y command to perform the required system and application package updates before installation.

root@host:~# apt update && apt upgrade -y
Hit:1 http://by.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://by.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://by.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu focal-security InRelease
Reading package lists... Done         
Building dependency tree       
Reading state information... Done
All packages are up to date.
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
  libllvm10 linux-headers-5.4.0-42 linux-headers-5.4.0-42-generic linux-image-5.4.0-42-generic linux-modules-5.4.0-42-generic linux-modules-extra-5.4.0-42-generic
Use 'apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@host:~#

Add the repository to apt, which will allow you to download Podman.

root@host:~# sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
root@host:~#

Use a repository key to verify the package came from the intended source.

root@host:~# wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key -O- | sudo apt-key add -
2021-04-14 22:49:24 URL:https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04/Release.key [1093/1093] -> "-" [1]
OK
root@host:~# 

Use apt-get update to update the package list one more time.

root@host:~# apt-get update
Hit:1 http://by.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://by.archive.ubuntu.com/ubuntu focal-updates InRelease                                            
Hit:3 http://by.archive.ubuntu.com/ubuntu focal-backports InRelease                                          
Hit:4 http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_20.04  InRelease 
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease                                             
Reading package lists... Done
root@host:~#

Now, install Podman with the command apt-get install podman -y.

root@host:~# apt-get install podman -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
...

Verify the successful Podman installation by checking the version with the podman --version command.

root@host:~# podman --version
podman version 3.1.0
root@host:~#

You can also use the podman command podman info to see configuration information and the versions of various components, but the output will be lengthy.

root@host:~# podman info
host:
  arch: amd64
  buildahVersion: 1.20.0
  cgroupManager: systemd
  cgroupVersion: v1
  conmon:
    package: 'conmon: /usr/libexec/podman/conmon'
    path: /usr/libexec/podman/conmon
    version: 'conmon version 2.0.27, commit: '
  cpus: 4
  distribution:
    distribution: ubuntu
    version: "20.04"
  eventLogger: journald
  hostname: host
...
...
version:
  APIVersion: 3.1.0
  Built: 0
  BuiltTime: Thu Jan  1 03:00:00 1970
  GitCommit: ""
  GoVersion: go1.15.2
  OsArch: linux/amd64
  Version: 3.1.0

root@host:~#

Using Podman Commands

Using Podman in a terminal consists of the below chain. This is the standard sequence for most commands within a Unix system.

podman [options] [command] [argument]

The below table shows the most commonly used commands in Podman. Most are similar to Docker commands, except for some features that Docker cannot perform.

Practicing with Podman

Working with Registries in Podman

Now let's practice. Podman works with multiple container registries and allows you to search for images through a sequential list of registries. If you need to use a specific container, log into it or use the full name image.

Open the file with the below command.

root@host:~# nano /etc/containers/registries.conf
practicing-with-podman

To add the registries you wish to search, input the information below. Registries should appear within the brackets and surrounded by double quotation marks. Separated each registry by a comma.

unqualified-search-registries = ["docker.io", "quay.io", “example.registries.com”]

In the above example, if we were searching for image001, it would first search through the docker.io registry. If not found, it would move on to the quay.io registry and then example.registries.com until the image is found.

Podman Using Sudo

Now we will take a look at using Podman with Sudo. As we stated at the beginning of the article, Podman runs without root by default, but you often need root privileges to work with images. If you are using Docker images, root privileges are usually required because many containers have been developed and run in the root environment. Docker Engine 19.03 and later can be configured to run without root access.

All Podman commands used will be preceded with sudo, like in the example below.

sudo podman run hello-world

Running a Container with Podman Privileges

Root user privileges are split into units called capabilities. Linux capabilities limit root’s power by restricting the amount of enabled namespaces within the container, disabling the normal security protocols.

To initiate privileges, use one of the following commands, depending on your root-level access.

sudo podman run --privileged ...
podman run --privileged

Use the --cap-add flag instead of --privileged to give the user of the container all the capabilities within it.

sudo podman run --cap-add = all
podman run --cap-add = all

The use of --cap-add allows the user access to the container’s capabilities but does not disable normal security protocols. It is best practice not to use --privilege as a security precaution.

Conclusion

Podman has tremendous power by developing, managing, and running containers and images. We reviewed how to install Podman on Ubuntu 20.04, various Podman commands, and practiced within the terminal. Podman is a great tool for your developer or development team to utilize and improve the performance of their applications.

Learn more about Liquid Web solutions on our products page. We have a product for any project, small or large.

Avatar for Margaret Fitzgerald

About the Author: Margaret Fitzgerald

Margaret Fitzgerald previously wrote for Liquid Web.

Latest Articles

Blocking IP or whitelisting IP addresses with UFW

Read Article

CentOS Linux 7 end of life migrations

Read Article

Use ChatGPT to diagnose and resolve server issues

Read Article

What is SDDC VMware?

Read Article

Best authentication practices for email senders

Read Article