Today we are going to learn that how we can run Docker containers using Podman and Libpod. Without going in detail about podman and libpod we will cover the practical aspects to see how they work actually. You can search from Google or any search engine about Podman and Libpod. Moreover we’ve described a little bit about Podman in our previous tutorial. But here we will introduce the necessary things shortly.
Docker CLI working
Docker CLI operates as a client/server to communicate with the Docker engine upon creation of operations of a container. But it will raise issues when you have to start the Docker daemon before accessing Docekr CLI live. After it CLI sends API call to the Docker Engine to launch Open Contianer Initiative (OCI) runtime.
Difference between Docker and Podman
One of the main difference between Docker and Podman is that there is no daemon in the Podman. Upon applying any cgroup constraints you apply on the podman command containers will recieve those constraints directly. Moreover, advanced features of systemd can be utilized using this model.
Libpod
Libpod provides the library for those applications which are looking to use the Container Pod concept. It is also refereed as the Home of Podman.
So now lets proceed further
Step 1: Managing Container Images
Type the below command to download the container Images using Podman
$ podman pull ubuntu
$ podman pull centos
$ podman pull centos:8
Run the below command to list the downloaded images
$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/ubuntu latest 3556258649b2 2 weeks ago 66.6 MB
docker.io/library/alpine latest b7b28af77ffe 3 weeks ago 5.85 MB
docker.io/library/debian latest 00bf7fdd8baf 4 weeks ago 119 MB
docker.io/library/centos latest 9f38484d220f 4 months ago 209 MB
Follow the below syntax to remove the images
$ podman rmi <Type your Container Image ID here>
$ podman rmi 00bf7fdd8baf
00bf7fdd8baf2ba6f0918e1f48415b2a4a1a616806e7cf32527a749dd2ce4b2c
$ podman rmi docker.io/library/ubuntu
3556258649b2ef23a41812be17377d32f568ed9f45150a26466d2ea26d926c32
Tagging Image
Check out the tag by running podman images command
podman tag <Image ID> webserver
Step 2: Running Containers with Podman
Let’s print a message using simple container
[sabi@localhost ~]$ podman run --rm centos /bin /echo/ "Osradar"
Osradar
Use -d option to run the container in background
podman run -dt -p 8080:8080/tcp -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \
-e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \
-e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \
registry.fedoraproject.org/f29/httpd /usr/bin/run-httpd
It will return the contianer ID:
Trying to pull registry.fedoraproject.org/f29/httpd…Getting image source signatures
Copying blob d77ff9f653ce done
Copying blob aaf5ad2e1aa3 done
Copying blob 7692efc5f81c done
Copying config 25c76f9dcd done
Writing manifest to image destination
Storing signatures
d2cdf0efb0ddc6e2ae52a5a0bdadababa6ee6cc2e1e49145c92a0474b089b664
To List the running containers, use the below command
$ podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d2cdf0efb0dd registry.fedoraproject.org/f29/httpd:latest container-entrypo… 4 minutes ago Up 4 minutes ago 0.0.0.0:8080->8080/tcp cranky_borg
To include stopped / exited containers, use:
$ podman ps --all
For accessing a container shell use the option -it
podman run -it ubuntu bash
root@d273c12899cd:/#
root@d273c12899cd:/# apt update
Get:1 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Get:2 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:3 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [717 kB]
Get:4 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:5 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages [535 kB]
Get:6 http://archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
Step 3: Searching in Podman
podman search httpd
Inspect Containers
It will display the some basic info on containers & images identified by name or ID
podman inspect <image id>
For help run the below command
podman inspect --help
Step 4: Removing Containers
To remove the containers, list all running containers.
podman ps -a
Now type the command podman rm with the ID of container image to remove it.
podman rm <image id>
For removing all containers, type the following command.
Note it will remove all containers running and stopped.
podman rm $(podman ps -a -q)
Step 5: View the container’s logs
Here we will view the containers logs in different ways
View by latest category
podman logs --latest
View by mentioning container ID:
podman p
podman logs <image id>
For attaining real-time, use the below command
podman logs -f
podman logs --follow=true --since 10m Container ID
You can also specify the number of lines in logs:
podman logs --tail 10
Step 6: View the container’s pids
Type podman top to view container pids.
podman top <image id>
Output:
$ podman top d2cdf0efb0dd
USER PID PPID %CPU ELAPSED TTY TIME COMMAND
default 1 0 0.000 29m22.496484247s pts/0 0s httpd -D FOREGROUND
default 22 1 0.000 29m21.496767511s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default 23 1 0.000 29m21.496866314s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default 24 1 0.000 29m21.497020539s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default 25 1 0.000 29m21.497127237s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat
default 26 1 0.000 29m21.49723933s pts/0 0s httpd -D FOREGROUND
default 27 1 0.000 29m21.497361006s pts/0 0s httpd -D FOREGROUND
default 28 1 0.000 29m21.497459891s pts/0 0s httpd -D FOREGROUND
default 29 1 0.000 29m21.497552695s pts/0 0s httpd -D FOREGROUND
Step 7: Checkpointing the container
Checkpointing a container stops the container while writing the state of all processes in the container to disk. To do this you’ll requires CRIU 3.11 or later installed on the system.
See CRIU Installation guide here.
podman container checkpoint <container id>
Example:
podman container checkpoint d1hf0dbf0dd
It can later be restored and continue running exactly at the same point in time as the checkpoint.
podman container restore <container id>
Step 8: Migrate Container
Migrating the container contains 3 steps.
In first step, checkpoint the container on the source system.
podman container checkpoint <container id> -e /tmp/checkpoint.tar.gz
In Second Step copy it to the destination server.
scp /tmp/checkpoint.tar.gz :/tmp
Last step involve the restoration on the destination system.
Step 9: Manage Container pods with Podman
Podman pods are similar to the Kubernetes concept of Pods.
You can expose most of the interaction with pods through the podman pod command.
podman pod --help
Create a pod called web
podman pod create --name web
Below will creates a pod without the extra attributes available on:
podman pod create --help
Make sure pod is created
podman pod list
By default, the created pod will have a container called infra. The infra container holds the namespace associated with the pod to allow podman to connect to the containers to the pod. It is in sleep mode by default.
podman ps -a --pod
After creating pod, we can add a container to it.
podman run -dt --pod web alpine:latest top
You’ll see that the pod has two containers.
podman ps -a --pod
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES POD
36ccace2d653 docker.io/library/alpine:latest top About a minute ago Up About a minute ago zen_hugle 0f565b11e9cb
44cca777d12f k8s.gcr.io/pause:3.1 28 minutes ago Up 28 minutes ago 0f565b11e9cb-infra 0f565b11e9cb
You can also expose a port to the created container with root privileges.
sudo podman pod create -p 8080:80 --name web1
sudo podman run -dt --pod web1 -p 8080 nginx:latest
You need to publish as many port as will be used during the pod creation. This can't be changed after the creation.
So this is how we can run Docker Container using podman and libpod.
