This guide explains what is Podman, its features, difference between a Podman container and an image, and how to install Podman in Linux operating systems.
Table of Contents
What is Podman?
Podman, stands for POD MANager, is a command line, opensource container management utility based on libmod
library.
Podman allows you to create, develop and manage Open Container Initiative (OCI) containers and images, volumes mounted into those containers, and pods created from groups of containers.
Podman usage is same as Docker's
Podman is similar to Docker in terms of usage. Podman offers the same set of commands provided by Docker. If you're already familiar with Docker, you won't feel much difference.
Podman also has support for a REST API providing both a Docker-compatible interface as well as an improved interface exposing advanced Podman functionality.
Even though Podman provides similar interface like Docker, it has a few distinguishing differences. The two significant features are: Rootless mode and Pods.
Rootless mode
Unlike Docker, Podman does not require a daemon. It is a daemonless (rootless) container management tool.
Podman doesn't require super-user privileges to run containers. Containers can either be run as root
or in rootless mode as normal user.
When you run Podman as non-root user, it creates a user namespace inside which it acquires the root permission. This allows it to mount file systems and setup required containers. To put this in other words, Podman containers use user namespaces to set root in the container to the user running Podman.
Running rootless Podman improves security. Even if the container engine or runtime is compromised, because the attackers will not have root privileges over your system.
It also allows multiple unprivileged users to run containers on the same machine. Docker has now rootless mode support. However, Podman had this feature before Docker.
Pods
The other notable advantage of Podman is you can create group of containers. We call them as Pods. In Podman, containers can form "pods" that operate together.
Podman provides great support for managing multiple containers i.e Pods. This feature is not available in other container runtime tools.
OCI compliant images
The images created by Podman adheres to OCI standard, so the Podman images are fully compatible with other container runtime tools such as Docker.
You can publish the newly built images at Container registries such as Quay or Docker hub to share them with the world. Anyone can download them, use them, and even improve them.
Systemd ready
Podman is built with systemd in mind. Meaning - Podman can be controlled via systemd units. It also supports systemd in containers, out of the box.
Free and opensource!
Podman is a free, Linux-native tool developed by Red Hat and it should work perfectly on other Linux distributions.
Before we install Podman, let me give a you brief overview of the Images and the Containers. These two are closely related, but distinct.
Containers vs Images
An Image is the file that decides how a Container should behave, and the Container is the running or stopped stage of an Image.
You can run many Containers using the same Image. The Containers are isolated from the rest of host's files.
When we run a Container, it uses an isolated filesystem which provided by the Image. The Image consists of everything needed to run an application - all dependencies, configuration, scripts, binaries, etc.
The Image also contains other configuration for the Container, such as environment variables, a default command to run, and other metadata.
The following excerpt from the official Docker documentation provides a clear and concise explanation of Containers and Images.
The major difference between a container and an image is the top writable layer. Containers are running instances of Docker images with top writable layer. Containers run the actual applications. A container includes an application and all of its dependencies. When the container is deleted, the writable layer is also deleted. The underlying image remains unchanged
https://docs.docker.com/storage/storagedriver/#container-and-layers
You can list the locally available Images using podman images
command and the Containers using podman ps
command. We will learn more about Podman commands in our upcoming guides.
Install Podman in Linux
Podman comes pre-installed in Fedora CoreOS, Fedora Silverblue and Fedora 34. If you're using any one of these distributions, you don't need to install Podman.
Podman is packaged for many modern Linux operating systems and available in the default repositories.
To install Podman in Alpine Linux, run:
$ sudo apk add podman
Install Podman in Arch Linux, EndeavourOS and Manjaro Linux:
$ sudo pacman -S podman
Install Podman in Debian, Ubuntu, Pop_OS!:
$ sudo apt install podman
Install Podman in CentOS 8, Fedora 33 and older, RHEL 8, AlmaLinux 8 and Rocky Linux 8:
$ sudo dnf install podman
Install Podman in openSUSE:
$ sudo zypper install podman
To check the installed Podman version, run:
$ podman -v podman version 3.2.2
Read Next:
Learn Podman basics and how to get started with Podman in Linux with practical examples:
Use Podman online
If you don't have Linux or don't want to install Podman, you can use Katacoda, an online platform that provides many sandbox environments to learn about and play with different kinds of technologies.
To use Podman right from your browser without installing it on your system, go to the following link.
Conclusion
In this brief guide, we looked at what is Podman and how it differs from other container runtimes such as Docker. We also discussed what is the difference between a Container and an Image. Finally, we saw how to install Podman in various Linux distributions.
Resources: