How to install Podman on CentOS 8

Share on Social Media

Learn how to install Podman on CentOS 8 with this comprehensive guide. Follow step-by-step instructions to setup Podman for efficient container management without a daemon. #centlinux #linux #docker

What is Podman?

In Red Hat Enterprise Linux (RHEL) 8, the support for Docker has been removed. Whereas, a new containerization platform libpod (Podman’s Container Management Library) has been introduced in RHEL 8. Being an upstream fork, CentOS 8 also follows the same path.

Therefore, to setup a containerization platform in CentOS 8, we have to install podman (Pod Manager tool) and relevant packages on our server. Following are the CLI tools used in this new container platform.

  • podman – Client tool for managing containers.
  • skopeo – Client tool for copying container images to/from registries.
  • buildah – Client tool for building OCI (Open Container Initiative) complaince containers.
  • runc – Container runtime client for running and working with OCI format containers.

In CentOS 8 yum repository, these tools are available separately in distinct packages as well as bundled in a common module:container-tools.

The best way to install all these tools is by using the container-tools module.

In this article, we will install Podman containers on CentOS 8 and then create and run a test container using new podman tool.

Read Also: Docker Alternatives: Podman Container and Buildah in Rocky Linux 9

Podman vs Docker: Choose the Best Containerization Tool

When comparing Podman and Docker containerization tools, it’s essential to consider their architectural differences, features, and specific use cases. Here’s a detailed comparison of Podman and Docker:

Podman

Overview:

  • Daemonless Architecture: Podman operates without a central daemon. Each container runs as an individual process managed by the user.
  • Rootless Containers: Supports running containers without root privileges, enhancing security.
  • Pods: Allows grouping containers into pods, similar to Kubernetes pods, sharing the same network namespace.
  • OCI Compliance: Adheres to Open Container Initiative (OCI) standards, ensuring compatibility with other container tools.

Key Features:

  • Security: Rootless mode reduces the attack surface and improves security by limiting the scope of potential vulnerabilities.
  • Compatibility: Can run Docker container images and supports Docker CLI commands, making it easier to switch from Docker.
  • Kubernetes Integration: Concepts like pods align closely with Kubernetes, easing the transition to container orchestration platforms.

Advantages:

  • Enhanced Security: Running containers without root access and without a daemon reduces security risks.
  • Flexibility: Daemonless architecture simplifies container management and reduces potential points of failure.
  • User-Friendliness: Similar command syntax to Docker makes it easy for users to switch.

Use Cases:

  • Development and Testing: Ideal for developers needing a secure and flexible container management tool.
  • Production Environments: Suitable for environments where security and compliance are critical.
  • Kubernetes Users: Beneficial for those transitioning to Kubernetes due to similar concepts like pods.

Docker

Overview:

  • Daemon-Based Architecture: Docker relies on a central daemon (dockerd) to manage containers.
  • Comprehensive Ecosystem: Includes Docker Engine, Docker CLI, Docker Compose, and Docker Swarm for container orchestration.
  • Wide Adoption: Docker is widely used and supported in the industry, with a vast repository of images on Docker Hub.

Key Features:

  • Ease of Use: User-friendly interface and comprehensive documentation make Docker accessible to a wide range of users.
  • Advanced Features: Supports features like Docker Compose for multi-container applications and Docker Swarm for container orchestration.
  • Docker Hub: A centralized repository for finding and sharing container images.

Advantages:

  • Mature Ecosystem: Well-established ecosystem with extensive tools and resources.
  • Community and Support: Strong community support and professional services available.
  • Integration: Works seamlessly with many CI/CD pipelines and development tools.

Use Cases:

  • Single-Container Applications: Suitable for running and managing single-container applications.
  • Multi-Container Applications: Docker Compose simplifies the management of applications with multiple services.
  • Enterprise Environments: Widely adopted in enterprise settings for both development and production environments.

Summary

Podman:

  • Best For: Security-focused environments, developers needing rootless containers, and those transitioning to Kubernetes.
  • Strengths: Daemonless architecture, rootless containers, compatibility with Docker, and pod management.

Docker:

  • Best For: Users needing a comprehensive and mature container management solution with a wide range of tools and community support.
  • Strengths: Centralized daemon, extensive ecosystem, Docker Compose for multi-container applications, and Docker Hub.

Both Podman and Docker have their strengths and are suited to different use cases. Podman excels in security and flexibility with its daemon-less, rootless architecture, while Docker offers a mature, comprehensive ecosystem with extensive tools and community support. Your choice between Podman and Docker will depend on your specific requirements, security considerations, and existing infrastructure.

Linux Server Specification

We have provisioned virtual machine with minimally installed CentOS 8 with following specification.

  • CPU – 3.4 Ghz (2 cores)
  • Memory – 2 GB
  • Storage – 20 GB
  • Operating System – CentOS Linux 8.0
  • Hostname – podman-01.centlinux.com
  • IP Address – 192.168.116.206 /24

Install Podman on CentOS 8

Connect with podman-01.centlinux.com using ssh as root user.

Build dnf cache using following command.

# dnf makecache
CentOS-8 - AppStream                            2.3 kB/s | 4.3 kB     00:01
CentOS-8 - Base                                 1.7 kB/s | 3.9 kB     00:02
CentOS-8 - Extras                               649  B/s | 1.5 kB     00:02
Metadata cache created.

Install container-tools module using dnf command.

# dnf install -y @container-tools

Podman and related containerization tools has been installed on CentOS 8.

Podman Commands Usage

Check Podman version.

# podman version
Version:       1.0.5
Go Version:    go1.11.6
OS/Arch:       linux/amd64

Search for an image using podman command.

# podman search alpine --filter is-official=true
INDEX       NAME                       DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
docker.io   docker.io/library/alpine   A minimal Docker image based on Alpine Linux...   5937    [OK]

Pull an image from online registry.

# podman pull docker.io/library/alpine
Trying to pull docker.io/library/alpine...Getting image source signatures
Copying blob 63bc94deeb28: 2.65 MiB / 2.67 MiB [===============================]
Copying blob 63bc94deeb28: 2.67 MiB / 2.67 MiB [============================] 9s
Copying config c85b8f829d1f: 1.48 KiB / 1.48 KiB [==========================] 0s
Writing manifest to image destination
Storing signatures
c85b8f829d1f93a25fe91d2ce7dccf7ec723794873a77bb19623d38e926c788c

Show list of local podman images.

# podman images
REPOSITORY                 TAG      IMAGE ID       CREATED      SIZE
docker.io/library/alpine   latest   c85b8f829d1f   3 days ago   5.86 MB

Inspect the alpine Linux image for more details.

# podman inspect alpine
[
    {
        "Id": "c85b8f829d1f93a25fe91d2ce7dccf7ec723794873a77bb19623d38e926c788c",
        "Digest": "sha256:d371657a4f661a854ff050898003f4cb6c7f36d968a943c1d5cde0952bd93c80",
        "RepoTags": [
            "docker.io/library/alpine:latest"
        ],
        "RepoDigests": [
            "docker.io/library/alpine@sha256:d371657a4f661a854ff050898003f4cb6c7f36d968a943c1d5cde0952bd93c80"
        ],
        "Parent": "",
        "Comment": "",
        "Created": "2019-12-19T23:21:54.894824922Z",
        "Config": {
            "Env": [
                "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
            ],
            "Cmd": [
                "/bin/sh"
            ]
        },
        "Version": "18.06.1-ce",
        "Author": "",
        "Architecture": "amd64",
        "Os": "linux",
        "Size": 5859848,
        "VirtualSize": 5859848,
        "GraphDriver": {
            "Name": "overlay",
            "Data": {
                "MergedDir": "/var/lib/containers/storage/overlay/6bc83681f1baa18776614f386dee8811f0063fab656870291bd7751e74a830f4/merged",
                "UpperDir": "/var/lib/containers/storage/overlay/6bc83681f1baa18776614f386dee8811f0063fab656870291bd7751e74a830f4/diff",
                "WorkDir": "/var/lib/containers/storage/overlay/6bc83681f1baa18776614f386dee8811f0063fab656870291bd7751e74a830f4/work"
            }
        },
        "RootFS": {
            "Type": "layers",
            "Layers": [
                "sha256:6bc83681f1baa18776614f386dee8811f0063fab656870291bd7751e74a830f4"
            ]
        },
        "Labels": null,
        "Annotations": {},
        "ManifestType": "application/vnd.docker.distribution.manifest.v2+json",
        "User": "",
        "History": [
            {
                "created": "2019-12-19T23:21:54.731224548Z",
                "created_by": "/bin/sh -c #(nop) ADD file:c7d28fcb71c026d7956b381180e4792c8219b04904e726a9266322ef5b256df8 in / "
            },
            {
                "created": "2019-12-19T23:21:54.894824922Z",
                "created_by": "/bin/sh -c #(nop)  CMD ["/bin/sh"]",
                "empty_layer": true
            }
        ]
    }
]

Create and run a container from alpine Linux image.

# podman run -it --rm alpine /bin/sh
/ # uname -a
Linux 299572d7599a 4.18.0-80.el8.x86_64 #1 SMP Tue Jun 4 09:19:46 UTC 2019 x86_64 Linux
/ # cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.11.0
PRETTY_NAME="Alpine Linux v3.11"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"
/ # exit

Run the alpine Linux container in detach mode.

# podman run -d alpine
85dcf6ee27b2ff57b480e6a9484d96129e775b4699390735ddc3f8366dd58737

Check list of recent containers.

# podman ps -a
CONTAINER ID  IMAGE                            COMMAND  CREATED             STATUS                         PORTS  NAMES
f6cc375e3476  docker.io/library/alpine:latest  /bin/sh  6 seconds ago       Exited (0) 6 seconds ago              heuristic_montalcini
f3de35c18d7d  docker.io/library/alpine:latest  /bin/sh  About a minute ago  Exited (0) About a minute ago         stoic_goodall
85dcf6ee27b2  docker.io/library/alpine:latest  /bin/sh  6 minutes ago       Exited (0) 6 minutes ago              sad_benz

Remove a container.

# podman container rm f6cc375e3476
f6cc375e3476758431f2c7a9447b53c08fdaa0171f96bdd63212356b8eafb90c

Remove all containers.

# podman container rm $(podman ps -a -q)
f3de35c18d7d54da9f97497db78e8a4f436b885b1c79765dcc1f847af2a0661a
85dcf6ee27b2ff57b480e6a9484d96129e775b4699390735ddc3f8366dd58737

Remove an image.

# podman rmi docker.io/library/alpine
c85b8f829d1f93a25fe91d2ce7dccf7ec723794873a77bb19623d38e926c788c

If you have worked with Docker, you may have observed that the command syntax of podman is exactly same as of docker. Podman is also fully compatible with Docker images.

Here, we have only explored some of the most common commands here, if you want to learn more about containers you should read Docker in Action (PAID LINK) by Manning Publications.

Final Thoughts

Installing Podman on CentOS 8 is a straightforward process that opens up powerful container management capabilities without the need for a central daemon. By following the steps in this guide, you can quickly set up Podman and start managing your containers efficiently, taking advantage of its security features and compatibility with Docker.

If you need further assistance or personalized support with your Podman setup, don’t hesitate to reach out to me on Fiverr: DevOps Expert. I’m here to help you with all your containerization needs.

Leave a Comment