Podman for DevOps Beginners
Shared 12/27/2025•44 views
1. Introduction to Podman Daemonless: Podman doesn't require a daemon (like Docker). It runs containers directly as child processes. Rootless: Can run containers as non-root users, improving security. OCI Compliant: Compatible with Open Container Initiative (OCI) image format and runtime specifications. Docker Compatibility: Many Docker commands work directly with Podman. 2. Basic Commands: Images Pull an image: podman pull <image_name>[:<tag>] Example: podman pull ubuntu:latest List images: podman images podman image ls Search for images: podman search <keyword> Example: podman search nginx Remove an image: podman rmi <image_id_or_name> Build an image from a Dockerfile: podman build -t <image_name>[:<tag>] <path_to_dockerfile> Example: podman build -t myapp:v1 . 3. Basic Commands: Containers Run a container: podman run [options] <image_name> [command] [args] Example (interactive): podman run -it ubuntu bash Example (detached): podman run -d -p 8080:80 nginx List running containers: podman ps List all containers (running and stopped): podman ps -a Start a stopped container: podman start <container_id_or_name> Stop a running container: podman stop <container_id_or_name> Restart a container: podman restart <container_id_or_name> Remove a container: podman rm <container_id_or_name> Force remove: podman rm -f <container_id_or_name> View container logs: podman logs <container_id_or_name> Follow logs: podman logs -f <container_id_or_name> Execute command in a running container: podman exec -it <container_id_or_name> <command> Example: podman exec -it mynginx bash Inspect container/image details: podman inspect <id_or_name> 4. Container Run Options -d , --detach : Run container in background. -it : Interactive & TTY (for shell access). -p <host_port>:<container_port> : Publish port(s). --name <name> : Assign a name to the container. -v <host_path>:<container_path>[:<options>] : Mount a volume. --env <KEY>=<VALUE> , -e : Set environment variables. --rm : Automatically remove the container when it exits. --network <network_name_or_mode> : Connect to a network. --restart <policy> : Restart policy (e.g., always , on-failure , no ). 5. Pods Definition: A group of one or more containers that share resources (network, IPC, volumes). Similar to Kubernetes pods. Create a pod: podman pod create --name <pod_name> -p <host_port>:<container_port> Example: podman pod create --name mywebpod -p 8080:80 List pods: podman pod ps Add container to a pod: podman run --pod <pod_name> -d <image_name> Example: podman run --pod mywebpod -d nginx Stop all containers in a pod: podman pod stop <pod_id_or_name> Start all containers in a pod: podman pod start <pod_id_or_name> Remove a pod (and its containers): podman pod rm <pod_id_or_name> Force remove: podman pod rm -f <pod_id_or_name> 6. Volumes and Networks 4.1. Volumes Create a named volume: podman volume create <volume_name> List volumes: podman volume ls Mount a named volume: podman run -v <volume_name>:<container_path> <image> Example: podman run -v mydata:/data alpine sh Remove a volume: podman volume rm <volume_name> 4.2. Networks List networks: podman network ls Create a custom network: podman network create <network_name> Connect container to network: podman run --network <network_name> -d <image> Remove a network: podman network rm <network_name> 7. System & Cleanup View Podman system information: podman info Remove all stopped containers, unused images, networks, and volumes: podman system prune Accept prompt: podman system prune -f Monitor Podman events: podman events 8. Docker Compose with Podman Podman can run containers defined in `docker-compose.yaml` files using `podman-compose` (a separate Python tool). Install podman-compose: pip install podman-compose Run compose file: podman-compose up -d Stop compose services: podman-compose down 9. Rootless Podman By default, Podman often runs rootless. If not, ensure user has `subuid` and `subgid` entries in `/etc/subuid` and `/etc/subgid`. Example entry for user `devops`: devops:100000:65536 This allows Podman to allocate UIDs/GIDs within that range for rootless containers.