alias docker=podman), but has more capabilities.docker group virtually has root rights; not so with Podman.Ressources:
Install Podman (on Arch Linux):
# pacman -S podman buildah skopeo fuse-overlayfs slirp4netns
Allow unprivileged users to run containers:
# sysctl kernel.unprivileged_userns_clone=1
Set subuid and subgid for user to run containers (e.g. patrick):
# touch /etc/subuid /etc/subgid # chmod 644 /etc/subuid /etc/subgid # usermod --add-subuids 100000-165535 --add-subgids 100000-165535 patrick
Propagate changes to Podman:
$ podman system migrate
Test using the alpine container:
$ podman run -it docker.io/alpine
Build an image:
$ podman build . -t whatever
Run a container (which exposes port 8080):
$ podman run -p 8080:8080 --name whatever whatever
Generate a systemd unit:
$ podman generate systemd --name whatever
Save the output as a unit file:
$ podman generate systemd --name whatever --new --files ./container-whatever.service
Copy the unit file to user’s systemd config folder:
$ mv container-whatever.service ~/.config/systemd/user/
Reload the daemon, and start container using systemd unit:
$ systemctl --user daemon-reload $ systemctl --user enable --now container-whatever.service $ systemctl --user restart container-whatever.service
Figure out the standard gateway of a network:
podman network inspect [network] --format '{{ (index .Subnets 0).Gateway }}'