This project provides alpine-based podman container images and statically linked (rootless) podman binaries for linux-amd64 along with its dependencies (without systemd support):
- podman
- runc or crun
- conmon
- fuse-overlayfs and libfuse
- slirp4netns (with libslirp)
- CNI plugins: loopback, bridge, host-local, portmap
The following image tags are supported:
Tag | Description |
---|---|
latest , <VERSION> |
podman with both rootless and rootful dependencies: runc, conmon, fuse-overlayfs, slirp4netns, CNI plugins. |
minimal , <VERSION>-minimal |
podman, crun, fuse-overlayfs and conmon binaries, configured to use the host's existing namespaces (low isolation level). |
remote , <VERSION>-remote |
the podman remote binary. |
By default containers are run as user root
.
However the podman
(uid/gid 1000) user can be used instead for which also a subuid/gid mapping is configured with the image (as described within the binary installation section below).
Please note that, when running non-remote podman within a docker container, the docker container needs to be --privileged
.
Run podman in docker:
docker run --privileged -u podman:podman mgoltzsche/podman:minimal docker run alpine:latest echo hello from nested container
Within the container docker
is linked to podman
to support applications that use the docker
command.
Download the statically linked binaries of podman and its dependencies:
curl -fsSL -o podman-linux-amd64.tar.gz https://github.com/tomasky/podman-static/releases/latest/download/podman-linux-amd64.tar.gz
Verify the archive's signature (optional):
curl -fsSL -o podman-linux-amd64.tar.gz.asc https://github.com/mgoltzsche/podman-static/releases/latest/download/podman-linux-amd64.tar.gz.asc
gpg --keyserver ha.pool.sks-keyservers.net --recv-keys 0CCF102C4F95D89E583FF1D4F8B5AF50344BB503
gpg --batch --verify podman-linux-amd64.tar.gz.asc podman-linux-amd64.tar.gz
This may fail every now and then due to desync/unavailable key servers. In that case please retry.
Install the binaries and configuration on your host after you've inspected the archive:
tar -xzf podman-linux-amd64.tar.gz
sudo cp -r podman-linux-amd64/usr podman-linux-amd64/etc /
sudo apt-get install util-linux uidmap # ubuntu dist
If you have docker installed on the same host it will be broken until you remove the newly installed /usr/local/bin/runc
binary since docker is not compatible with the latest runc version provided here while podman is also compatible with the older runc version that comes with docker.
In order to run rootless containers that use multiple uids/gids you may want to set up a uid/gid mapping for your user on your host:
sudo sh -c "echo $(id -un):100000:65536 >> /etc/subuid"
sudo sh -c "echo $(id -gn):100000:65536 >> /etc/subgid"
bash rootless.bash
Please make sure you don't add the mapping multiple times.
To support applications that use the docker
command you may want to link it to podman
as follows:
sudo ln -s /usr/local/bin/podman /usr/local/bin/docker
podman run alpine:latest echo hello from podman
The default storage location depends on the user:
- For
root
storage is located at/var/lib/containers/storage
. - For unprivileged users storage is located at
~/.local/share/containers/storage
.
make
make test