Install Podman and run Containers in FreeBSD 14

Podman, is short for (the POD manager). It’s an open source containerization tool, used to develop, manage and run containers. Podman was initially developed by Red Hat engineers and alongside them was the Podman community. As we all know, containers are lightweight and standalone virtual environments for applications.

Podman manages these containers using a framework called the libpod library. Podman was originally developed to offer an alternative to Docker. The alternative comes in because Podman employs a daemonless architecture. What this means is that Podman does not rely on a daemon to manage containers and perform container-related tasks. Tools such as Buildah and Skopeo, that come with Podman’s daemonless architecture, make it more secure for container management.

Install Podman on FreeBSD 14

To install Podman on FreeBSD 14, run the following command:

# pkg install vim
# pkg search podman
# pkg install podman
OR
# pkg install podman-suite

The podman-suite meta package will pull additional packages for you (buildah, skopeo).

Initial Podman Configuration

To properly support Podman’s container restart policy, conmon needs fdescfs(5) to be mounted on /dev/fd. If /dev/fd is not already mounted, run the command below:

# mount -t fdescfs fdesc /dev/fd

To mount it permanently, add the following line to /etc/fstab:

# fdesc   /dev/fd         fdescfs         rw      0       0

Enable Podman to start during boot time:

# service podman enable

Container networking relies on NAT to allow container network packets out to the host’s network. This requires a PF firewall to perform the translation. A simple example is included; to use it, run:

# cp /usr/local/etc/containers/pf.conf.sample /etc/pf.conf

Edit /etc/pf.conf and set v4egress_ifv6egress_if variables to your network interface(s)s:

# sudo vim /etc/pf.conf
##add##
v4egress_if="vtnet0"
v6egress_if="vtnet0"

Enable and start pf:

# service pf enable
pf enabled in /etc/rc.conf
# service pf start
Enabling pf.

FreeBSD 13.3 and later feature support for rerouting connections from the container host to services that are operating inside a container. To make this possible, load the PF kernel module first, then use sysctl to activate PF support for these redirections:

# echo 'pf_load="YES"' >> /boot/loader.conf
# kldload pf
# sysctl net.pf.filter_local=1
# echo 'net.pf.filter_local=1' >> /etc/sysctl.conf.local
# service pf restart

Redirection rules will only work if the destination address is localhost (e.g. 127.0.0.1 or ::1) – to enable this, the following line must be included in your /etc/pf.conf:

#  echo 'nat-anchor "cni-rdr/*"' >> /etc/pf.conf

Container images and related state is stored in /var/db/containers. It is recommended to use ZFS for this:

# zfs create -o mountpoint=/var/db/containers zroot/containers

If your system cannot use ZFS, change storage.conf to use the vfs storage driver:

# sed -I .bak -e 's/driver = "zfs"/driver = "vfs"/' /usr/local/etc/containers/storage.conf 

Incase of any errors caused due to conflict caused by the /var/db/containers/storage database, just remove it:

# sudo rm -rf /var/db/containers/storage

After configuring Podman, you should be able to run native images:

# podman images
# podman run docker.io/dougrabson/hello

Sample Output:

root@freebsd14:~ # podman run docker.io/dougrabson/hello
Trying to pull docker.io/dougrabson/hello:latest...
Getting image source signatures
Copying blob b13a5ec7f3d2 done   | 
Copying config f81c971736 done   | 
Writing manifest to image destination
!... Hello Podman World ...!

         .--"--.           
       / -     - \         
      / (O)   (O) \        
   ~~~| -=(,Y,)=- |         
    .---. /`  \   |~~      
 ~/  o  o \~~~~.----. ~~   
  | =(X)= |~  / (O (O) \   
   ~~~~~~~  ~| =(Y_)=-  |   
  ~~~~    ~~~|   U      |~~ 

Project:   https://github.com/containers/podman
Website:   https://podman.io
Documents: https://docs.podman.io
Twitter:   @Podman_io
root@freebsd14:~ # 

Download Images using Podman

To download container images using Podman in FreeBSD, you can use the podman pull command followed by the name of the image you want to download. For demonstration, we are going to install a Linux container image using the podman pull command:

Before we do that, let’s enable Linux service first:

# service linux enable
# service linux start

Now, let’s pull the Linux container image:

##for Ubuntu image
# podman pull --os=linux docker.io/library/ubuntu:latest

OR

##for centos stream 9 image##
# podman pull --os=linux quay.io/centos/centos:stream9

Check the images using:

# podman images

Sample Output:

root@freebsd14:~ # podman images
REPOSITORY                  TAG         IMAGE ID      CREATED      SIZE
quay.io/centos/centos       stream9     a77d26a65afd  4 days ago   170 MB
docker.io/library/ubuntu    latest      b1d9df8ab815  7 weeks ago  80.6 MB
docker.io/dougrabson/hello  latest      f81c971736c6  2 years ago  4.06 MB

⁠Run and Manage containers using Podman

To run a container, use the podman run command followed by the name of the image you want to run. First check the available container images using podman images:

# podman images

Now run the container. For example, to run a basic Ubuntu container: Add the [–os=linux] option when running a Linux container.

# podman run --os=linux ubuntu /usr/bin/cat "/etc/os-release"
                           OR
# podman run -it --os=linux ubuntu /bin/bash

for the centos stream image
# podman run --os=linux centos:stream9 /usr/bin/cat "/etc/os-release"
                          OR
# podman run -it --os=linux centos:stream9 /bin/bash

Sample Output:

root@freebsd14:~ # podman run -it --os=linux ubuntu /bin/bash
root@224eca33a346:/# cat /etc/os-release
PRETTY_NAME="Ubuntu 24.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.1 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo
root@224eca33a346:/# 

To list running containers, you can use the podman ps command:

# podman ps
##for all contaiers, even stopped ones##
# podman ps -a

Sample Output:

root@freebsd14:~ # podman ps -a
CONTAINER ID  IMAGE                              COMMAND               CREATED        STATUS                       PORTS       NAMES
66c3b02415be  docker.io/dougrabson/hello:latest  /usr/local/bin/po...  9 minutes ago  Exited (0) 9 minutes ago                 angry_herschel
1d7f4ada3a5b  docker.io/library/ubuntu:latest    /bin/bash             5 minutes ago  Exited (0) 4 minutes ago                 unruffled_ride
3716e6a46c5b  docker.io/library/ubuntu:latest    /usr/bin/cat /etc...  4 minutes ago  Exited (0) 4 minutes ago                 mystifying_hertz
224eca33a346  docker.io/library/ubuntu:latest    /bin/bash             3 minutes ago  Exited (127) 42 seconds ago              zealous_mcnulty
b17c4bec5651  quay.io/centos/centos:stream9      /usr/bin/cat /etc...  6 seconds ago  Exited (0) 3 seconds ago                 jolly_stonebraker
root@freebsd14:~ # 

To stop a running container, you can use the podman stop command followed by the container ID or name:

# podman stop ubuntu
# podman rm ubuntu

You can execute commands within a running container using the podman exec command followed by the container ID or name and the command you want to execute:

# podman exec -it ubuntu /bin/bash

Building an Image with Dockerfile

Most certainly, we can use a Dockerfile to build a container image with Podman. What we need to do is create a Dockerfile for building the image and then run it:

# sudo vim Dockerfile

##Edit the file as follows##
# Use the official Ubuntu base image
FROM docker.io/library/ubuntu:latest

# Set maintainer label
LABEL maintainer="Cloudspinx <[email protected]>"

# Set APT cache size
RUN echo 'APT::Cache-Start "209715200";' > /etc/apt/apt.conf.d/90cache-size

# Update packages and install a sample application (e.g., nginx)
RUN apt-get update && apt-get install -y nginx && apt-get clean

# Expose port 80
EXPOSE 80

# Start nginx when the container starts
CMD ["nginx", "-g", "daemon off;"]

We’ll save this Dockerfile in a directory and exit. Now, let’s run the command below to build our container image using Podman:

# podman build -t ubuntu-latest .

Run podman images to confirm the creation of the image:

root@freebsd14:~ # podman images
REPOSITORY                  TAG         IMAGE ID      CREATED        SIZE
localhost/ubuntu-latest     latest      dd24a6dfb16f  3 minutes ago  135 MB
quay.io/centos/centos       stream9     a77d26a65afd  6 days ago     170 MB
docker.io/library/ubuntu    latest      b1d9df8ab815  7 weeks ago    80.6 MB
docker.io/dougrabson/hello  latest      f81c971736c6  2 years ago    4.06 MB

When the build process is complete, we can run a container based on this image using the podman run command:

# podman run -it --os=linux ubuntu-latest /bin/bash

Managing Container Volumes with Podman

Why are volumes important? Say, for example, we deploy a container that uses data. Everything is going great until disaster strikes, then the container fails and takes your data down with it. To avoid such scenarios, we’d deploy those containers using volumes. 

The first thing we need to do is create a volume:

# podman volume create my_volume
##verify the creation
# podman volume ls

##for more info:
# podman volume inspect my_volume

Now that we’ve created the volume, let’s create a new index.html file before mounting it to a container. 

# cd /var/db/containers/storage/volumes/my_volume/_data
# sudo vim index.html
##Add the following
<h2>Hello there, Cloudspinx here!!</h2>

Save and close the file then deploy the container attached to the volume with the following command:

# podman run -it --name my_container -v my_volume:/path/in/container image_name
e.g
# podman run -it --name my-ubuntu -v my_volume:/home ubuntu:latest

Now, if we access the /home directory in our Ubuntu container, we can see the file we created in my-volume.

 If you ever need to delete the volume, use the command:

# podman volume rm my-volume

Explore CloudSpinx containers and containerization services.

Conclusion

Today, containers are quite common and widely used, why is this? These containers offer powerful tools for application development and deployment. Basically, you can run multiple application environments on a single system, or package application environments as images that can be run on different systems. 

Check out more articles:

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

Be the first to know when we launch! Join our waitlist now.

Join our Linux and open source community. Subscribe to our newsletter for tips, tricks, and collaboration opportunities!

Recent Post

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Post

Virtualization on the other hand is the ability to run several different virtual machines on the same physical computer. These […]

To improve your business, you’ll need to take a step back and assess what it is that you’re doing wrong. […]

PostgreSQL is one of the world’s most advanced open-source relational database systems. Since its first release, it has continued to […]

Let's Connect

Unleash the full potential of your business with CloudSpinx. Our expert solutions specialists are standing by to answer your questions and tailor a plan that perfectly aligns with your unique needs.
You will get a response from our solutions specialist within 12 hours
We understand emergencies can be stressful. For immediate assistance, chat with us now

Contact CloudSpinx today!

Download CloudSpinx Profile

Discover the full spectrum of our expertise and services by downloading our detailed Company Profile. Simply enter your first name, last name, and email address.