Podman, is short for (the POD manager). It’s an open source containerization tool, used to develop, manage and run containers. Podman was initially developed by Red Hat engineers and alongside them was the Podman community. As we all know, containers are lightweight and standalone virtual environments for applications.
Podman manages these containers using a framework called the libpod library. Podman was originally developed to offer an alternative to Docker. The alternative comes in because Podman employs a daemonless architecture. What this means is that Podman does not rely on a daemon to manage containers and perform container-related tasks. Tools such as Buildah and Skopeo, that come with Podman’s daemonless architecture, make it more secure for container management.
Install Podman on FreeBSD 14
To install Podman on FreeBSD 14, run the following command:
# pkg install vim
# pkg search podman
# pkg install podman
OR
# pkg install podman-suiteThe podman-suite meta package will pull additional packages for you (buildah, skopeo).
Initial Podman Configuration
To properly support Podman’s container restart policy, conmon needs fdescfs(5) to be mounted on /dev/fd. If /dev/fd is not already mounted, run the command below:
# mount -t fdescfs fdesc /dev/fdTo mount it permanently, add the following line to /etc/fstab:
# fdesc /dev/fd fdescfs rw 0 0Enable Podman to start during boot time:
# service podman enableContainer networking relies on NAT to allow container network packets out to the host’s network. This requires a PF firewall to perform the translation. A simple example is included; to use it, run:
# cp /usr/local/etc/containers/pf.conf.sample /etc/pf.confEdit /etc/pf.conf and set v4egress_if, v6egress_if variables to your network interface(s)s:
# sudo vim /etc/pf.conf
##add##
v4egress_if="vtnet0"
v6egress_if="vtnet0"Enable and start pf:
# service pf enable
pf enabled in /etc/rc.conf
# service pf start
Enabling pf.FreeBSD 13.3 and later feature support for rerouting connections from the container host to services that are operating inside a container. To make this possible, load the PF kernel module first, then use sysctl to activate PF support for these redirections:
# echo 'pf_load="YES"' >> /boot/loader.conf
# kldload pf
# sysctl net.pf.filter_local=1
# echo 'net.pf.filter_local=1' >> /etc/sysctl.conf.local
# service pf restartRedirection rules will only work if the destination address is localhost (e.g. 127.0.0.1 or ::1) – to enable this, the following line must be included in your /etc/pf.conf:
# echo 'nat-anchor "cni-rdr/*"' >> /etc/pf.confContainer images and related state is stored in /var/db/containers. It is recommended to use ZFS for this:
# zfs create -o mountpoint=/var/db/containers zroot/containersIf your system cannot use ZFS, change storage.conf to use the vfs storage driver:
# sed -I .bak -e 's/driver = "zfs"/driver = "vfs"/' /usr/local/etc/containers/storage.conf Incase of any errors caused due to conflict caused by the /var/db/containers/storage database, just remove it:
# sudo rm -rf /var/db/containers/storageAfter configuring Podman, you should be able to run native images:
# podman images
# podman run docker.io/dougrabson/helloSample Output:
root@freebsd14:~ # podman run docker.io/dougrabson/hello
Trying to pull docker.io/dougrabson/hello:latest...
Getting image source signatures
Copying blob b13a5ec7f3d2 done |
Copying config f81c971736 done |
Writing manifest to image destination
!... Hello Podman World ...!
.--"--.
/ - - \
/ (O) (O) \
~~~| -=(,Y,)=- |
.---. /` \ |~~
~/ o o \~~~~.----. ~~
| =(X)= |~ / (O (O) \
~~~~~~~ ~| =(Y_)=- |
~~~~ ~~~| U |~~
Project: https://github.com/containers/podman
Website: https://podman.io
Documents: https://docs.podman.io
Twitter: @Podman_io
root@freebsd14:~ # Download Images using Podman
To download container images using Podman in FreeBSD, you can use the podman pull command followed by the name of the image you want to download. For demonstration, we are going to install a Linux container image using the podman pull command:
Before we do that, let’s enable Linux service first:
# service linux enable
# service linux startNow, let’s pull the Linux container image:
##for Ubuntu image
# podman pull --os=linux docker.io/library/ubuntu:latest
OR
##for centos stream 9 image##
# podman pull --os=linux quay.io/centos/centos:stream9Check the images using:
# podman imagesSample Output:
root@freebsd14:~ # podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
quay.io/centos/centos stream9 a77d26a65afd 4 days ago 170 MB
docker.io/library/ubuntu latest b1d9df8ab815 7 weeks ago 80.6 MB
docker.io/dougrabson/hello latest f81c971736c6 2 years ago 4.06 MBRun and Manage containers using Podman
To run a container, use the podman run command followed by the name of the image you want to run. First check the available container images using podman images:
# podman imagesNow run the container. For example, to run a basic Ubuntu container: Add the [–os=linux] option when running a Linux container.
# podman run --os=linux ubuntu /usr/bin/cat "/etc/os-release"
OR
# podman run -it --os=linux ubuntu /bin/bash
for the centos stream image
# podman run --os=linux centos:stream9 /usr/bin/cat "/etc/os-release"
OR
# podman run -it --os=linux centos:stream9 /bin/bashSample Output:
root@freebsd14:~ # podman run -it --os=linux ubuntu /bin/bash
root@224eca33a346:/# cat /etc/os-release
PRETTY_NAME="Ubuntu 24.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.1 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo
root@224eca33a346:/# To list running containers, you can use the podman ps command:
# podman ps
##for all contaiers, even stopped ones##
# podman ps -aSample Output:
root@freebsd14:~ # podman ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
66c3b02415be docker.io/dougrabson/hello:latest /usr/local/bin/po... 9 minutes ago Exited (0) 9 minutes ago angry_herschel
1d7f4ada3a5b docker.io/library/ubuntu:latest /bin/bash 5 minutes ago Exited (0) 4 minutes ago unruffled_ride
3716e6a46c5b docker.io/library/ubuntu:latest /usr/bin/cat /etc... 4 minutes ago Exited (0) 4 minutes ago mystifying_hertz
224eca33a346 docker.io/library/ubuntu:latest /bin/bash 3 minutes ago Exited (127) 42 seconds ago zealous_mcnulty
b17c4bec5651 quay.io/centos/centos:stream9 /usr/bin/cat /etc... 6 seconds ago Exited (0) 3 seconds ago jolly_stonebraker
root@freebsd14:~ # To stop a running container, you can use the podman stop command followed by the container ID or name:
# podman stop ubuntu
# podman rm ubuntuYou can execute commands within a running container using the podman exec command followed by the container ID or name and the command you want to execute:
# podman exec -it ubuntu /bin/bashBuilding an Image with Dockerfile
Most certainly, we can use a Dockerfile to build a container image with Podman. What we need to do is create a Dockerfile for building the image and then run it:
# sudo vim Dockerfile
##Edit the file as follows##
# Use the official Ubuntu base image
FROM docker.io/library/ubuntu:latest
# Set maintainer label
LABEL maintainer="Cloudspinx <[email protected]>"
# Set APT cache size
RUN echo 'APT::Cache-Start "209715200";' > /etc/apt/apt.conf.d/90cache-size
# Update packages and install a sample application (e.g., nginx)
RUN apt-get update && apt-get install -y nginx && apt-get clean
# Expose port 80
EXPOSE 80
# Start nginx when the container starts
CMD ["nginx", "-g", "daemon off;"]We’ll save this Dockerfile in a directory and exit. Now, let’s run the command below to build our container image using Podman:
# podman build -t ubuntu-latest .Run podman images to confirm the creation of the image:
root@freebsd14:~ # podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/ubuntu-latest latest dd24a6dfb16f 3 minutes ago 135 MB
quay.io/centos/centos stream9 a77d26a65afd 6 days ago 170 MB
docker.io/library/ubuntu latest b1d9df8ab815 7 weeks ago 80.6 MB
docker.io/dougrabson/hello latest f81c971736c6 2 years ago 4.06 MBWhen the build process is complete, we can run a container based on this image using the podman run command:
# podman run -it --os=linux ubuntu-latest /bin/bashManaging Container Volumes with Podman
Why are volumes important? Say, for example, we deploy a container that uses data. Everything is going great until disaster strikes, then the container fails and takes your data down with it. To avoid such scenarios, we’d deploy those containers using volumes.
The first thing we need to do is create a volume:
# podman volume create my_volume
##verify the creation
# podman volume ls
##for more info:
# podman volume inspect my_volumeNow that we’ve created the volume, let’s create a new index.html file before mounting it to a container.
# cd /var/db/containers/storage/volumes/my_volume/_data
# sudo vim index.html
##Add the following
<h2>Hello there, Cloudspinx here!!</h2>Save and close the file then deploy the container attached to the volume with the following command:
# podman run -it --name my_container -v my_volume:/path/in/container image_name
e.g
# podman run -it --name my-ubuntu -v my_volume:/home ubuntu:latestNow, if we access the /home directory in our Ubuntu container, we can see the file we created in my-volume.
If you ever need to delete the volume, use the command:
# podman volume rm my-volumeExplore CloudSpinx containers and containerization services.
Conclusion
Today, containers are quite common and widely used, why is this? These containers offer powerful tools for application development and deployment. Basically, you can run multiple application environments on a single system, or package application environments as images that can be run on different systems.
Check out more articles:
