- advantages: supposedly more secure (doesn't require root), less complex architecture.
- part of the fedora project.
- install https://podman.io/getting-started/installation
- #go https://podman.io/
- #git https://github.com/containers/podman
rootless shortcomings https://github.com/containers/podman
- there are enough that I'll probably go with a root-based setup to begin with, while learning the system.
- else when things fail I'll probably find it hard to figure out if it's due to rootless or something else.
- docker alternative.
notes on adoption
- On Debian 11, I had to install package uidmap to avoid https://github.com/containers/podman/issues/9271
Also I had to edit /etc/containers/registries.conf and set:
unqualified-search-registries = ["docker.io"]
- ...to have podman search work as per in the upstream instructions (Debian ships with ultra-safe defaults or something.)
podman run --rm -it fedora podman run --rm -it debian
Drop you into a one-off bare VM, it gets automatically cleaned up when you exit.
podman build -t agora .
Builds an 'agora' container if there is a Dockerfile in the path. If you want to force a 'clean' build, pass
--no-cache; I needed this in the Agora Dockerfile because I was using
git clone and this was failing to pull in the latest revisions.
Then to run one interactively:
podman run -it agora
Or to run one detached (server like):
podman run -dt --name agora agora
Then you can:
podman attach agora
...to attach. CTRL-P CTRL-Q to detach gracefully.
podman run -p 80:5017 --name agora -dt agora
The above requires running this as root to open up port 80 to non privileged processes:
sysctl -w net.ipv4.ip_unprivileged_port_start=80