Home » Articles » Linux » Here

Podman : Install Podman on Oracle Linux 8 (OL8)

Oracle Linux 8 (OL8) includes Podman, Buildah and Skopeo in the "ol8_appstream" repository, as described here. We can think of Podman as a replacement for Docker, with an almost identical syntax. This article demonstrates how to install Podman on Oracle Linux 8 (OL8).

• Assumptions
• Install Podman
• Configure Repositories (Optional)
• Configure Disk (Optional)
• Podman Commands as Non-Root User
• Comments
• Suppress Warnings
• Start/Stop

Related articles.

• Install Podman on Oracle Linux 8 (OL8)
• Docker/Container Articles

Assumptions

This article makes the following assumptions.

• You have a server (physical or virtual) with Oracle Linux 8 (OL8) installed. This is described here.
• You have a separate partition to hold the images and containers. In this article we have a separate virtual disk.

Install Podman

The installation of Podman is really simple. We don't even have to amend the default repositories.

dnf install -y podman

That's the only mandatory bit!

Because the Podman syntax is so similar to Docker, there is a package that creates the docker alias to run podman commands.

dnf install -y podman-docker

You may also want to install Buildah and Skopeo also.

dnf install -y buildah skopeo

I usually start with a cut-down VM, so I make sure I add some extra packages to handle archive files and Git.

dnf install -y dnf-utils zip unzip tar gzip git

Configure Repositories (Optional)

If you are used to using Docker and want to make Docker Hub images available, make the following change in the "/etc/containers/registries.conf" file.

# From:
[registries.search]
registries = ['container-registry.oracle.com', 'registry.access.redhat.com', 'registry.redhat.io']

# To:
[registries.search]
registries = ['docker.io', 'container-registry.oracle.com', 'registry.access.redhat.com', 'registry.redhat.io']

Configure Disk (Optional)

Docker stores images in the "/var/lib/docker" directory. Podman uses the "/var/lib/containers" directory instead. We want to mount a partition on the "/dev/sdc" device for this location.

MOUNT_POINT=/var/lib/containers
DISK_DEVICE=/dev/sdc

# New partition for the whole disk.
echo -e "n\np\n1\n\n\nw" | fdisk ${DISK_DEVICE}

# Add file system.
mkfs.xfs -f ${DISK_DEVICE}1

# Mount it using the UUID of the VirtualBox virtual disk.
UUID=`blkid -o export ${DISK_DEVICE}1 | grep UUID | grep -v PARTUUID`
mkdir ${MOUNT_POINT}
echo "${UUID}  ${MOUNT_POINT}    xfs    defaults 1 2" >> /etc/fstab
mount ${MOUNT_POINT}

Podman Commands as Non-Root User

Podman commands run as the local user, so there is no additional config needed to run Podman containers as a not-root user.

If you want to run the commands as the root user from a non-root user, do the following. In this case we want to run the Podman commands from a user called "container_user", so we add an entry in the "/etc/sudoers" file and use an alias in the user's ".bash_profile" file so we don't have to keep typing the "sudo" command.

# useradd container_user
# echo "container_user  ALL=(ALL)  NOPASSWD: /usr/bin/podman" >> /etc/sudoers
# echo "alias podman=\"sudo /usr/bin/podman\"" >> /home/container_user/.bash_profile
# su - container_user
$ podman ps
CONTAINER ID  IMAGE  COMMAND  CREATED  STATUS  PORTS  NAMES
$

You can also add an alias for Docker, as you will no doubt type it by accident a lot in the early days. I prefer this option to using the podman-docker package.

# echo "alias docker=\"sudo /usr/bin/podman\"" >> /home/container_user/.bash_profile

Comments

Podman supports most of the Docker commands and flags, so for the most part you should be able to just substitute the word "podman" for "docker". For example the following give the same result.

docker ps -a
podman ps -a

One exception to this is the way network ports are exposed. In Podman the ports for a container are hidden unless explicitly exposed by the pod that houses the containers. This will be covered in another article. You can see an example of that in the following article.

• Podman : A Basic Example of Using Podman With Dockerfiles (Oracle Database and ORDS) on Oracle Linux 8 (OL8)

Suppress Warnings

When issuing a Podman command from a non-root user you may get the following warnings.

$ podman ps
WARN[0000] The cgroupv2 manager is set to systemd but there is no systemd user session available
WARN[0000] For using systemd, you may need to login using an user session
WARN[0000] Alternatively, you can enable lingering with: `loginctl enable-linger 1001` (possibly as root)
WARN[0000] Falling back to --cgroup-manager=cgroupfs
CONTAINER ID  IMAGE       COMMAND     CREATED     STATUS      PORTS       NAMES
WARN[0000] Failed to add pause process to systemd sandbox cgroup: exec: "dbus-launch": executable file not found in $PATH
$

The easiest way to resolve this is to do the following.

mkdir -p ${HOME}/.config/containers

cat > ${HOME}/.config/containers/containers.conf <<EOF
[engine]
events_logger = "file"
cgroup_manager = "cgroupfs"
EOF

The Podman commands will now run without the warnings.

Start/Stop

When running in rootless mode, reboots can sometimes cause complications with starting containers. The most consistent approach for starting and stopping containers with a reboot is to create a service that references a set of start/stop scripts. Let's assume we have containers called "container1" and "container2", we might do something like the following.

Create a start script. Notice the clean up before we attempt to start the containers.

mkdir -p ~/scripts/

cat > ~/scripts/start_all.sh <<EOF
#!/bin/bash

# Clean up old temp files.
rm -Rf /tmp/podman-run-*
rm -Rf /tmp/containers-user-*
podman system migrate

podman start container1
podman start container2
EOF

Create a stop script.

mkdir -p ~/scripts/

cat > ~/scripts/stop_all.sh <<EOF
#!/bin/bash

podman stop container1
podman stop container2
EOF

Create a service that references the stop/start scripts. Create the service file called "/lib/systemd/system/podman.service".

[Unit]
Description=Podman Service
After=syslog.target network.target

[Service]
# systemd ignores PAM limits, so set any necessary limits in the service.
# Not really a bug, but a feature.
# https://bugzilla.redhat.com/show_bug.cgi?id=754285
LimitMEMLOCK=infinity
LimitNOFILE=65535

#Type=simple
# idle: similar to simple, the actual execution of the service binary is delayed
#       until all jobs are finished, which avoids mixing the status output with shell output of services.
RemainAfterExit=yes
User=container_user
Group=container_user
Restart=no
ExecStart=/bin/bash -c '/home/container_user/scripts/start_all.sh'
ExecStop=/bin/bash -c '/home/container_user/scripts/stop_all.sh'

[Install]
WantedBy=multi-user.target

Reload, start and enable the service.

# systemctl daemon-reload
# systemctl start podman.service
# systemctl enable podman.service

The containers will now stop and start automatically when the server is rebooted.

For more information see:

• Podman, Buildah, and Skopeo Container Tools Included
• Podman
• Welcome to Podman’s documentation!
• Buildah
• Skopeo
• Install Podman on Oracle Linux 8 (OL8)
• Docker/Container Articles

Hope this helps. Regards Tim...

Back to the Top.

Created: 2020-05-10  Updated: 2024-08-30

Contact Us

Home | Articles | Scripts | Blog | Certification | Videos | Misc | About

About Tim Hall
Copyright & Disclaimer