Podman is a lot like Docker: a tool for running OCI containers. While it maintains backwards compatibility with Dockerfile and docker-compose syntax, it offers a lot of other benefits:
- daemonless: it can run containers without a daemon process running in the background.
- Rootless: can run containers without root privileges
- pods: can group containers into secluded pods, which share resources and network namespace
Podman has other features I haven’t explored yet, like compatibility with Kubernetes yaml file, and being able to run containers as systemd units.
Have you used podman before? What are your thoughts on it?
We are trying to use podman as a way to run Testcontainers and build images on a kubernetes cluster using Gitlab CI. Building works, but running Testcontainers doesn’t so far :(
deleted by creator
We are using the kubernetes executor. You can add additional sidecar services for your jobs, and we’re using that mechanic to run podman as a daemon. There are some gotchas I had to solve if I remember, but now it works nicely for us. Except for Testcontainers, which throws an exception when your Testcontainer is exposing ports
deleted by creator
I got it all working on self hosted kubernetes and crossplatform builds with buildah. What’s your problem exactly? For TC you need to use some env vars to configure ports in .gitlabci
Do you have a working snippet somewhere I could take a look at?
I’ll try to find it tomorrow
I’m very interested in a solution. Our current setup, where we use an external docker host for Testcontainers and Podman to build images is quite painful
Have you looked into kaniko?
Yes but imo it’s easier and nicer to integrate Podman into an existing build, for example with maven
You typically don’t use podman to build images and you would instead use something like buildah.
Doesn’t podman use buildah under the hood?
Somewhat, but just a few pieces of it. Podman build is mainly a way to be backwards compatible with the docker cli. Buildah has some more flexibility and the way it builds the images are slightly different. You can use podman to build, but it’s probably better to move to buildah for the build step as time permits.