I’m working through poking the RHEL8 beta with a pointy stick. In reading through the release notes, and poking around yum, I found that docker is suspiciously missing. For a company so bent on Open Containers, I thought that was pretty odd. So I started to dig a bit. Turns out, containers aren’t gone, just docker! I was a little put off by this, I’ve devoted quite a bit of time to learning docker. Well, fear not, podman to the rescue.

podman? Isn’t that a bad horror movie

Nope, Podman is a docker-comatible cli to run OCI compliant containers. That means you can run all your familiar Docker containers on podman. The real mind bender here though, is that podman doesn’t have a daemon. The docker daemon did things like, setup your host based firewall for forwarding and NAT, and auto-started your containers for you at boot time. This meant that in-between your OS and your containers was this extra layer. Podman still handles the environment setup like the docker daemon did, but it does not auto-start containers. Instead, podman containers are auto-started via systemd units. I found a nice write-up on that here.

So what’s this podman look like?

Podman’s CLI is meant to mimic docker, where it can. I did some poking about, and here’s what I’ve come up with.

Install podman

[root@rhel8-testmachine ~]# yum search podman
Updating Subscription Management repositories.
Updating Subscription Management repositories.
================================================================ Name Exactly Matched: podman ================================================================
podman.x86_64 : Manage Pods, Containers and Container Images
=============================================================== Summary & Name Matched: podman ===============================================================
python3-pypodman.noarch : Python 3 tool for podman
python3-podman.noarch : Python 3 tool and bindings for podman
podman-docker.noarch : "package to Emulate Docker CLI using podman."
[root@rhel8-testmachine ~]# yum install podman-docker
Updating Subscription Management repositories.
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 for x86_64 - AppStream Beta (RPMs)                                                                 3.3 kB/s | 4.1 kB     00:01
Red Hat Enterprise Linux 8 for x86_64 - BaseOS Beta (RPMs)                                                                    3.5 kB/s | 4.1 kB     00:01
Dependencies resolved.
 Package                             Arch          Version                                                 Repository                                    Size
 podman-docker                       noarch                 rhel-8-for-x86_64-appstream-beta-rpms         24 k
Installing dependencies:
 runc                                x86_64        1.0.0-52.rc5.dev.git2abd837.el8+1884+9fee228c           rhel-8-for-x86_64-appstream-beta-rpms        2.0 M
 containers-common                   x86_64        1:0.1.31-11.gitb0b750d.el8+1853+ae0bb178                rhel-8-for-x86_64-appstream-beta-rpms         31 k
 protobuf-c                          x86_64        1.3.0-4.el8                                             rhel-8-for-x86_64-appstream-beta-rpms         37 k
 container-selinux                   noarch        2:2.73-3.el8+1838+91f7e486                              rhel-8-for-x86_64-appstream-beta-rpms         42 k
 criu                                x86_64        3.10-4.el8                                              rhel-8-for-x86_64-appstream-beta-rpms        482 k
 podman                              x86_64                 rhel-8-for-x86_64-appstream-beta-rpms        7.3 M
 libnet                              x86_64        1.1.6-15.el8                                            rhel-8-for-x86_64-appstream-beta-rpms         67 k
 ostree-libs                         x86_64        2018.8-2.el8                                            rhel-8-for-x86_64-appstream-beta-rpms        382 k
 containernetworking-plugins         x86_64        0.7.3-6.git19f2f28.el8+1742+b7ea820a                    rhel-8-for-x86_64-appstream-beta-rpms         12 M
 python3-policycoreutils             noarch        2.8-9.el8                                               rhel-8-for-x86_64-baseos-beta-rpms           2.2 M
 fuse3-libs                          x86_64        3.2.1-11.el8                                            rhel-8-for-x86_64-baseos-beta-rpms            94 k
 python3-setools                     x86_64        4.1.1-11.el8                                            rhel-8-for-x86_64-baseos-beta-rpms           446 k
 policycoreutils-python-utils        noarch        2.8-9.el8                                               rhel-8-for-x86_64-baseos-beta-rpms           227 k
 python3-IPy                         noarch        0.81-22.el8                                             rhel-8-for-x86_64-baseos-beta-rpms            43 k
 python3-libsemanage                 x86_64        2.8-3.1.el8                                             rhel-8-for-x86_64-baseos-beta-rpms           126 k
 python3-audit                       x86_64        3.0-0.5.20180831git0047a6c.el8                          rhel-8-for-x86_64-baseos-beta-rpms            85 k
 checkpolicy                         x86_64        2.8-1.el8                                               rhel-8-for-x86_64-baseos-beta-rpms           337 k
Installing weak dependencies:
 slirp4netns                         x86_64        0.1-1.dev.gitc4e1bc5.el8+1463+3d8a3dce                  rhel-8-for-x86_64-appstream-beta-rpms         54 k
 fuse-overlayfs                      x86_64        0.1-7.dev.git50c7a50.el8+2117+8020c482                  rhel-8-for-x86_64-appstream-beta-rpms         47 k
Enabling module streams:
 container-tools                                   1.0

Transaction Summary
Install  20 Packages

Total download size: 26 M
Installed size: 94 M
Is this ok [y/N]: y
<yum stuff follows>

Podman is it’s own package, and there’s a podman-docker package which wraps your commands in a docker-like shell. I do not know if this will change later…

Pull a container image

[root@rhel8-testmachine ~]# podman pull centos
Trying to pull registry.redhat.io/centos:latest...Failed
Trying to pull quay.io/centos:latest...Failed
Trying to pull docker.io/centos:latest...Getting image source signatures
Copying blob sha256:a02a4930cb5d36f3290eb84f4bfa30668ef2e9fe3a1fb73ec015fc58b9958b17
 71.68 MB / 71.68 MB [=====================================================] 11s
Copying config sha256:1e1148e4cc2c148c6890a18e3b2d2dde41a6745ceb4e5fe94a923d811bf82ddb
 2.13 KB / 2.13 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures

Running a container

I ran a quick centos container, just to see how it worked. the CLI is practically identical. I did run into some issues with the –name flag, mainly I was used to –name=foobar, something docker accepted just fine, and podman is –name foobar. I figured it our pretty quickly and moved on.

[root@rhel8-testmachine ~]# podman run -it centos  /bin/bash
[root@75da3203c199 /]# whoami
[root@75da3203c199 /]# ls /etc/redhat-release
[root@75da3203c199 /]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@75da3203c199 /]# exit

The centos container was simple, let’s see what happens if we run something a little more complicated like wordpress! I pulled the image with podman pull, and then ran it just like I would in docker!

[root@rhel8-testmachine ~]# podman run -d --name wordpress-test -p 80:80 -p 443:443 wordpress
[root@rhel8-testmachine ~]# docker ps
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
CONTAINER ID   IMAGE                                COMMAND                  CREATED         STATUS             PORTS                                      NAMES
84703fc104f5   docker.io/library/wordpress:latest   docker-entrypoint.s...   6 seconds ago   Up 4 seconds ago>443/tcp,>80/tcp   wordpress-test

Logs works as expected, and we can see that the service is in fact up. 

[root@rhel8-testmachine ~]# podman logs wordpress-test
WordPress not found in /var/www/html - copying now...
Complete! WordPress has been successfully copied to /var/www/html
AH00557: apache2: apr_sockaddr_info_get() failed for 84703fc104f5
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using Set the 'ServerName' directive globally to suppress this message
AH00557: apache2: apr_sockaddr_info_get() failed for 84703fc104f5
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using Set the 'ServerName' directive globally to suppress this message
[Tue Jan 08 02:57:10.631625 2019] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.25 (Debian) PHP/7.2.13 configured -- resuming normal operations
[Tue Jan 08 02:57:10.633010 2019] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'

[root@rhel8-testmachine ~]# curl
<title>301 Moved Permanently</title>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="">here</a>.</p>
<address>Apache/2.4.25 (Debian) Server at Port 80</address>

The –restart flag is gone, likely because it can no longer function like we expect it to in docker land. So instead you’ll have to learn to write those systemd units for your containers. It’s about time you learned systemd anyway!


So the other thing I wanted to test was docker-compose. From what I’m reading, this isnt implemented yet, but will be handled natively with podman as “pods”. Guess we’ll see.


One last thing, I wanted to just try out a basic dockerfile. So I wrote my own very basic dockerfile, to install apache on centos, and ran it.

[root@rhel8-testmachine test-dockerFile]# cat Dockerfile
FROM centos
RUN yum -y install httpd
CMD ["/usr/sbin/apachectl", "-D", "FOREGROUND"]
[root@rhel8-testmachine test-dockerFile]# podman build -t apache-test .
STEP 1: FROM centos
STEP 2: RUN yum -y install httpd
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
 * base: linux.cc.lehigh.edu
 * extras: linux.cc.lehigh.edu
 * updates: linux.cc.lehigh.edu
base                                                     | 3.6 kB     00:00
extras                                                   | 3.4 kB     00:00
updates                                                  | 3.4 kB     00:00
(1/4): extras/7/x86_64/primary_db                          | 156 kB   00:00
(2/4): updates/7/x86_64/primary_db                         | 1.3 MB   00:00
(3/4): base/7/x86_64/group_gz                              | 166 kB   00:00
(4/4): base/7/x86_64/primary_db                            | 6.0 MB   00:04
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.6-88.el7.centos will be installed
--> Processing Dependency: httpd-tools = 2.4.6-88.el7.centos for package: httpd-2.4.6-88.el7.centos.x86_64
--> Processing Dependency: system-logos >= 7.92.1-1 for package: httpd-2.4.6-88.el7.centos.x86_64
--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-88.el7.centos.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.centos.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-88.el7.centos.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed
---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed
---> Package centos-logos.noarch 0:70.0.6-3.el7.centos will be installed
---> Package httpd-tools.x86_64 0:2.4.6-88.el7.centos will be installed
---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

 Package             Arch          Version                    Repository   Size
 httpd               x86_64        2.4.6-88.el7.centos        base        2.7 M
Installing for dependencies:
 apr                 x86_64        1.4.8-3.el7_4.1            base        103 k
 apr-util            x86_64        1.5.2-6.el7                base         92 k
 centos-logos        noarch        70.0.6-3.el7.centos        base         21 M
 httpd-tools         x86_64        2.4.6-88.el7.centos        base         90 k
 mailcap             noarch        2.1.41-2.el7               base         31 k

Transaction Summary
Install  1 Package (+5 Dependent packages)

Total download size: 24 M
Installed size: 31 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/apr-1.4.8-3.el7_4.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for apr-1.4.8-3.el7_4.1.x86_64.rpm is not installed
(1/6): apr-1.4.8-3.el7_4.1.x86_64.rpm                      | 103 kB   00:00
(2/6): apr-util-1.5.2-6.el7.x86_64.rpm                     |  92 kB   00:00


  httpd.x86_64 0:2.4.6-88.el7.centos
FROM centos

Dependency Installed:
  apr.x86_64 0:1.4.8-3.el7_4.1
  apr-util.x86_64 0:1.5.2-6.el7
  centos-logos.noarch 0:70.0.6-3.el7.centos
  httpd-tools.x86_64 0:2.4.6-88.el7.centos
  mailcap.noarch 0:2.1.41-2.el7

--> 7763585b1b600683325f82e86e2d734a845dd3924b3a4d8c8183f8946134e944
STEP 3: FROM 7763585b1b600683325f82e86e2d734a845dd3924b3a4d8c8183f8946134e944
--> ca21ea9cd42229458428f887f57a67841aec120d15a12b00232f4c47f0d2ed01
STEP 5: FROM ca21ea9cd42229458428f887f57a67841aec120d15a12b00232f4c47f0d2ed01
STEP 6: CMD ["/usr/sbin/apachectl", "-D", "FOREGROUND"]
--> 85c737e0b32feb4d6bafb47c3ba6c722265339b308f292946cf9967d323bc62e
STEP 7: COMMIT apache-test

Then, just to make sure, I ran it, and it worked!

[root@rhel8-testmachine test-dockerFile]# podman run -d -p 80:80 --name httpd-test apache-test
[root@rhel8-testmachine test-dockerFile]# docker ps
Emulate Docker CLI using podman. Create /etc/containers/nodocker to quiet msg.
CONTAINER ID   IMAGE                          COMMAND                  CREATED         STATUS             PORTS                NAMES
9c8b65c4aa37   localhost/apache-test:latest   /usr/sbin/apachectl...   4 seconds ago   Up 3 seconds ago>80/tcp   httpd-test
[root@rhel8-testmachine test-dockerFile]# curl

The expected "IT WORKED!" page from Centos


So in all, don’t fear the podman. He works just like your old friend docker, and seems to have some potential for even lighter weight systems in the future.

Stay turned for more on the RHEL8 Beta!