How to manage Linux Containers using Podman

How to manage Linux Containers using Podman


Here in this article we will try to install Podman an Open Source container management tool and see how we can utilize it to push, pull, inspect, start and stop containers.

Test Environment

Fedora 32

What is Podman

Podman is an opensource Linux native tool designed to make it easy to find, run, build, share and deploy applications using OCI containers and container Images. Unlike Docker which relies on Docker daemon for managing the containers, Podman is daemonless.

Podman relies on OCI compliant Container Runtime to interface with the operating system and create the running containers. Podman manages the entire container ecosystem which includes pods, containers, container images, container volumes using libpod library.

Podman service currently runs only on Linux platforms.

If you are interested in watching video. Here in the YouTube video on the same step by step procedure outlined below.


Step1: Install Podman

In order to manager Linux containers we first need to install the Podman utlility on our Linxu OS. Installing Podman is as simple as shown below without the overhead of installing the client and server packages like we do for setting up Docker.

[admin@fed32 ~]$ sudo dnf install podman
[sudo] password for admin: 
Last metadata expiration check: 0:27:40 ago on Fri 09 Oct 2020 05:45:43 AM IST.
Dependencies resolved.
 Package                                  Architecture        Version                                       Repository            Size
 podman                                   x86_64              2:2.1.1-7.fc32                                updates               13 M
Installing dependencies:
 conmon                                   x86_64              2:2.0.21-2.fc32                               updates               43 k
 containernetworking-plugins              x86_64              0.8.7-1.fc32                                  updates               11 M
 containers-common                        x86_64              1:1.1.1-5.fc32                                updates               66 k
 crun                                     x86_64              0.15-5.fc32                                   updates              187 k
 fuse3                                    x86_64              3.9.1-1.fc32                                  fedora                55 k
 fuse3-libs                               x86_64              3.9.1-1.fc32                                  fedora                93 k
 libnet                                   x86_64              1.1.6-19.fc32                                 fedora                64 k
 libslirp                                 x86_64              4.3.1-1.fc32                                  updates               70 k
  catatonit-0.1.5-3.fc32.x86_64                    conmon-2:2.0.21-2.fc32.x86_64            container-selinux-2:2.145.0-1.fc32.noarch 
  containernetworking-plugins-0.8.7-1.fc32.x86_64  containers-common-1:1.1.1-5.fc32.x86_64  criu-3.14-1.fc32.x86_64                   
  crun-0.15-5.fc32.x86_64                          fuse-overlayfs-1.1.2-1.fc32.x86_64       fuse3-3.9.1-1.fc32.x86_64                 
  fuse3-libs-3.9.1-1.fc32.x86_64                   libnet-1.1.6-19.fc32.x86_64              libslirp-4.3.1-1.fc32.x86_64              
  libvarlink-util-18-3.fc32.x86_64                 podman-2:2.1.1-7.fc32.x86_64             podman-plugins-2:2.1.1-7.fc32.x86_64      slirp4netns-1.1.4-1.fc32.x86_64         


The installation of Podman also installs some important dependencies along with it. Lets get into some of the details of these package that got installed.

  • conmon – It is a automated container based network performance monitoring system. Its helps in configuring and executing the monitoring functions inside the adjacent monitoring containers.
  • containernetworking-plugins – It provides a set of network plugins to configure network interfaces for Linux containers.
  • containers-common – This package installs the default set of configuration files for working with image signatures. It contains configuration files related to registries from where the images are downloaded and storage driver information like storage driver used and where the downloaded images are stored locally.
  • crun – Its a fast and low memory footprint OCI container runtime fully written in C.
  • fuse3 and fuse3-libs – These packages help to implement a fully functional filesystem in a userspace program.
  • libnet – Its an API to help with the construction and injection of packets.
  • libslirp – Its a general purpose TCP-IP emulator used by virtual machine hypervisors to provide virtual networking services. It is a user-mode networking library used by virtual machines, containers or various tools.

Now that we have some basic understanding about what is Podman and its dependent packages do. Let try to use Podman and see how we can use it to manage Linux containers in the step by step procedure below.

Step2: Search for Tomcat container image

Here let try to search for Tomcat container which is an official image available.

[admin@fed32 ~]$ podman search tomcat --filter=is-official 
INDEX       NAME                       DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED   Apache Tomcat is an open source implementati...   2846    [OK]    Apache TomEE is an all-Apache Java EE certif...   83      [OK] 

The above search show two images from which we are interested in the tomcat container image. The second one is Tomcat Enterprise edition images providing a Java EE compliant Application server.

Step3: Pull an image from registry

Let’s try to pull the tomcat image that we searched in the Step1 and check where the images are getting stored locally once downloaded.

[admin@fed32 ~]$ podman pull
Trying to pull
Getting image source signatures
Copying blob 57df1a1f1ad8 done  
Copying blob 71e126169501 done  
Copying blob 1af28a55c3f3 done  
Copying blob 881ad7aafb13 done  
Copying blob 9c0ffd4062f3 done  
Copying blob 03f1c9932170 done  
Copying blob bd62e479351a [======================================] 187.2MiB / 187.2MiB
Copying blob 48ee8bc64dbc done  
Copying blob 07cb85cca4f0 done  
Copying blob 6a78fac8d191 done  
Copying config f796d3d2c1 done  
Writing manifest to image destination
Storing signatures

We can list the images that are currently available for us to use with the below command.

[admin@fed32 ~]$ podman images
REPOSITORY                TAG     IMAGE ID      CREATED      SIZE  latest  f796d3d2c195  3 weeks ago  660 MB

By default these images are getting stored in /.local/share/containers/storage/ as we using the Podman with a non root user.

Step4: Run a container based on Tomcat image downloaded

Here we have instantiated a container for the tomcat image and exposed the port 8080 of the tomcat container on port 8080 of localhost using port forwarding. The list of all containers that are available can be shown using ps -a option for podman.

[admin@fed32 ~]$ podman run -dt -p 8080:8080/tcp
[admin@fed32 ~]$ podman ps -a
CONTAINER ID  IMAGE                            COMMAND          CREATED        STATUS            PORTS                   NAMES
14e4cde6e6fa run  9 seconds ago  Up 7 seconds ago>8080/tcp  admiring_lumiere

Step5: Inspect the container

Tomcat running container can be inspected for its metadata and other details. Inspect will provide a lot of information related to your container environment variables, network setting and allocated resources.

Here are some of the metadata information which i tried to grep or collect from the inspect data.

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i ipaddress
            "IPAddress": "",

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i "hostname="

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i "Port"
            "Ports": {
                        "HostPort": "8080"
            "PortBindings": {
                        "HostPort": "8080"

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i "workingdir"
            "WorkingDir": "/usr/local/tomcat",

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i "tomcat_version"

[admin@fed32 ~]$ podman inspect 14e4cde6e6fa | grep -i "java_version"

Step6: Viewing the tomcat container logs

The logs related to the container can be monitored using podman logs with various options to tail the logs. It also supports for multiple container logs to be shown.

[admin@fed32 ~]$ podman logs 14e4cde6e6fa | grep -i "Server startup"
09-Oct-2020 17:31:59.023 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [544] milliseconds

Step7: Stop and Start the containers

Podman also helps in stopping and starting the containers as shown below.

[admin@fed32 ~]$ podman stop 14e4cde6e6fa
[admin@fed32 ~]$ podman start 14e4cde6e6fa

Step8: Stop and Remove the container

Here we stop the container id that we instantiated and remove the container id permanently.

[admin@fed32 ~]$ podman stop 14e4cde6e6fa

[admin@fed32 ~]$ podman rm 14e4cde6e6fa

Hope you enjoyed reading this article. Thank you..