Published: Nov 15, 2022 by Isaac Johnson
Podman has been out for a while, but just recently they put out a Desktop front-end with Podman Desktop. It’s Open Source and has pre-built binaries for Windows, Mac and Linux.
Podman Desktop started back in March of this year. The project is Apache 2.0 licensed and a mix of typescript and svelte.
Today we’ll setup it up in Windows and Linux to kick the tires and set how it fairs against its main rival, Docker Desktop.
Setup
I first tried a brew install. But Brew is setup just for Mac OS
Error: Invalid usage: Casks are not supported on Linux
The Windows executable is not an installer, but rather a full binary.
Right off, I could see my local containers I had built with Docker
We can also now build from within Podman Desktop
To test docker builds, I chose to build a larger complicated image
Immediately after building it ran the image (which I would have preferred not to happen)
A few features in Podman Desktop were missing until I installed Podman itself. Realize that Podman Desktop can work using Docker as the backend.
Adding Podman
You can install right from within Podman Desktop:
The installer will walk you through the install wizard (prompting you to install WSL if not already there).
After installing, you’ll want to Initialized Podman
Then Run Podman
With my laptop, I needed to also enable access to networks
Moving out of Docker Desktop
At this point, I’ve stopped Docker Desktop
and will now try and build that same GH Runner image - this time using the Podman we just installed
I fired a windows prompt and found i couldn’t hit Podman
C:\Users\isaac>podman ps
Error: failed to connect: dial tcp [::1]:53235: connectex: No connection could be made because the target machine actively refused it.
However, I found I just needed to start the Podman instance (not sure why it stopped… it was running)
C:\Users\isaac>podman ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
I’m going to try building my container again
Which I could see build
When done, I saw my new container listed
We can see the history of our image
As well as a basic summary including SHA
Podman in Ubuntu (WSL)
I popped over to my Ubuntu instance and installed using this guide
First get the pre-reqs
$ sudo apt update
$ sudo apt-get install curl wget gnupg2 -y
$ sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/xUbuntu_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
$ wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/xUbuntu_${VERSION_ID}/Release.key -O- | sudo apt-key add -
$ sudo apt update
Then install
$ sudo apt install podman
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
liblttng-ust-ctl4 liblttng-ust0 python3-crcmod
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
catatonit conmon containernetworking-plugins containers-common criu crun dns-root-data dnsmasq-base fuse-overlayfs
fuse3 libfuse3-3 libnet1 libprotobuf-c1 libprotobuf17 libyajl2 podman-machine-cni podman-plugins python3-protobuf
slirp4netns uidmap
The following packages will be REMOVED:
fuse
The following NEW packages will be installed:
catatonit conmon containernetworking-plugins containers-common criu crun dns-root-data dnsmasq-base fuse-overlayfs
fuse3 libfuse3-3 libnet1 libprotobuf-c1 libprotobuf17 libyajl2 podman podman-machine-cni podman-plugins
python3-protobuf slirp4netns uidmap
0 upgraded, 21 newly installed, 1 to remove and 253 not upgraded.
Need to get 32.0 MB of archives.
After this operation, 158 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu focal/universe amd64 libfuse3-3 amd64 3.9.0-2 [74.0 kB]
Get:2 http://archive.ubuntu.com/ubuntu focal/universe amd64 fuse3 amd64 3.9.0-2 [24.7 kB]
Get:3 http://archive.ubuntu.com/ubuntu focal/main amd64 libprotobuf17 amd64 3.6.1.3-2ubuntu5 [798 kB]
Get:5 http://archive.ubuntu.com/ubuntu focal/main amd64 python3-protobuf amd64 3.6.1.3-2ubuntu5 [298 kB]
Get:6 http://archive.ubuntu.com/ubuntu focal/main amd64 libnet1 amd64 1.1.6+dfsg-3.1build1 [43.3 kB]
Setting up libyajl2:amd64 (2.1.0-3) ...
Setting up libnet1:amd64 (1.1.6+dfsg-3.1build1) ...
Setting up dnsmasq-base (2.80-1.1ubuntu1.5) ...
Setting up libprotobuf-c1:amd64 (1.3.3-1ubuntu0.1) ...
Setting up dns-root-data (2019052802) ...
Setting up podman-machine-cni (100:0.0.0-1) ...
Setting up conmon (100:2.1.2~0) ...
Setting up containernetworking-plugins (100:1.1.1~1) ...
Setting up catatonit (0.1.7-1) ...
Setting up containers-common (100:1-22) ...
Setting up podman-plugins (100:1.2.0-1) ...
Setting up libfuse3-3:amd64 (3.9.0-2) ...
Setting up libprotobuf17:amd64 (3.6.1.3-2ubuntu5) ...
Setting up python3-protobuf (3.6.1.3-2ubuntu5) ...
Setting up fuse3 (3.9.0-2) ...
Installing new version of config file /etc/fuse.conf ...
update-initramfs: deferring update (trigger activated)
Setting up criu (3.17.1-1) ...
Setting up fuse-overlayfs (100:1.5.0-2) ...
Setting up crun (100:1.2-2) ...
Setting up podman (100:3.4.2-5) ...
Processing triggers for dbus (1.12.16-2ubuntu2.1) ...
Processing triggers for initramfs-tools (0.136ubuntu6.6) ...
Processing triggers for libc-bin (2.31-0ubuntu9.2) ...
/sbin/ldconfig.real: /usr/lib/wsl/lib/libcuda.so.1 is not a symbolic link
Processing triggers for man-db (2.9.1-1) ...
With Podman running, I can see images
$ podman ps
WARN[0000] "/" is not a shared mount, this could cause issues or missing mounts with rootless containers
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
You can do all the same docker commands to which you are accustomed
$ podman pull ubuntu
Resolved "ubuntu" as an alias (/etc/containers/registries.conf.d/000-shortnames.conf)
Trying to pull docker.io/library/ubuntu:latest...
Getting image source signatures
Copying blob e96e057aae67 done
Copying config a8780b506f done
Writing manifest to image destination
Storing signatures
a8780b506fa4eeb1d0779a3c92c8d5d3e6a656c758135f62826768da458b5235
$ podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/library/ubuntu latest a8780b506fa4 12 days ago 80.3 MB
Issues and minor Annoyances
I do have a bone to pick with systems that use dumb checks on domain names. Because they seem to limit TLDs to 5 characters, I couldn’t login to my own registry
(would have worked with .com but not .science)
and realizing it’s docker.io for login, then login in the UI worked
Regardless, I can login just fine with the command line to my private registry
I found the search worked fine with docker.io but it didn’t pick up a private registry nearly as well
C:\Users\isaac>podman search --limit 3 dockerwithtests2
NAME DESCRIPTION
docker.io/idjohnson/dockerwithtests2
C:\Users\isaac>podman search --limit 3 kasarest
But I can verify I can pull that private image just fine
C:\Users\isaac>podman pull harbor.freshbrewed.science/freshbrewedprivate/kasarest@sha256:d62e991b6f161e96b6e1c951eb35a817153efbeb25af472a1cd820fb329955f5
Trying to pull harbor.freshbrewed.science/freshbrewedprivate/kasarest@sha256:d62e991b6f161e96b6e1c951eb35a817153efbeb25af472a1cd820fb329955f5...
Getting image source signatures
Copying blob sha256:16fe51aed899f36017fe42b598b1a622b29ebe8c3622e92e13df14578825eb37
Copying blob sha256:de4a4c6caea8801bb0b7377e10220a914da403bc93fa79663cbf2dcf1800b6f1
Copying blob sha256:a7969cffbf46e6a91291fd76b19ecbe93c03ea4ded0d14042aecb4c0c4211a43
Copying blob sha256:4edced8587e6c18412817019074f5e04a8ede4e2fc89d06af13df3f80d78a70d
Copying blob sha256:17c9e6141fdb3387e5a1c07d4f9b6a05ac1498e96029fa3ea55470d4504f7770
Copying blob sha256:74fbfde6af91271fb88f0a1716224dcce5c0ebead3609943792a9cb6ba4d6d3d
Copying blob sha256:2b979a731384cf50dac8fd255d381b70028d67b69b45c1a2b6c3ea10b92636d4
Copying blob sha256:aa3c4359fdb43308669ae8ba78b2ebb713221ef3a3eca97f93590508f1506de1
Copying blob sha256:58700fbcfa0c82e5d24a9f76ba7748a194c4fdf7312a397860b4637f72ce91b6
Copying blob sha256:bd3889c4d4df08f6ba9763f64cd7295f8f8c0ac7fb2f9080ef28f24b89b28653
Copying blob sha256:e1877a5258205a0a198dec5a850503a5cf7b3d7a6ebb8b2c4fef6b19f5818b99
Copying blob sha256:a6ffb128cfc4ef0b4e086e272a1018778daef7f6741763dfb741fab13e48fae1
Copying blob sha256:bc429c7f601ebeb08c2de62cabd971ae981c5175fcf3dd4817a01d0154a2396d
Copying blob sha256:62945c689cd77343c80ccd591745c7a801521c1bc5a72a016467e598aa4f4463
Copying blob sha256:20f52f988f86c4e00f6f699401c03591b1ceda01e5a3dd38d53f8edcb6f6fa90
Copying blob sha256:b9c67a06929d43f1eaaf8bf7ef229bd9d36eca8cf5cfbdc5923912c1b6cce8cb
...
It appears that the podman in my WSL Ubuntu is unique and not connected to the Windows version
This isn’t necessarily bad, but I did like being able to build in Linux and see in Windows when I was using Docker Desktop with the WSL integration.
Another struggle I encountered is that it seems Harbor and Podman don’t get along on the way OAuth2 is handled. Thus searching comes back as a fail, even though clearly I’m logged in
$ podman search harbor.freshbrewed.science/
ERRO[0000] error getting search results from v2 endpoint "harbor.freshbrewed.science": unable to retrieve auth token: invalid username/password: unauthorized: unauthorized to list catalog: unauthorized to list catalog
Error: 1 error occurred:
* couldn't search registry "harbor.freshbrewed.science": unable to retrieve auth token: invalid username/password: unauthorized: unauthorized to list catalog: unauthorized to list catalog
$ podman login harbor.freshbrewed.science
Authenticating with existing credentials for harbor.freshbrewed.science
Existing credentials are valid. Already logged in to harbor.freshbrewed.science
I tried using an auth file as well
$ podman login --authfile ~/.podmanauth harbor.freshbrewed.science
Username: isaac
Password:
Login Succeeded!
$ cat ~/.podmanauth
{
"auths": {
"harbor.freshbrewed.science": {
"auth": "asdfasdfasfdasdfasdasdfasdf"
}
}
}
$ podman search --authfile ~/.podmanauth harbor.freshbrewed.science/
ERRO[0000] error getting search results from v2 endpoint "harbor.freshbrewed.science": unable to retrieve auth token: invalid username/password: unauthorized: unauthorized to list catalog: unauthorized to list catalog
Error: 1 error occurred:
* couldn't search registry "harbor.freshbrewed.science": unable to retrieve auth token: invalid username/password: unauthorized: unauthorized to list catalog: unauthorized to list catalog
Podman Desktop in Ubuntu
While I couldn’t get flatpak
to install properly in my Ubuntu, I was able to download the tar.gz from the releases and launch it
builder@DESKTOP-QADGF36:~/Workspaces/podman-desktop/podman-desktop-0.9.1$ ./podman-desktop
[11556:1115/075755.682116:ERROR:bus.cc(399)] Failed to connect to the bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
[11556:1115/075755.682226:ERROR:bus.cc(399)] Failed to connect to the bus: Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or directory
[11556:1115/075755.684346:ERROR:bus.cc(399)] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[11556:1115/075755.684397:ERROR:bus.cc(399)] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[11556:1115/075755.698878:ERROR:bus.cc(399)] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[11592:1115/075755.709791:ERROR:gpu_memory_buffer_support_x11.cc(44)] dri3 extension not supported.
APPIMAGE env is not defined, current application is not an AppImage
Activating extension (crc)
Can not find CRC binary!
Activation extension (crc) ended
Activating extension (docker)
Activation extension (docker) ended
Activating extension (kube-context)
starting extension kube-context
Activation extension (kube-context) ended
Activating extension (lima)
Could not find podman socket at /home/builder/.lima/podman-lima/sock/podman.sock nor /home/builder/.lima/podman-lima/sock/podman.sock
Activation extension (lima) ended
Activating extension (podman)
PluginSystem: received dom-ready event from the UI
Activation extension (podman) ended
PluginSystem: initialization done.
Delayed startup, flushing 3 events
Autostarting container engine
Because Windows 11 has a built-in X server, we can see Podman Desktop, from my Ubuntu, alongside the Native Windows Podman Desktop
And while the Registry add is just as hateful to my wonderful little TLD of .science:
We can see my local login worked just fine
( I did file a bug on this issue - caused by this line )
Summary
Podman Desktop is yet another nail in the Docker coffin. Having a decent Desktop Dashboard was one of the few gaps I found between Podman and Docker. While Docker (the company) continues to try and find ways to monetize over licensing, I would imagine more and more affected companies push to use Podman over Docker Desktop.
That said, there were some glitches. Not everything worked. For instance, the Help Dropdown was entirely empty
And it has crashed more than once today. But it is a 0.9.1 beta release and I’m hoping to see things stabilize in coming releases.