this post was submitted on 07 Sep 2023
139 points (100.0% liked)

Programming

17436 readers
300 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities [email protected]



founded 1 year ago
MODERATORS
 

Podman is a lot like Docker: a tool for running OCI containers. While it maintains backwards compatibility with Dockerfile and docker-compose syntax, it offers a lot of other benefits:

  • daemonless: it can run containers without a daemon process running in the background.
  • Rootless: can run containers without root privileges
  • pods: can group containers into secluded pods, which share resources and network namespace

Podman has other features I haven't explored yet, like compatibility with Kubernetes yaml file, and being able to run containers as systemd units.

Have you used podman before? What are your thoughts on it?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 1 year ago (2 children)

We are trying to use podman as a way to run Testcontainers and build images on a kubernetes cluster using Gitlab CI. Building works, but running Testcontainers doesn't so far :(

[–] [email protected] 2 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

Yes but imo it's easier and nicer to integrate Podman into an existing build, for example with maven

[–] [email protected] 1 points 1 year ago (1 children)

You typically don't use podman to build images and you would instead use something like buildah.

[–] [email protected] 1 points 1 year ago (1 children)

Doesn't podman use buildah under the hood?

[–] [email protected] 2 points 1 year ago

Somewhat, but just a few pieces of it. Podman build is mainly a way to be backwards compatible with the docker cli. Buildah has some more flexibility and the way it builds the images are slightly different. You can use podman to build, but it's probably better to move to buildah for the build step as time permits.

[–] [email protected] 1 points 1 year ago (1 children)

Do you have more details how you're doing this? Using a custom executor still?

[–] [email protected] 1 points 1 year ago (2 children)

We are using the kubernetes executor. You can add additional sidecar services for your jobs, and we're using that mechanic to run podman as a daemon. There are some gotchas I had to solve if I remember, but now it works nicely for us. Except for Testcontainers, which throws an exception when your Testcontainer is exposing ports

[–] [email protected] 1 points 1 year ago (1 children)

I got it all working on self hosted kubernetes and crossplatform builds with buildah. What's your problem exactly? For TC you need to use some env vars to configure ports in .gitlabci

[–] [email protected] 1 points 1 year ago (1 children)

Do you have a working snippet somewhere I could take a look at?

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago (1 children)

I'm very interested in a solution. Our current setup, where we use an external docker host for Testcontainers and Podman to build images is quite painful

[–] [email protected] 1 points 1 year ago

I have this on my to-do list, but sorry, can't promise when I'll make a working demo. afair the trick was to use something like "podman in-podman", like dind works in GitLab runners and then some env-vars manipulation so TC thinks it runs in docker, something like

DOCKER_HOST=unix:///run/user/1000/podman/podman.sock and I use alpine as gitlab-ci helper image:

        image = "docker.io/alpine:3.17.2"
        helper_image_flavor = "alpine"

not sure if that matters, but i had lots of strange problems running with Ubuntu helper images, most were DNS propagation issues

[–] [email protected] 1 points 1 year ago

Ahh, I had skimmed over and didn't see you were running it on k8s (so kubernetes executor makes sense. ;) )

This is good to know though. I actually just stood up a podman runner and it is vastly improved over what I had to do even a year ago if I remember. I'll need to look into Testcontainers though too as we do use that. Good to know it's at least progressing pretty well. Thanks!