mgoltzsche/podman-static mgoltzsche/podman-static

  • Stars
    star
    207
  • Rank 183,829 (Top 4 %)
  • Language
    Dockerfile
  • License
    Apache License 2.0
  • Created over 5 years ago
  • Updated about 1 month ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mgoltzsche/podman-static
github

mgoltzsche

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

static podman binaries and container image

podman binaries and container images GitHub workflow badge

This project provides alpine-based podman container images and statically linked (rootless) podman binaries for linux/amd64 and linux/arm64/v8 machines along with its dependencies (without systemd support):

Container image

The following image tags are supported:

Tag Description
latest, <VERSION> podman with both rootless and rootful dependencies: runc, conmon, fuse-overlayfs, slirp4netns, CNI plugins, catatonit.
minimal, <VERSION>-minimal podman, crun, fuse-overlayfs and conmon binaries, configured to use the host's existing namespaces (low isolation level).
remote, <VERSION>-remote the podman remote binary.

By default containers are run as user root. However the podman (uid/gid 1000) user can be used instead for which also a subuid/gid mapping is configured with the image (as described within the binary installation section below).

Please note that, when running non-remote podman within a docker container, the docker container needs to be --privileged.

Container usage example

Run podman in docker:

docker run --privileged -u podman:podman mgoltzsche/podman:minimal docker run alpine:latest echo hello from nested container

Within the container docker is linked to podman to support applications that use the docker command.

Binary installation on a host

In case you're using an arm64 machine (e.g. a Raspberry Pi), you need to substitute "amd64" with "arm64" within the commands below to make the installation work for you.

Download the statically linked binaries of podman and its dependencies:

curl -fsSL -o podman-linux-amd64.tar.gz https://github.com/mgoltzsche/podman-static/releases/latest/download/podman-linux-amd64.tar.gz

Verify the archive's signature (optional):

curl -fsSL -o podman-linux-amd64.tar.gz.asc https://github.com/mgoltzsche/podman-static/releases/latest/download/podman-linux-amd64.tar.gz.asc
gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 0CCF102C4F95D89E583FF1D4F8B5AF50344BB503
gpg --batch --verify podman-linux-amd64.tar.gz.asc podman-linux-amd64.tar.gz

This may fail every now and then due to desync/unavailable key servers. In that case please retry.

Download a specific version:

VERSION=<VERSION>
curl -fsSL -o podman-linux-amd64.tar.gz https://github.com/mgoltzsche/podman-static/releases/download/$VERSION/podman-linux-amd64.tar.gz

Install the binaries and configuration on your host after you've inspected the archive:

tar -xzf podman-linux-amd64.tar.gz
sudo cp -r podman-linux-amd64/usr podman-linux-amd64/etc /

If you have docker installed on the same host it might be broken until you remove the newly installed /usr/local/bin/runc binary since older docker versions are not compatible with the latest runc version provided here while podman is also compatible with the older runc version that comes e.g. with docker 1.19 on Ubuntu.

To install podman on a host without having any root privileges, you need to copy the binaries and configuration into your home directory and adjust the binary paths within the configuration correspondingly. For more information see podman's rootless installation instructions.

Host configuration

The following binaries should be installed on your host:

  • iptables
  • nsenter
  • uidmap (for rootless mode)

In order to run rootless containers that use multiple uids/gids you may want to set up a uid/gid mapping for your user on your host:

sudo sh -c "echo $(id -un):100000:200000 >> /etc/subuid"
sudo sh -c "echo $(id -gn):100000:200000 >> /etc/subgid"

Please make sure you don't add the mapping multiple times.

To support applications that use the docker command you may want to link it to podman as follows:

sudo ln -s /usr/local/bin/podman /usr/local/bin/docker

Before updating binaries on your host please terminate all corresponding processes.

Restart containers on boot

To restart containers with restart-policy=always on boot, enable the podman-restart systemd service:

systemctl enable podman-restart

Binary usage example

podman run alpine:latest echo hello from podman

Default persistent storage location

The default storage location depends on the user:

  • For root storage is located at /var/lib/containers/storage.
  • For unprivileged users storage is located at ~/.local/share/containers/storage.

Local build & test

make images test

More Repositories

1

khelm

A Helm chart templating CLI, kustomize plugin and containerized kustomize/kpt KRM function
Go
114
star
2

ctnr

rootless runc-based container engine - deprecated in favour of podman
Go
32
star
3

rkt-compose

CLI to run Docker Compose file as pod on rkt with integrated service discovery using Consul - EOL
Go
24
star
4

slirp-cni-plugin

A user-mode network ("slirp") CNI plugin - container networking for unprivileged users
Go
17
star
5

jenkins-jnlp-slave

A jenkins JNLP slave with podman to provide rootless docker CLI support
Shell
15
star
6

beets-autogenre

beets plugin to auto-detect the genre for each item within your music library
Python
5
star
7

image-registry-operator

A kubernetes operator that manages image registries and access to them (alpha)
Go
3
star
8

hydra-spring-oauth2

oauth2 sample: ory hydra identity provider & spring boot resource server
Java
3
star
9

k8spkg

A Kubernetes component lifecycle manager CLI (deprecated in favour of kpt)
Go
3
star
10

fa-pap-xml-interpreter

A GUI and interpreter for the german tax office's program flow format. https://mgoltzsche.github.io/fa-pap-xml-interpreter/
HTML
2
star
11

mopidy-container

An opinionated, containerized mopidy bundle for Kubernetes (alpha)
Shell
2
star
12

kubemate

Experimental k3s-based Kubernetes distribution for IoT (alpha)
Go
2
star
13

beets-ytimport

A beets plugin to import music from Youtube and SoundCloud
Python
2
star
14

k8storagex

host path and layered cache file system provisioner for distributed (CI) jobs on Kubernetes (alpha)
Go
2
star
15

liteide-docker

LiteIDE containerized: A fast reproducible Go development environment
Dockerfile
2
star
16

gpg-helper

Letters instead of postcards! This little GnuPG 2 wrapper script helps you use PGP
Shell
1
star
17

kustomizr

kpt function container image to run kustomize builds
Go
1
star
18

hifiberry-detector

Containerized detect-hifiberry script from hifiberry-os (alpha)
Makefile
1
star
19

nodehack

A container image and DaemonSet to configure a host (for dev purposes)
Shell
1
star
20

runc-compose

CLI to compose runc containers
Go
1
star
21

beets-webm3u

A Beets plugin to serve M3U playlists via HTTP
Python
1
star
22

beets-webrouter

A Beets plugin to serve multiple web apps using a single process on the same port, each under a different path
Python
1
star
23

beets-container

An opinionated, containerized beets distribution
Makefile
1
star
24

conventional-release

A GitHub Action to automate releases based on Conventional Commits
Shell
1
star
25

highfipi

An SD card image to run Raspberry Pi based wireless Hifi speakers for multi-room audio
Makefile
1
star
26

coreos-setup

CoreOS setup for hetzner server
Shell
1
star
27

wifi-manager

Wifi manager linux container for a SoC/Raspberry Pi
Dockerfile
1
star
28

ktransform

Experimental K8s CRD and controller to transform Secrets and ConfigMaps using jq queries
Go
1
star
29

algorythm-cms

An old collection of experimental CMS modules - only valueable: a Maven plugin to build XAR packages
XSLT
1
star
30

file-service

Service to share and browse files using a JS UI and WebDAV based on nginx
JavaScript
1
star
31

stable-diffusion-container

Experimental stable diffusion linux container image (early alpha)
Makefile
1
star