dave/site
1
0
Fork 0
mirror of https://github.com/davegallant/davegallant.github.io.git synced 2025-08-14 12:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

deploy: 894f56d364bd7c67ecce97189aa883d66fb5059a

Browse Source
This commit is contained in:
davegallant
2021-10-16 16:03:56 +00:00
parent b9ae5d916d
commit bf3e9057ef
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
blog/2021/10/11/replacing-docker-with-podman-on-macos-and-linux/index.html
View File

@@ -155,17 +155,18 @@ personal blog
<blockquote class=twitter-tweet><p lang=en dir=ltr>...ignoring Docker updates is a paid feature now?? <a href=https://t.co/ZxKW3b9LQM>pic.twitter.com/ZxKW3b9LQM</a></p>&mdash; Brendan Dolan-Gavitt (@moyix) <a href="https://twitter.com/moyix/status/1388586550682861568?ref_src=twsrc%5Etfw">May 1, 2021</a></blockquote> <blockquote class=twitter-tweet><p lang=en dir=ltr>...ignoring Docker updates is a paid feature now?? <a href=https://t.co/ZxKW3b9LQM>pic.twitter.com/ZxKW3b9LQM</a></p>&mdash; Brendan Dolan-Gavitt (@moyix) <a href="https://twitter.com/moyix/status/1388586550682861568?ref_src=twsrc%5Etfw">May 1, 2021</a></blockquote>
<script async src=https://platform.twitter.com/widgets.js></script> <script async src=https://platform.twitter.com/widgets.js></script>
<p>Docker has been one of the larger influencers in the container world, helping to standardize the <a href=https://github.com/opencontainers/image-spec/blob/main/spec.md>OCI Image Format Specification</a>. For many developers, containers have become synonymous with terms like <code>docker</code> and <code>Dockerfile</code> (a file containing build instructions for a container image). Docker has certainly made it very convenient to build and run containers, but it is not the only solution for doing so.</p> <p>Docker has been one of the larger influencers in the container world, helping to standardize the <a href=https://github.com/opencontainers/image-spec/blob/main/spec.md>OCI Image Format Specification</a>. For many developers, containers have become synonymous with terms like <code>docker</code> and <code>Dockerfile</code> (a file containing build instructions for a container image). Docker has certainly made it very convenient to build and run containers, but it is not the only solution for doing so.</p>
<p>This post briefly describes my experience swapping out docker for podman on macOS.</p>
<h3 id=what-is-a-container>What is a container?</h3> <h3 id=what-is-a-container>What is a container?</h3>
<p>A container is a standard unit of software that packages up all application dependencies within it. Multiple containers can be run on a host machine all sharing the same kernel as the host. In Linux, namespaces help provide an isolated view of the system, including mnt, pid, net, ipc, uid, cgroup, and time. There is an <a href="https://www.youtube.com/watch?v=sK5i-N34im8">in-depth video</a> that discusses what containers are made from, and <a href="https://youtu.be/sK5i-N34im8?t=2468">near the end</a> there is a demonstration on how to build your own containers from the command line.</p> <p>A container is a standard unit of software that packages up all application dependencies within it. Multiple containers can be run on a host machine all sharing the same kernel as the host. In Linux, namespaces help provide an isolated view of the system, including mnt, pid, net, ipc, uid, cgroup, and time. There is an <a href="https://www.youtube.com/watch?v=sK5i-N34im8">in-depth video</a> that discusses what containers are made from, and <a href="https://youtu.be/sK5i-N34im8?t=2468">near the end</a> there is a demonstration on how to build your own containers from the command line.</p>
<p>By easily allowing the necessary dependencies to live alongside the application code, containers make the &ldquo;works on my machine&rdquo; problem less of a problem.</p> <p>By easily allowing the necessary dependencies to live alongside the application code, containers make the &ldquo;works on my machine&rdquo; problem less of a problem.</p>
<h3 id=benefits-of-podman>Benefits of podman</h3> <h3 id=benefits-of-podman>Benefits of podman</h3>
<p>One of the most interesting features of podman is that it is daemonless. There isn&rsquo;t a process running on your system managing your containers. In contrast, the docker client is reliant upon the docker daemon (often running as root) to be able to build and run containers.</p> <p>One of the most interesting features of podman is that it is daemonless. There isn&rsquo;t a process running on your system managing your containers. In contrast, the docker client is reliant upon the docker daemon (often running as root) to be able to build and run containers.</p>
<p>Podman is rootless by default. It is now possible to <a href=https://docs.docker.com/engine/security/rootless/>run the docker daemon rootless</a> as well, but it&rsquo;s still not the default behaviour.</p> <p>Podman is rootless by default. It is now possible to <a href=https://docs.docker.com/engine/security/rootless/>run the docker daemon rootless</a> as well, but it&rsquo;s still not the default behaviour.</p>
<p>I&rsquo;ve also observed that so far my 2019 16" Macbook Pro has not yet sounded like a jet engine.</p> <p>I&rsquo;ve also observed that so far my 2019 16" Macbook Pro has not yet sounded like a jet engine, although I haven&rsquo;t performed any disk intensive operations yet.</p>
<h3 id=installing-podman>Installing podman</h3> <h3 id=installing-podman>Installing podman</h3>
<p>Running podman on macOS is more involved than on Linux, because the podman-machine must run Linux inside a virtual machine. Fortunately, the installation is made simple with <a href=https://brew.sh/>brew</a> (read <a href=https://podman.io/getting-started/installation#linux-distributions>this</a> if you&rsquo;re installing podman on Linux):</p> <p>Running podman on macOS is more involved than on Linux, because the podman-machine must run Linux inside of a virtual machine. Fortunately, the installation is made simple with <a href=https://brew.sh/>brew</a> (read <a href=https://podman.io/getting-started/installation#linux-distributions>this</a> if you&rsquo;re installing podman on Linux):</p>
<div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh>brew install podman <div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh>brew install podman
</code></pre></div><p>If on macOS, the podman machine must be started:</p> </code></pre></div><p>The podman machine must be started:</p>
<div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh><span style=color:#09f;font-style:italic># This is not necessary on Linux</span> <div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh><span style=color:#09f;font-style:italic># This is not necessary on Linux</span>
podman machine init podman machine init
podman machine start podman machine start
@@ -184,7 +185,7 @@ Storing signatures
<p>and then exec into the container:</p> <p>and then exec into the container:</p>
<pre tabindex=0><code class=language-console data-lang=console>$ podman run --rm -ti alpine <pre tabindex=0><code class=language-console data-lang=console>$ podman run --rm -ti alpine
Error: error preparing container 99ace1ef8a78118e178372d91fd182e8166c399fbebe0f676af59fbf32ce205b for attach: error configuring network namespace for container 99ace1ef8a78118e178372d91fd182e8166c399fbebe0f676af59fbf32ce205b: error adding pod unruffled_bohr_unruffled_bohr to CNI network &quot;podman&quot;: unexpected end of JSON input Error: error preparing container 99ace1ef8a78118e178372d91fd182e8166c399fbebe0f676af59fbf32ce205b for attach: error configuring network namespace for container 99ace1ef8a78118e178372d91fd182e8166c399fbebe0f676af59fbf32ce205b: error adding pod unruffled_bohr_unruffled_bohr to CNI network &quot;podman&quot;: unexpected end of JSON input
</code></pre><p>What does this error mean? A bit of googling lead to <a href=https://github.com/containers/podman/issues/11837>this github issue</a>.</p> </code></pre><p>What does this error mean? A bit of searching lead to <a href=https://github.com/containers/podman/issues/11837>this github issue</a>.</p>
<p>Until the fix is released, a workaround is to just specify a port (even when it&rsquo;s not needed):</p> <p>Until the fix is released, a workaround is to just specify a port (even when it&rsquo;s not needed):</p>
<div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh>podman run -p <span style=color:#f60>4242</span> --rm -ti alpine <div class=highlight><pre tabindex=0 style=background-color:#f0f3f3;-moz-tab-size:4;-o-tab-size:4;tab-size:4><code class=language-sh data-lang=sh>podman run -p <span style=color:#f60>4242</span> --rm -ti alpine
</code></pre></div><p>If you&rsquo;re reading this from the future, there is a good chance specifying a port won&rsquo;t be needed.</p> </code></pre></div><p>If you&rsquo;re reading this from the future, there is a good chance specifying a port won&rsquo;t be needed.</p>

2
page/search/index.json
View File

File diff suppressed because one or more lines are too long