Podman’s integration with Kubernetes through the podman kube play command allows users to create pods, containers, and volumes from Kubernetes YAML files. This command reads the structured file and recreates the described resources, starting the containers within a pod and outputting the ID of the new pod or the name of the new volume.
Podman pods are a key feature in Podman, a container management tool, designed to simplify the orchestration of multiple containers as a single unit. Similar to Kubernetes pods, Podman pods allow you to group containers that share the same network namespace, enabling them to communicate with each other more efficiently.
This setup simplifies the deployment and management of complex applications that require multiple, interdependent containers. Each pod can contain one or more containers, along with shared resources like networking and storage, making it easier to replicate production environments for development, testing, and continuous integration.
By providing a more flexible and rootless approach to containerization, Podman pods enhance security and supports the workflow for developers looking to build and manage containerized applications.
Networking in Podman with Kube
When using Podman with Kubernetes YAML files, networking is handled differently compared to traditional Podman networking. By default, all containers within a Podman pod share the same network namespace, meaning they have the same IP address, MAC addresses, and port mappings. This setup facilitates communication between containers using localhost. However, with the introduction of Podman 4.0, a new network stack was implemented, replacing CNI plugins with Netavark for interface setup, IP address assignment, NAT, and port mapping, and Aardvark-dns for DNS name resolution.
Creating multi-container pods with Podman
Using Podman pods involves creating and managing a group of containers that can operate together seamlessly.
To create a pod, you start with the podman pod create command, which sets up the pod’s shared namespace. For example, podman pod create --name mypod creates a new pod named “mypod.”
podman pod create --network n_funweb --publish 8080:80 funweb
Once the pod is created, you can add containers to it using the --pod flag.
podman run -d --rm --pod funweb --env POSTGRES_PASSWORD=secretpwforthedb docker.io/library/postgres:16
Trying to pull docker.io/library/postgres:16...
Getting image source signatures
(...)
Writing manifest to image destination
Storing signatures
86cc9ea508faaf65b4d972b85a5ec0b245602a08088f8aba28a4b31a6b8aae21
You can add additional containers to the pod:
podman run -d --rm --pod funweb -v /var/www/html/modules -v /var/www/html/profiles -v /var/www/html/themes -v /var/www/html/sites docker.io/library/drupal:10-apache
This way, both containers share the same network stack and can communicate directly via localhost.
Managing the pod is straightforward with commands like podman pod ps to list all pods, and podman pod rm mypod to remove a pod.
Practical applications and considerations
The practicality of using Podman for multi-container pods is evident in scenarios where developers can build images and tear down pods with play kube, and support Kubernetes-style init containers. This flexibility is particularly useful for testing workloads with Podman before deploying them into Kubernetes environments.
Podman’s approach to container orchestration aligns with the industry’s shift towards Kubernetes and microservices architecture. Its compatibility with Kubernetes manifests and ease of transitioning between local development and production deployments make it an invaluable tool for DevOps professionals.
As container technology continues to evolve, Podman’s role in simplifying container management and bridging the gap between development and production is becoming increasingly important.
If you want to discuss the topic with other technology-minded people, join my Discord: https://discord.gg/YbSYGsQYES
Now we have an IRC channel as well: irc.libera.chat / #tomsitcafe
Tom's IT Cafe 