Ubuntu 24.04LTS へ Podman & Podman Compose をインストールする
コンテナを利用するには Docker が広く利用されていますが、Docker には幾つかの問題があり、それらを解消した代替手段として Podman などが開発されています。 今回は Ubuntu 24.04LTS へ Podman をインストールする手順をメモしておきます。 Ubuntu へのインストール方法は公式サイトの Podman Installation Instructions の Ubuntu セクション に記載されています。 と言っても Podman は Ubuntu の標準リポジトリで提供されている為、apt でインストールするだけです。
また、Docker Compose と同じ位置付けとして Podman Compose もインストールします。
Podman¶
まず Podman をインストールします。
インストール可能なバージョン¶
現時点でインストール可能なバージョンは 4.9.3 でした。
# apt info podman
Package: podman
Version: 4.9.3+ds1-1build2
Built-Using: conmon (= 2.1.10+ds1-1build2), containerd (= 1.6.24~ds1-1ubuntu1), docker-registry (= 2.8.2+ds1-1build1), docker.io (= 20.10.25+dfsg1-2ubuntu1), go-containerregistry (= 0.14.0+ds1-2), golang-1.22 (= 1.22.1-1build1), golang-dbus (= 5.1.0-1), golang-fsnotify (= 1.7.0-1), golang-github-acarl005-stripansi (= 0.0~git20180116.5a71ef0-3), golang-github-aead-serpent (= 0.1-2), golang-github-appc-cni (= 1.1.2-1), golang-github-blang-semver (= 4.0.0-1), golang-github-buger-goterm (= 0.0+git20181115.c206103-3), golang-github-cespare-xxhash (= 2.1.1-2), golang-github-checkpoint-restore-checkpointctl (= 0.1.0+ds1-2), golang-github-checkpoint-restore-go-criu (= 6.3.0+ds1-2), golang-github-chzyer-readline (= 1.4.39.g2972be2-3), golang-github-cilium-ebpf (= 0.11.0-2), golang-github-container-orchestrated-devices-container-device-interface (= 0.6.2-2), golang-github-containerd-stargz-snapshotter (= 0.12.0-2build1), golang-github-containernetworking-plugins (= 1.1.1+ds1-3build1), golang-github-containers-buildah (= 1.33.5+ds1-4build2), golang-github-containers-common (= 0.57.4+ds1-2), golang-github-containers-gvisor-tap-vsocks (= 0.7.2+ds1-1), golang-github-containers-image (= 5.29.2-2), golang-github-containers-libtrust (= 0.0~git20230121.c1716e8-2), golang-github-containers-luksy (= 0.0~git20231017.6a3592c+ds1-1), golang-github-containers-ocicrypt (= 1.1.9-1), golang-github-containers-psgo (= 1.7.1+ds1-1), golang-github-containers-storage (= 1.51.0+ds1-2), golang-github-coreos-bbolt (= 1.3.8-1), golang-github-coreos-go-systemd (= 22.5.0-1), golang-github-coreos-stream-metadata-go (= 0.4.3-3), golang-github-cyphar-filepath-securejoin (= 0.2.3-1), golang-github-davecgh-go-spew (= 1.1.1-3), golang-github-digitalocean-go-libvirt (= 0.0~git20240220.fcabe97-1), golang-github-digitalocean-go-qemu (= 0.0~git20230711.2e3d018-1), golang-github-disiqueira-gotree (= 3.0.2-2), golang-github-docker-docker-credential-helpers (= 0.6.4+ds1-1build4), golang-github-docker-go-connections (= 0.4.0-4), golang-github-docker-go-plugins-helpers (= 0.20211224-3), golang-github-docker-go-units (= 0.4.0-4), golang-github-felixge-httpsnoop (= 1.0.3-3), golang-github-fsouza-go-dockerclient (= 1.8.1-1), golang-github-fullsailor-pkcs7 (= 0.0~git20210826.33d0574-2), golang-github-golang-protobuf-1-5 (= 1.5.3-1), golang-github-google-go-intervals (= 0.0.2-2), golang-github-google-gofuzz (= 1.2.0-1), golang-github-google-shlex (= 0.0~git20191202.e7afc7f-1), golang-github-google-uuid (= 1.6.0-1), golang-github-gorilla-handlers (= 1.5.2-1), golang-github-gorilla-mux (= 1.8.1-1), golang-github-gorilla-schema (= 1.2.0-2), golang-github-hashicorp-errwrap (= 1.1.0-1), golang-github-hashicorp-go-cleanhttp (= 0.5.2-1), golang-github-hashicorp-go-multierror (= 1.1.1-2), golang-github-hashicorp-go-retryablehttp (= 0.7.1-1), golang-github-jinzhu-copier (= 0.3.2-2), golang-github-json-iterator-go (= 1.1.12-2), golang-github-klauspost-compress (= 1.17.7+ds1-1), golang-github-klauspost-pgzip (= 1.2.6-1), golang-github-kr-fs (= 0.1.0-2), golang-github-manifoldco-promptui (= 0.9.0-1), golang-github-mattn-go-runewidth (= 0.0.15-2), golang-github-mattn-go-shellwords (= 1.0.12-1), golang-github-mattn-go-sqlite3 (= 1.14.19~ds1-1), golang-github-mdlayher-socket (= 0.5.0-2), golang-github-mdlayher-vsock (= 1.2.1-2), golang-github-miekg-pkcs11 (= 1.0.3+dfsg1-2), golang-github-moby-sys (= 0.0~git20231105.a4e0878-1), golang-github-moby-term (= 0.0~git20230502.9c3c875-1), golang-github-modern-go-concurrent (= 1.0.3-1.1), golang-github-modern-go-reflect2 (= 1.0.2-2), golang-github-morikuni-aec (= 1.0.0-3), golang-github-nxadm-tail (= 1.4.5+ds1-5), golang-github-opencontainers-go-digest (= 1.0.0-2), golang-github-opencontainers-image-spec (= 1.1.0~rc5-1), golang-github-opencontainers-runtime-tools (= 0.9.0.109.ge931285-1), golang-github-opencontainers-selinux (= 1.11.0+ds1-2), golang-github-opencontainers-specs (= 1.1.0-1), golang-github-openshift-imagebuilder (= 1.2.5+ds1-3), golang-github-pkg-errors (= 0.9.1-3), golang-github-pkg-sftp (= 1.13.6-1), golang-github-pmezard-go-difflib (= 1.0.0-3), golang-github-proglottis-gpgme (= 0.1.1-2), golang-github-rivo-uniseg (= 0.4.4-1), golang-github-secure-systems-lab-go-securesystemslib (= 0.8.0-2), golang-github-shirou-gopsutil (= 3.24.1-1ubuntu1), golang-github-sigstore-sigstore (= 1.8.0-2), golang-github-spf13-cobra (= 1.8.0-1), golang-github-spf13-pflag (= 1.0.6~git20210604-d5e0c0615ace-1), golang-github-stefanberger-go-pkcs11uri (= 0.0~git20201008.78d3cae-2), golang-github-sylabs-sif (= 2.8.3-2build1), golang-github-tklauser-go-sysconf (= 0.3.11-1), golang-github-tklauser-numcpus (= 0.3.0-2), golang-github-ulikunitz-xz (= 0.5.6-2), golang-github-vbatts-tar-split (= 0.11.2+ds1-1build1), golang-github-vbauerster-mpb (= 8.6.1-3), golang-github-vishvananda-netlink (= 1.1.0.125.gf243826-4), golang-github-vishvananda-netns (= 0.0~git20211101.5004558-1), golang-github-vividcortex-ewma (= 1.1.1-2), golang-go-patricia (= 2.3.1-1), golang-go-zfs (= 3.0.0-1), golang-go.crypto (= 1:0.19.0-1), golang-gocapability-dev (= 0.0+git20200815.42c35b4-2), golang-gogoprotobuf (= 1.3.2-3build1), golang-golang-x-exp (= 0.0~git20231006.7918f67-1), golang-golang-x-mod (= 0.15.0-1), golang-golang-x-net (= 1:0.21.0+dfsg-1), golang-golang-x-sync (= 0.6.0-1), golang-golang-x-sys (= 0.17.0-1), golang-golang-x-term (= 0.17.0-1), golang-golang-x-text (= 0.14.0-2), golang-google-genproto (= 0.0~git20200413.b5235f6-3), golang-google-grpc (= 1.38.0+really1.33.3-1build1), golang-google-protobuf (= 1.32.0-1), golang-gopkg-inf.v0 (= 0.9.1-2), golang-gopkg-square-go-jose.v2 (= 2.6.0-2), golang-gopkg-tomb.v1 (= 0.0~git20141024.0.dd63297-8), golang-gopkg-yaml.v3 (= 3.0.1-3), golang-k8s-sigs-yaml (= 1.3.0-1), golang-logrus (= 1.9.0-1), golang-toml (= 1.3.2-2), golang-yaml.v2 (= 2.4.0-4), rootlesskit (= 1.1.1-1build1), runc (= 1.1.12+ds1-1ubuntu1)
Priority: optional
Section: universe/admin
Source: libpod
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 43.6 MB
Depends: conmon, crun | runc, golang-github-containers-common, libc6 (>= 2.38), libdevmapper1.02.1 (>= 2:1.02.97), libgpgme11t64 (>= 1.4.1), libseccomp2 (>= 2.5.0), libsqlite3-0 (>= 3.36.0), libsubid4 (>= 1:4.11.1)
Recommends: buildah (>= 1.31), catatonit | tini | dumb-init, dbus-user-session, passt, slirp4netns, uidmap
Suggests: containers-storage, docker-compose, iptables
Homepage: https://github.com/containers/podman
Download-Size: 13.4 MB
APT-Sources: http://archive.ubuntu.com/ubuntu noble/universe amd64 Packages
Description: tool to manage containers and pods
Podman (the POD MANager) is a tool for managing containers and images, volumes
mounted into those containers, and pods made from groups of containers.
.
At a high level, the scope of Podman and libpod is the following:
* Support for multiple container image formats, including OCI and Docker
images.
* Full management of those images, including pulling from various sources
(including trust and verification), creating (built via Containerfile or
Dockerfile or committed from a container), and pushing to registries and
other storage backends.
* Full management of container lifecycle, including creation (both from an
image and from an exploded root filesystem), running, checkpointing and
restoring (via CRIU), and removal.
* Full management of container networking, using Netavark.
* Support for pods, groups of containers that share resources and are managed
together.
* Support for running containers and pods without root or other elevated
privileges.
* Resource isolation of containers and pods.
* Support for a Docker-compatible CLI interface, which can both run
containers locally and on remote systems.
* No manager daemon, for improved security and lower resource utilization at
idle.
* Support for a REST API providing both a Docker-compatible interface and an
improved interface exposing advanced Podman functionality.
* Support for running on Windows and Mac via virtual machines run by podman
machine.
.
Podman is a daemon-less alternative to Docker.
インストール¶
apt でインストールします。
apt update
apt -y install podman
/usr/bin/podman へバージョン 4.9.3 がインストールされました。
# which podman
/usr/bin/podman
# podman --version
podman version 4.9.3
使い方¶
Podman を利用する際のサブコマンドですが、基本的なものは Docker とほぼ互換です。詳細は公式ページの Commands に記載されています。
Podman Compose¶
続けて Podman Compose を利用出来るようにします。
インストール¶
podman-compose は Python で書かれた CLI ツールですので、pipx で管理します。 その為、まず pipx を apt でインストールしておきます。 その後、pipx で podman-compose をインストールします。
apt -y install pipx
pipx install podman-compose
実際の pipx によるインストール例は以下の通りです。
# pipx install podman-compose
installed package podman-compose 1.0.6, installed using Python 3.12.3
These apps are now globally available
- podman-compose
⚠️ Note: '/root/.local/bin' is not on your PATH environment variable. These apps will not be
globally accessible until your PATH is updated. Run `pipx ensurepath` to automatically add it,
or manually modify your PATH in your shell's config file (i.e. ~/.bashrc).
done! ✨ 🌟 ✨
パスの設定¶
pipx のインストール完了したら pipx ensurepath を実行してパスを通しておきます。
pipx ensurepath
実行例は以下の通りです。
# pipx ensurepath
Success! Added /root/.local/bin to the PATH environment variable.
Consider adding shell completions for pipx. Run 'pipx completions' for instructions.
You will need to open a new terminal or re-login for the PATH changes to take effect.
Otherwise pipx is ready to go! ✨ 🌟 ✨
使い方¶
基本的な使い方は docker-compose と同じです。 今回は以下の内容で docker-compose.yml ファイルを新規作成しました。
1 2 3 | |
今回は podman-compose up して、コンテナを起動してみます。
# podman-compose up
podman-compose version: 1.0.6
['podman', '--version', '']
using podman version: 4.9.3
** excluding: set()
['podman', 'ps', '--filter', 'label=io.podman.compose.project=test', '-a', '--format', '{{ index .Labels "io.podman.compose.config-hash"}}']
['podman', 'network', 'exists', 'test_default']
['podman', 'network', 'create', '--label', 'io.podman.compose.project=test', '--label', 'com.docker.compose.project=test', 'test_default']
['podman', 'network', 'exists', 'test_default']
podman create --name=test_hello_1 --label io.podman.compose.config-hash=6c3713ac6a17ab32961119b030571046dcfa91b29c150e1ebdae1318723916c7 --label io.podman.compose.project=test --label io.podman.compose.version=1.0.6 --label PODMAN_SYSTEMD_UNIT=podman-compose@test.service --label com.docker.compose.project=test --label com.docker.compose.project.working_dir=/root/test --label com.docker.compose.project.config_files=docker-compose.yml --label com.docker.compose.container-number=1 --label com.docker.compose.service=hello --net test_default --network-alias hello hello-world:latest
Resolved "hello-world" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/hello-world:latest...
Getting image source signatures
Copying blob c1ec31eb5944 done |
Copying config d2c94e258d done |
Writing manifest to image destination
88b1c6bed18c39c0e87f86b526843ba5572bc1739fa5be1cee653fb63ed90022
exit code: 0
podman start -a test_hello_1
[hello] |
[hello] | Hello from Docker!
[hello] | This message shows that your installation appears to be working correctly.
[hello] |
[hello] | To generate this message, Docker took the following steps:
[hello] | 1. The Docker client contacted the Docker daemon.
[hello] | 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
[hello] | (amd64)
[hello] | 3. The Docker daemon created a new container from that image which runs the
[hello] | executable that produces the output you are currently reading.
[hello] | 4. The Docker daemon streamed that output to the Docker client, which sent it
[hello] | to your terminal.
[hello] |
[hello] | To try something more ambitious, you can run an Ubuntu container with:
[hello] | $ docker run -it ubuntu bash
[hello] |
[hello] | Share images, automate workflows, and more with a free Docker ID:
[hello] | https://hub.docker.com/
[hello] |
[hello] | For more examples and ideas, visit:
[hello] | https://docs.docker.com/get-started/
[hello] |
exit code: 0
参考¶
# podman-compose --help
podman-compose version: 1.0.6
usage: podman-compose [-h] [-v] [--in-pod in_pod] [--pod-args pod_args] [--env-file env_file]
[-f file] [-p PROJECT_NAME] [--podman-path PODMAN_PATH] [--podman-args args]
[--podman-pull-args args] [--podman-push-args args] [--podman-build-args args]
[--podman-inspect-args args] [--podman-run-args args]
[--podman-start-args args] [--podman-stop-args args] [--podman-rm-args args]
[--podman-volume-args args] [--no-ansi] [--no-cleanup] [--dry-run]
{help,version,wait,systemd,pull,push,build,up,down,ps,run,exec,start,stop,restart,logs,config,port,pause,unpause,kill}
...
options:
-h, --help show this help message and exit
-v, --version show version
--in-pod in_pod pod creation
--pod-args pod_args custom arguments to be passed to `podman pod`
--env-file env_file Specify an alternate environment file
-f file, --file file Specify an alternate compose file (default: docker-compose.yml)
-p PROJECT_NAME, --project-name PROJECT_NAME
Specify an alternate project name (default: directory name)
--podman-path PODMAN_PATH
Specify an alternate path to podman (default: use location in $PATH variable)
--podman-args args custom global arguments to be passed to `podman`
--podman-pull-args args
custom arguments to be passed to `podman pull`
--podman-push-args args
custom arguments to be passed to `podman push`
--podman-build-args args
custom arguments to be passed to `podman build`
--podman-inspect-args args
custom arguments to be passed to `podman inspect`
--podman-run-args args
custom arguments to be passed to `podman run`
--podman-start-args args
custom arguments to be passed to `podman start`
--podman-stop-args args
custom arguments to be passed to `podman stop`
--podman-rm-args args
custom arguments to be passed to `podman rm`
--podman-volume-args args
custom arguments to be passed to `podman volume`
--no-ansi Do not print ANSI control characters
--no-cleanup Do not stop and remove existing pod & containers
--dry-run No action; perform a simulation of commands
command:
{help,version,wait,systemd,pull,push,build,up,down,ps,run,exec,start,stop,restart,logs,config,port,pause,unpause,kill}
help show help
version show version
wait wait running containers to stop
systemd create systemd unit file and register its compose stacks
When first installed type `sudo podman-compose systemd -a create-unit`
later you can add a compose stack by running `podman-compose systemd -a register`
then you can start/stop your stack with `systemctl --user start podman-compose@<PROJ>`
pull pull stack images
push push stack images
build build stack images
up Create and start the entire stack or some of its services
down tear down entire stack
ps show status of containers
run create a container similar to a service to run a one-off command
exec execute a command in a running container
start start specific services
stop stop specific services
restart restart specific services
logs show logs from services
config displays the compose file
port Prints the public port for a port binding.
pause Pause all running containers
unpause Unpause all running containers
kill Kill one or more running containers with a specific signal