27 lines
995 B
Plaintext
27 lines
995 B
Plaintext
podman - for running OCI-based containers in Pods
|
|
|
|
libpod provides a library for applications looking to use the
|
|
Container Pod concept popularized by Kubernetes. libpod also contains
|
|
a tool called podman for managing Pods, Containers, and Container
|
|
Images.
|
|
|
|
At a high level, the scope of libpod and podman is the following:
|
|
* Support multiple image formats including the existing Docker/OCI
|
|
image formats.
|
|
* Support for multiple means to download images including trust & image
|
|
verification.
|
|
* Container image management (managing image layers, overlay
|
|
filesystems, etc).
|
|
* Full management of container lifecycle
|
|
* Support for pods to manage groups of containers together
|
|
* Resource isolation of containers and pods.
|
|
|
|
These container runtimes can run as non-root, but require sub-uid/gid
|
|
mappings.
|
|
|
|
To run podman as a user:
|
|
|
|
echo 'user.max_user_namespaces=30111' >> /etc/sysctl.conf
|
|
echo '<YOUR_USER>:100000:65536' >> /etc/subuid
|
|
echo '<YOUR_USER>:100000:65536' >> /etc/subgid
|