Podman

Installation

Install podman

sudo dnf install -y podman

Compatibility with Docker

Install podman-docker

sudo dnf install -y podman-docker

Install single binary docker-compose

curl -SL https://github.com/docker/compose/releases/download/v2.36.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose

Make it executable

sudo chmod +x /usr/local/bin/docker-compose

Enable podman socket

systemctl --user --now enable podman.socket

Find your podman socket address

podman info | rg remote -A2

Set DOCKER_HOST environment variable

export DOCKER_HOST=unix:///run/user/1000/podman/podman.sock

You'll need to set the DOCKER_HOST variable each time you open a new terminal, or just add it to your .bashrc file.

Notes on Docker Compose with WSL

If you're running docker-compose and find an error like netavark (exit code 1): nftables error: "nft" did not return successfully while applying ruleset it' likely because limitation in how nftables operates in WSL.

To fix this, switch podman to use iptables as firewall driver.

Install iptables

sudo dnf install -y iptables

Open or create /etc/containers/containers.conf, and add the following:

[network]
firewall_driver="iptables"

Running Podman in the Background

For containers you want to keep running, podman has systemd integration called Quadlet.

Example for a browserless container:

Create a systemd service file in ~/.config/containers/systemd/browserless.container

[Unit]
Description=Browserless

[Container]
Image=ghcr.io/browserless/chrome:v2.27.0
PublishPort=3000:3000
AutoUpdate=registry
PodmanArgs=--memory=1g --cpus=0.8

[Service]
Restart=always

[Install]
WantedBy=default.target

Reload systemd

systemctl --user daemon-reload

Start and enable the service

systemctl --user start browserless.service
systemctl --user enable browserless.service

Check status

systemctl --user status browserless.service

We have to enable the linger for our user to start the containers without the user being logged in:

loginctl enable-linger $USER

Podman Auto-Update

The AutoUpdate=registry option helps update images automatically, but you still need to run:

podman auto-update

You can set up a cronjob to run this command regularly.

Useful Resources

• Install the standalone Docker Compose
• Container life cycle management in Edge deployments
• Going from containers to pods to Kubernetes
• Quadlet
• Setting up container registries
• Leaving the Dock
• Manage linger
• Quadlet and Inlets
• Containerized services on a home server