Podman Reference

Podman (Pod Manager) is an OCI-compatible container engine that runs containers without a central daemon process. Unlike Docker, which requires a dockerd daemon running as root, Podman runs each container as a direct child process, supports rootless containers (running as a non-root user natively), and integrates with systemd for container lifecycle management. The Podman CLI is designed to be Docker-compatible, so most `docker` commands work with `podman` as a drop-in replacement.

Use `podman run -d -p 8080:80 --name web nginx:alpine`. The `-d` flag runs the container in detached (background) mode. `-p 8080:80` maps host port 8080 to container port 80. `--name web` gives the container a human-readable name for use with other commands like `podman logs web` or `podman exec -it web /bin/sh`. Use `podman ps` to verify it is running and `podman stop web` to stop it.

A Podman Pod is a group of containers that share the same network namespace, meaning they can communicate via localhost and share port mappings. This is similar to a Kubernetes Pod. Create a pod with `podman pod create --name mypod -p 8080:80`, then run containers inside it by adding `--pod mypod` to `podman run`. Pods are useful when you have tightly coupled services (e.g., an app container and a sidecar proxy) that need to share network context.

Use `podman generate systemd --name web --new --files` to generate a systemd unit file for the container named "web". The `--new` flag makes the unit file recreate the container on start rather than just starting an existing one. Copy the generated unit file to `~/.config/systemd/user/` (for rootless) or `/etc/systemd/system/` (for root), then run `systemctl --user enable container-web.service` to enable autostart. For rootless containers, also run `loginctl enable-linger $USER`.

`podman auto-update` checks all running containers that have the label `io.containers.autoupdate=registry` and pulls updated images from the registry. If a newer image is available, the container is recreated with the new image. Add the label when creating the container or in the Containerfile. When combined with systemd, create a systemd timer that runs `podman auto-update` periodically (or use the built-in `podman-auto-update.timer` on Fedora/RHEL) to enable automatic image updates without manual intervention.

Use `podman play kube deployment.yaml` to create and run containers from a Kubernetes Pod or Deployment YAML manifest. Podman supports a subset of Kubernetes YAML including Pod specs, persistent volume claims, and ConfigMaps. This is useful for local development and testing of Kubernetes workloads without a full cluster. Use `podman play kube --down deployment.yaml` to stop and remove the created resources.

Use `podman generate kube mypod > pod.yaml` to generate a Kubernetes-compatible YAML file from a running or stopped Pod. This YAML can be applied to a real Kubernetes cluster with `kubectl apply -f pod.yaml`. The generated YAML includes container specs, port mappings, and environment variables. This makes Podman a useful local development tool for building workloads that will eventually run in Kubernetes.

Yes. Install `podman-compose` (a Python tool, not part of Podman core) and use `podman-compose up -d` to start services defined in a `docker-compose.yml` file, and `podman-compose down` to stop them. Podman also supports `podman compose` (using a Docker Compose-compatible backend) in newer versions. Most Docker Compose v2 syntax is supported, though some advanced features like network aliases may behave differently.