Podman Commands

21+ Podman commands developers should be aware of in [2022]

In this article will discuss the top podman command that every developer uses in their day-to-day activities. We will also explain a brief overview of the podman. To follow along, I assume you have a basic idea about how the container works. So let’s get started.

What is podman

Podman is an open-source, Linux-based tool designed to build, run and deploy containers and container images. Podman containers are OCI(Open Containers Initiative) based. Similar to Docker,podman also provides a command-line interface(CLI). Podman containers can run as root or rootless.

Now that you have a basic idea about podman, let’s explore some commonly used commands.

Podman commands

podman commands

CoreOs team developed Podman while keeping Docker in mind so that people familiar with Docker can quickly adopt podman. So all the docker commands which you are familiar with also exist in podman. As per podman creators, if you have existing scripts that run Docker, you can create a docker alias for podman, and all your scripts should work (alias docker=podman).

Before getting started with podman commands, make sure podman is installed on your machine. If not, follow this link to install podman.

Check podman version

You can check the podman version by simply running the –version.

$ podman --version
podman version 0.3.2-dev

Podman help

help print the podman usage. You can also run help by simply passing -h instead of –help

$ podman --help
NAME:
   podman - manage pods and images

USAGE:
   podman [global options] command [command options] [arguments...]

VERSION:
   0.3.2-dev

COMMANDS:
     attach           Attach to a running container
     commit           Create new image based on the changed container
     build            Build an image using instructions in a Dockerfile
     create           create but do not start a container
     diff             Inspect changes on container's file systems
     exec             Run a process in a running container
     export           Export container's filesystem contents as a tar archive
     history          Show history of a specified image
     images           list images in local storage
     import           Import a tarball to create a filesystem image
     info             display system information
     inspect          Displays the configuration of a container or image
     kill             Kill one or more running containers with a specific signal
     load             load an image from docker archive
     login            login to a container registry
     logout           logout of a container registry
     logs             Fetch the logs of a container
     mount            Mount a working container's root filesystem
     pause            Pauses all the processes in one or more containers
     ps               List containers
     port             List port mappings or a specific mapping for the container
     pull             pull an image from a registry
     push             push an image to a specified destination
     rm               podman rm will remove one or more containers from the host.  The container name or ID can be used.
                                  This does not remove images.  Running containers will not be removed without the -f option.
     rmi              removes one or more images from local storage
     run              run a command in a new container
     save             Save image to an archive
     search           search registry for image
     start            Start one or more containers
     stats            Display percentage of CPU, memory, network I/O, block I/O and PIDs for one or more containers
     stop             Stop one or more containers
     tag              Add an additional name to a local image
     top              Display the running processes of a container
     umount, unmount  Unmount a working container's root filesystem
     unpause          Unpause the processes in one or more containers
     version          Display the PODMAN Version Information
     wait             Block on one or more containers
     help, h          Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --cni-config-dir value            path of the configuration directory for CNI networks
   --config value, -c value          path of a config file detailing container server configuration options
   --conmon value                    path of the conmon binary
   --cpu-profile value               path for the cpu profiling results
   --log-level value                 log messages above specified level: debug, info, warn, error (default), fatal or panic (default: "error")
   --root value                      path to the root directory in which data, including images, is stored
   --runroot value                   path to the 'run directory' where all state information is stored
   --runtime value                   path to the OCI-compatible binary used to run containers, default is /usr/bin/runc
   --storage-driver value, -s value  select which storage driver is used to manage storage of images and containers (default is overlay)
   --storage-opt value               used to pass an option to the storage driver
   --help, -h                        show help
   --version, -v                     print the version

Podman search

The podman search command searches a registry for a matching image. The user can also specify the registry to search by prefixing the registry in the search term. More details about the podman search command can be found here.

podman search nginx
INDEX               NAME                                           DESCRIPTION                                       STARS   OFFICIAL   AUTOMATED
docker.io           docker.io/library/nginx                        Official build of Nginx.                          14865   [OK]       
docker.io           docker.io/jwilder/nginx-proxy                  Automated Nginx reverse proxy for docker con...   2029               [OK]
docker.io           docker.io/bitnami/nginx                        Bitnami nginx Docker Image                        95                 [OK]
docker.io           docker.io/nginxinc/nginx-unprivileged          Unprivileged NGINX Dockerfiles                    33                 
docker.io           docker.io/nginx/nginx-ingress                  NGINX and  NGINX Plus Ingress Controllers fo...   51                 
docker.io           docker.io/richarvey/nginx-php-fpm              Container running Nginx + PHP-FPM capable of...   814                [OK]
.....................<suppressed o/p>................................
.....................<suppressed o/p>................................                                                    
redhat.com          redhat.com/rhmap45/wildcard-proxy              RHMAP image that provides mapping and proxy ...   0                  
redhat.com          redhat.com/rhmap46/wildcard-proxy              RHMAP image that provides mapping and proxy ...   0                  
redhat.com          redhat.com/rhmap47/wildcard-proxy              RHMAP image that provides mapping and proxy ...   0                  
redhat.com          redhat.com/rhmap44/wildcard-proxy              RHMAP Docker image that provides mapping and...   0                  
redhat.com          redhat.com/rhmap43/wildcard-proxy              RHMAP Docker image that provides mapping and...   0                  
redhat.com          redhat.com/3scale-amp22/apicast-gateway        APIcast API gateway needs connection to the ...   0   

Pull command

The pull command pulls an image. It copies an image from a registry onto the local machine. Now let’s pull an Nginx image using the pull command.

$ podman pull nginx
Trying to pull docker.io/library/nginx:latest...
Getting image source signatures
Copying blob sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696
 25.89 MB / 25.89 MB [======================================================] 2s
Copying blob sha256:49f7d34d62c18a321b727d5c05120130f72d1e6b8cd0f1cec9a4cca3eee0815c
 25.35 MB / 25.35 MB [======================================================] 2s
Copying blob sha256:5f97dc5d71ab2675126dba76dbe161c839043fb3e3ccaaf58ba78b394cdd37b0
 602 B / 602 B [============================================================] 0s
Copying blob sha256:cfcd0711b93a41eb07234fa93b0c2ce39be93a71a743dd76766e67a0133163e8
 894 B / 894 B [============================================================] 0s
Copying blob sha256:be6172d7651be2625df008a2bb6cbaf2139cbf1e50ae16256791e54e8dde8449
 666 B / 666 B [============================================================] 0s
Copying blob sha256:de981387034241b38875f3151654b3bd9ef4afe396eec23dce7cb73134d2867b
 1.36 KB / 1.36 KB [========================================================] 0s
Copying config sha256:f0b8a9a541369db503ff3b9d4fa6de561b300f7363920c2bff4577c6c24c5cf6
 7.55 KB / 7.55 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
f0b8a9a541369db503ff3b9d4fa6de561b300f7363920c2bff4577c6c24c5cf

Podman images command

The podman-images command lists all images present in local storage. Let’s run the image command and see all the available images.

$ podman images
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/nginx   latest   f0b8a9a54136   3 days ago   137MB

Podman History

history command shows the history of an image. It also prints out the information about each layer present in the image.

Now let’s run the history command for the Nginx image and see the output.

$ podman history docker.io/library/nginx
ID             CREATED      CREATED BY                                      SIZE      COMMENT
f0b8a9a54136   6 days ago   /bin/sh -c #(nop) CMD ["nginx" "-g" "daemo...   0B        
<missing>      6 days ago   /bin/sh -c #(nop) STOPSIGNAL SIGQUIT            0B        
<missing>      6 days ago   /bin/sh -c #(nop) EXPOSE 80                     0B        
<missing>      6 days ago   /bin/sh -c #(nop) ENTRYPOINT ["/docker-ent...   0B        
<missing>      6 days ago   /bin/sh -c #(nop) COPY file:09a214a3e07c91...   1.393kB   
<missing>      6 days ago   /bin/sh -c #(nop) COPY file:0fd5fca330dcd6...   666B      
<missing>      6 days ago   /bin/sh -c #(nop) COPY file:0b866ff3fc1ef5...   894B      
<missing>      6 days ago   /bin/sh -c #(nop) COPY file:65504f71f5855c...   602B      
<missing>      6 days ago   /bin/sh -c set -x && addgroup --system --g...   26.58MB   
<missing>      6 days ago   /bin/sh -c #(nop) ENV PKG_RELEASE=1~buster      0B        
<missing>      6 days ago   /bin/sh -c #(nop) ENV NJS_VERSION=0.5.3         0B        
<missing>      6 days ago   /bin/sh -c #(nop) ENV NGINX_VERSION=1.19.10     0B        
<missing>      6 days ago   /bin/sh -c #(nop) LABEL maintainer=NGINX D...   0B        
<missing>      6 days ago   /bin/sh -c #(nop) CMD ["bash"]                  0B        
<missing>      6 days ago   /bin/sh -c #(nop) ADD file:7362e0e50f30ff4...   27.15MB   

Podman run command

The Podman Run command runs a process in a new container. podman run starts a process with its file system, networking, and an isolated process tree.

Let’s run an Nginx image that we pulled above. We are specifying the -d flag to run the container in the background.

–name option is used to give the container a unique name.

$ podman run -d --name=nginx-latest docker.io/library/nginx
0abe83f3df354ec6198be93f93678c0e8ae2c4582fc8b0f4fc50609fc33d101a

Podman ps command

ps command lists all the running containers. Let’s run this command and verify the output.

$ podman ps
CONTAINER ID   IMAGE                     COMMAND                                      CREATED AT                      STATUS             PORTS   NAMES
0abe83f3df35   docker.io/library/nginx   /docker-entrypoint.sh nginx -g daemon off;   2021-05-15 16:41:54 +0000 UTC   Up 5 seconds ago           nginx-latest

Podman inspect command

Inspect command displays all the configurations of a running container. It will display a container, image, volume, network, etc.

Now let’s inspect our Nginx container, which we ran above.

podman inspect nginx-latest
[
    {
        "ID": "0abe83f3df354ec6198be93f93678c0e8ae2c4582fc8b0f4fc50609fc33d101a",
        "Created": "2021-05-15T16:41:54.518393745Z",
        "Path": "/docker-entrypoint.sh",
        "Args": [
            "nginx",
            "-g",
            "daemon off;"
        ],
        "State": {
            "OciVersion": "1.0.0",
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "OOMKilled": false,
            "Dead": false,
            "Pid": 1417,
            "ExitCode": 0,
            "Error": "",
            "StartedAt": "2021-05-15T16:41:54.819867998Z",
            "FinishedAt": "0001-01-01T00:00:00Z"
.....................................................
.......................<supressed output>..............................
                "io.kubernetes.cri-o.Name": "",
                "io.kubernetes.cri-o.PrivilegedRuntime": "",
                "io.kubernetes.cri-o.ResolvPath": "",
                "io.kubernetes.cri-o.SandboxID": "",
                "io.kubernetes.cri-o.SandboxName": "",
                "io.kubernetes.cri-o.ShmPath": "",
                "io.kubernetes.cri-o.Stdin": "",
                "io.kubernetes.cri-o.StdinOnce": "",
                "io.kubernetes.cri-o.TTY": "false",
                "io.kubernetes.cri-o.TrustedSandbox": "",
                "io.kubernetes.cri-o.Volumes": ""
            },
            "StopSignal": 3
        }
    }
]

Podman check logs

The podman log command will fetch the log from a running container. Let’s try to see the logs for the Nginx container.

$ podman logs nginx-latest
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up

Podman -l command

-l command in podman signifies the last running container. Instead of passing the container name, you can use -l to check the container logs as well

$ podman logs -l
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up

Podman exec command

exec command; execute a command in a running container. The syntax for exec command is

podman exec [options] container [command [arg …]]

Now let’s use the exec command and find the content of /etc/pswd fie in the Nginx container.

$ podman exec -t 0abe83f3df35 cat /etc/passwd | head
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin

Podman kill container

Kill Command, Kill the main process in one or more containers. Let’s kill the Nginx container, which we have stated above.

$ podman kill 0abe83f3df35
d50cdb028cb98a4d9870077cc05ca80e0e33b22d20898278d12c1bbf2d791049

Podman stop command

The stop command will stop one or more running containers. Let’s run the stop command to stop the Nginx container

$ podman stop nginx-latest
0abe83f3df354ec6198be93f93678c0e8ae2c4582fc8b0f4fc50609fc33d101a

Check if the container is stopped by running the ps command

$ podman ps
$ 
$ 

Podman restart command

podman restart command restarts a container. The restart command can restart the container using its ID or name. Containers will be stopped if they are running and then restarted.

podman restart nginx-latest

Podman ps -a command

podman ps -a command shows all the stopped containers. Let’s run this command and verify the output.

$ podman ps -a
CONTAINER ID   IMAGE                     COMMAND                                      CREATED AT                      STATUS                     PORTS   NAMES
0abe83f3df35   docker.io/library/nginx   /docker-entrypoint.sh nginx -g daemon off;   2021-05-15 16:41:54 +0000 UTC   Exited (0) 7 minutes ago           nginx-latest

Podman rmi command

The podman rmi command removes the images present in the local file system. Let’s use this command to remove the Nginx image.

check available images

$ podman images
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/nginx   latest   f0b8a9a54136   3 days ago   137MB

Remove the Nginx image image

 $ podman rmi -f docker.io/library/nginx
f0b8a9a541369db503ff3b9d4fa6de561b300f7363920c2bff4577c6c24c5cf6 

Podman Networking

The network is set up automatically when using Podman as a rootless user. The container itself does not have an IP Address because, without root privileges, network association is not allowed. You will also see some other limitations.

Podman push command

The podman push command pushes an image or a repository to a registry. The syntax for the push command is

podman push [optionsimage [destination]

Before pushing the image to a private repo, makes sure to tag the image properly. Please follow this document to get detailed information about the push command.

Podman tag command

The podman tag command adds a name to a local image name. Let’s tag our Nginx image, which we pulled earlier.

$ podman ps
CONTAINER ID   IMAGE                    COMMAND                                      CREATED AT                      STATUS             PORTS   NAMES
d490a58083e2   docker.io/nginx:latest   /docker-entrypoint.sh nginx -g daemon off;   2021-05-18 16:08:36 +0000 UTC   Up 5 minutes ago           cranky_liskov
$ 
$ 
$ podman tag docker.io/nginx:latest nginx:new
$ 
$ podman images
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/nginx   latest   f0b8a9a54136   6 days ago   137MB
nginx                     new      f0b8a9a54136   6 days ago   137MB

Run an httpd container using podman.

Using the above learning, let’s pull an httpd image and verify if the container is running fine.

$ podman pull docker.io/library/httpd
Trying to pull docker.io/library/httpd:latest...
Getting image source signatures
Copying blob sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696
 25.89 MB / 25.89 MB [======================================================] 3s
Copying blob sha256:7284b4e0cc7b197edc206f815c5b24e67b9ed29abd9bbd8ae4bfdd5540bec6ec
 176 B / 176 B [============================================================] 0s
Copying blob sha256:3678b2d55ccdc6dcbe11cf1ea518ab7426ab37656d94213f637bd843dc6b6ca4
 2.67 MB / 2.67 MB [========================================================] 0s
Copying blob sha256:ab492cf0b2a4f47ba02a478521476bf00c2740f444fc658148b7dc919ed64a7f
 23.34 MB / 23.34 MB [======================================================] 2s
Copying blob sha256:991f7f97a9d859baba12204fea641d5644a2f988246e4554836825b44fcc2bcb
 298 B / 298 B [============================================================] 0s
Copying config sha256:f3cffeea581b3306a13d80b25a437f73f767b8f27afdb29393b3764b9dfaea69
 8.50 KB / 8.50 KB [========================================================] 0s
Writing manifest to image destination
Storing signatures
f3cffeea581b3306a13d80b25a437f73f767b8f27afdb29393b3764b9dfaea69
$ 
$ 
$ podman ps
$ 
$ 
$ podman images
REPOSITORY                TAG      IMAGE ID       CREATED      SIZE
docker.io/library/httpd   latest   f3cffeea581b   3 days ago   142MB
$  
$ podman run -dt -p 8080:80/tcp docker.io/library/httpd
e0dd97f9ef2fe4fd76c458cac33dfd1183da28225a6e019a0ea21f5f97aed13e

Verify the port on which the httpd container is running

$ podman ps
CONTAINER ID   IMAGE                     COMMAND            CREATED AT                      STATUS             PORTS                                        NAMES
e0dd97f9ef2f   docker.io/library/httpd   httpd-foreground   2021-05-15 17:00:08 +0000 UTC   Up 6 seconds ago   0.0.0.0:8080->80/udp, 0.0.0.0:8080->80/tcp   jolly_sammet

podman port

$ podman port e0dd97f9ef2f
80/udp -> 0.0.0.0:8080
80/tcp -> 0.0.0.0:8080

Let’s check if the container is running fine

$ curl localhost:8080
<html><body><h1>It works!</h1></body></html>

Open the browser and connect to localhost:8080

httpd container using podman

Congrats, If you get the above message, your podman container is running as expected.

Conclusion

I hope you found this article useful. We started with the basic podman command, and finally, we pulled an httpd container and verified its behavior. If you face any issues with the command, do let me know in the comment box and share this blog with your colleagues.

Happy learning:)

More to Read?

Podman vs Docker

Podman rootless

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top