How To Install Podman 4.x on CentOS 7 / RHEL 7

ComputingPost
5 min readOct 12, 2022

--

Podman (short name for Pod Manager Tool) is a daemonless container engine created to help you develop, manage, and run Open Container Initiative (OCI) containers on most Linux systems. Podman is an ultimate drop-in alternative for Docker. Podman is the default container runtime in openSUSE Kubic and Fedora CoreOS (certified Kubernetes distributions).

You can use Podman to create OCI-compliant container images using a Dockerfile and a range of commands identical to Docker Open Source Engine. An example is podman build command which performs the same task as docker build command. In other words, Podman provides a drop-in replacement for Docker Open Source Engine.

Some of the key advantages of Podman are:

  • It run containers in rootless mode — Ability to run rootless containers which are more secure, as they run without any added privileges
  • Native systemd integration — With Podman you can create systemd unit files and run containers as system services
  • No daemon required — Podman have much lower resource requirements at idle since Podman is daemonless.

Install Podman 4.x on CentOS 7 / RHEL 7

If you perform an installation of Podman on CentOS 7 / RHEL 7 from OS default repositories, an older version of the software is installed. Below is an output from a CentOS 7 Virtual Machine.

$ podman version

Version: 1.6.4

RemoteAPI Version: 1

Go Version: go1.12.12

OS/Arch: linux/amd64

In this article we are covering the installation of Podman 4.x on CentOS 7 / RHEL 7. The route to getting Podman 4.x on CentOS 7 / RHEL 7 system is by building the application from source code.

Before we can proceed, uninstall any older version of Podman in the system.

sudo yum -y remove podman

Step 1 — Install Podman 4.x build tools

Since we’re building the software from source, all the tools required must be installed. Ensure EPEL repository has been installed and is enabled in your system.

sudo yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

Update all packages on the system and perform a reboot.

sudo yum -y update

sudo reboot

Install Development tools on your CentOS 7 / RHEL 7:

sudo yum -y install "@Development Tools"

Install other dependencies by running the commands below:

sudo yum install -y curl \

gcc \

make \

device-mapper-devel \

git \

btrfs-progs-devel \

conmon \

containernetworking-plugins \

containers-common \

git \

glib2-devel \

glibc-devel \

glibc-static \

golang-github-cpuguy83-md2man \

gpgme-devel \

iptables \

libassuan-devel \

libgpg-error-devel \

libseccomp-devel \

libselinux-devel \

pkgconfig \

systemd-devel \

autoconf \

python3 \

python3-devel \

python3-pip \

yajl-devel \

libcap-devel

Wait for the installation of these dependencies to complete then proceed to step 2.

Step 2 — Install Golang on CentOS 7 / RHEL 7

Use the link shared to install Go on CentOS 7 / RHEL 7:

Checking version of Go after a successful installation:

$ go version

go version go1.19 linux/amd64

Step 3 — Install runc and conmon

Conmon is used to monitor OCI Runtimes and the package is expected installed on the system. The installation can be done using commands shared below.

cd ~

git clone https://github.com/containers/conmon

cd conmon

export GOCACHE="$(mktemp -d)"

make

sudo make podman

cd ..

Check the version after the installation.

$ conmon --version

conmon version 2.0.8

commit: f85c8b1ce77b73bcd48b2d802396321217008762

Perform the same build for runc package.

git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc

cd $GOPATH/src/github.com/opencontainers/runc

make BUILDTAGS="selinux seccomp"

sudo cp runc /usr/bin/runc

cd ~/

Use –version command option to check the version.

$ runc --version

runc version 1.1.0+dev

commit: v1.1.0-276-gbc13e33

spec: 1.0.2-dev

go: go1.19

libseccomp: 2.3.1

Step 4 — Setup CNI networking for Podman

Create /etc/containers directory used to store CNI network configuration files.

sudo mkdir -p /etc/containers

Download configuration samples and place created directory:

sudo curl -L -o /etc/containers/registries.conf https://src.fedoraproject.org/rpms/containers-common/raw/main/f/registries.conf

sudo curl -L -o /etc/containers/policy.json https://src.fedoraproject.org/rpms/containers-common/raw/main/f/default-policy.json

Step 5 — Install Podman 4.x on CentOS 7 / RHEL 7

Install wget command line utility package.

sudo yum -y install wget

Download latest release of Podman source code from Github repository.

TAG=4.1.1

rm -rf podman*

wget https://github.com/containers/podman/archive/refs/tags/v$TAG.tar.gz

Extract downloaded file using tar command:

tar xvf v$TAG.tar.gz

Navigate to podman directory and begin the build process.

cd podman*/

make BUILDTAGS="selinux seccomp"

sudo make install PREFIX=/usr

If you encounter an error below during build:

gcc errors for preamble:

In file included from vendor/github.com/proglottis/gpgme/data.go:6:0:

./go_gpgme.h:15:1: error: unknown type name 'gpgme_off_t'

extern gpgme_off_t gogpgme_data_seek(gpgme_data_t dh, gpgme_off_t offset, int whence);

^

./go_gpgme.h:15:55: error: unknown type name 'gpgme_off_t'

extern gpgme_off_t gogpgme_data_seek(gpgme_data_t dh, gpgme_off_t offset, int whence);

^



make: *** [bin/podman] Error 2

The issue is captured in Podman 4 bug issues page. Recommended quick fix is to update pgpme package.

sudo yum remove  gpgme-devel -y

sudo yum -y install https://cbs.centos.org/kojifiles/packages/gpgme/1.7.1/0.el7.centos.1/x86_64/gpgme-1.7.1-0.el7.centos.1.x86_64.rpm

sudo yum -y install https://cbs.centos.org/kojifiles/packages/gpgme/1.7.1/0.el7.centos.1/x86_64/gpgme-devel-1.7.1-0.el7.centos.1.x86_64.rpm

After update retry your build.

make BUILDTAGS="selinux seccomp"

sudo make install PREFIX=/usr

List of available build tags, feature and dependency:

Build Tag Feature Dependency apparmor apparmor support libapparmor exclude_graphdriver_btrfs exclude btrfs libbtrfs exclude_graphdriver_devicemapper exclude device-mapper libdm libdm_no_deferred_remove exclude deferred removal in libdm libdm seccomp syscall filtering libseccomp selinux selinux process and mount labeling systemd journald logging libsystemd

Add comment to override_kernel_checkconfiguration line.

sudo sed -ie 's/override_kernel_check/#override_kernel_check/g' /etc/containers/storage.conf

You can check the version of Podman 3 installed on CentOS 7 / RHEL 7 after the build.

$ podman  version

Client: Podman Engine

Version: 4.1.1

API Version: 4.1.1

Go Version: go1.19

Built: Mon Jul 11 11:30:09 2022

OS/Arch: linux/amd64

Let’s test image download using podman pull command:

$ podman pull docker.io/library/alpine:latest

Trying to pull docker.io/library/alpine:latest...

Getting image source signatures

Copying blob 2408cc74d12b done

Copying config e66264b987 done

Writing manifest to image destination

Storing signatures

e66264b98777e12192600bf9b4d663655c98a090072e1bab49e233d7531d1294

You can also run Docker Hello World container to confirm this works:

$ podman run docker.io/library/hello-world

Trying to pull docker.io/library/hello-world:latest...

Getting image source signatures

Copying blob 2db29710123e done

Copying config feb5d9fea6 done

Writing manifest to image destination

Storing signatures



Hello from Docker!

This message shows that your installation appears to be working correctly.




To generate this message, Docker took the following steps:

1. The Docker client contacted the Docker daemon.

2. The Docker daemon pulled the "hello-world" image from the Docker Hub.

(amd64)

3. The Docker daemon created a new container from that image which runs the

executable that produces the output you are currently reading.

4. The Docker daemon streamed that output to the Docker client, which sent it

to your terminal.



To try something more ambitious, you can run an Ubuntu container with:

$ docker run -it ubuntu bash



Share images, automate workflows, and more with a free Docker ID:

https://hub.docker.com/



For more examples and ideas, visit:

https://docs.docker.com/get-started/

This is a reference guide on using Podman:

--

--

ComputingPost
ComputingPost

Written by ComputingPost

ComputingPost — Linux Howtos, Tutorials, Guides, News, Tips and Tricks.

No responses yet