Podman

[00:00:00]
>> So let's try Podman now. We're gonna move on from Buildah into Podman. Which is the next section here. So now I want to run this container and I want it to expose port 3000 just like I was doing Docker run node web service, right? So here, you'll notice that podman is also installed on this particular container.

[00:00:24]
But if you need to install it, I left you instructions on how to do that as well. So what I'm going to do here is I'm going to say podman run, this one you have to give it a cgroup manager, right? For the control groups because it doesn't necessarily have one by default.

[00:00:39]
Whereas Docker does, so I'm gonna say cgroup-manager, cgroupfs. And then I'm gonna tell it -p 3000:3000, which is going to expose that port for us. And then I'm gonna tell it to look on localhost/my-app-buildah. Otherwise if I don't tell it the local host part, it's gonna go out and try and find on Docker Hub or something like that.

[00:01:11]
Okay and then this will have Podman execute this container for us. And there you go. You can see that this is now running. If I click here, Open Link And there you go. This is running our node service inside of that Buildah container, which I exposed that port.

[00:01:31]
And then Podman is actually the one executing that container within the Docker container. I recognize that there's a lot of levels to this, right? Which is kind of the nature of the beast, sorry. I'm not telling you that Buildah and Podman are any better than Docker. I'm not telling you that Docker is any better than Buildah and Podman.

[00:01:49]
There are various different use cases where one might be better for you. And keep in mind that there's more than just Buildah and Podman and Docker. There's also things like Rocket, right, Rocket's another one that does similar things. And it's from CoreOS and it works really well. There's a bunch of different engines for containers.

[00:02:09]
If you're just getting starting out, which I'm guessing you are, if you're watching this course, I'd recommend sticking to Docker. The nice thing about Docker is it's been around for so long and there's so many people using it that you can Google for anything and it's going to be on the Internet.

[00:02:21]
Someone else is going to have your problem and it's gonna be able to be fixed, right? Whereas Buildah and Podman, one, they're still quite new. So they're still changing a lot. And there's just not as much documentation out there for it. So keep that in mind when you're choosing.

[00:02:41]
So something else that's pretty cool, that I think is pretty cool. You can actually use Buildah, so just pretend for a second that I was on a Linux computer or I was here in WSL or something like that. I can actually have Buildah push into my Docker registry, my local one.

[00:02:59]
And then I can use Docker to execute the Buildah container which is really cool too. So again, those things work really well together side by side. So I actually left the command in there. If you're working with Linux, and I'll show you here. Down here in Podman. So if you ran this and you had Docker on the same level, right, this wouldn't work in my Mac OS one right now because it's within a container.

[00:03:26]
So it actually can't see Docker. If I say buildah push localhost/my-app-buildah docker-daemon-my-app-buildah:latest. This would actually push it into my Docker container. I think what you need to do is you need to expose the Docker daemon inside of the container. So I'm gonna exit out of this. We've gotta make this even more complicated.

[00:03:55]
We're gonna say -v /var/run/docker.sock :/var/run/docker.sock. Okay, now I should be able to come here and say, Back here in Buildah cuz I killed all the the registry that it had. So I have to rebuild the buildah container. So I'm gonna say buildah, bud -f ./Dockerfile Where am I?

[00:04:49]
I have to be inside of a source. Okay, buildah bud -f ./Dockerfile -t my-app-buildah.. Okay, that'll build my Docker container. And now, I actually realize that I gave it a volume. So it actually did keep this between runs. But nonetheless, okay, that should all work. That's all stored.

[00:05:34]
And then here, it should work if I say, buildah push, right, cuz we can push it out to a registry. Localhost/my-app-buildah, so I'm pushing that container. And we're going to push it to the docker-dae:my app-buildah:latest. So now because I opened that connection, that bind mount between my Docker host and into the container.

[00:06:15]
Now Buildah can actually push out of the container into my local Docker registry of Docker desktop running. And then I'm going to be able to execute this buildah container outside of the inside of the host with Docker. So what you see here this is actually it copying the container, out of the container and into Docker.

[00:06:45]
This isn't going to the network, right, this is just staying within my container. So now I should be able to say, docker run, and notice this is just inside of my MAC, right, I'm not inside of the container now. -it my-app-buildah bash and here you go. I am now inside of the container running Docker that I built with Buildah and same thing here.

[00:07:18]
If I say my-app-buildah and I say -p 3000:3000. This should execute my node. Something's already bound on that. So let's just say 3001. So now if I come over here and say local host 3001. Now I'm actually running the node server that I built with the Buildah tool chain, but I'm using Docker to do it.

[00:07:59]
So this is kind of proving my point that Buildah does not build Docker containers it builts OCI containers, right? But they both work interchangeably. And I could build a Docker container. And I could use Podman to execute that as well. So that's pretty cool. I did not expect that to work.

[00:08:17]
I'm gonna re-emphasize the point that someone might ask, why would I use Buildah and Podman over a Docker right now? And I think the real strongest reason is to not use Docker. And some people might have strong opinions of why they would not wanna use Docker. I don't necessarily know what they are.

[00:08:35]
But it does encourage healthy competition to use some of these competitors and not be locked into one ecosystem. So,not that I think Docker are bad people, I think actually they're doing really great things and they're good members of the community so.