website/content/blog/rootless-docker-compose-podman.md

80 lines
2.3 KiB
Markdown
Raw Permalink Normal View History

2022-01-29 20:31:27 -05:00
---
2023-02-18 13:12:02 -05:00
date: 2022-01-29 20:21:11-05:00
2022-01-29 20:31:27 -05:00
draft: false
math: false
2023-01-05 14:04:45 -05:00
medium_enabled: true
2023-02-18 13:12:02 -05:00
medium_post_id: d31b7e2a688c
tags:
- Containers
title: Rootless Docker-Compose with Podman
2022-01-29 20:31:27 -05:00
---
2024-05-09 22:24:49 -04:00
*Note: Nowadays, I prefer to use [Quadlets](/blog/migrating-docker-compose-podman-quadlets/)*
2022-01-29 20:31:27 -05:00
One of the benefits of Podman over Docker is that it can run daemon-less and without root. However, `docker-compose` is by far my favorite way to create and maintain containers. Luckily, the Podman folks emulated the Docker CLI so that `docker-compose` works well with Podman!
To install:
```bash
sudo dnf install -y podman podman-docker docker-compose
```
We can then emulate the docker socket rootless with the following commands:
```bash
systemctl --user enable podman.socket
systemctl --user start podman.socket
```
At this point, we'll want to see if the daemon acts as expected
```bash
curl -H "Content-Type: application/json" \
--unix-socket /var/run/user/$UID/podman/podman.sock \
http://localhost/_ping
```
This should return `OK`. We then need to create an environmental variable to tell docker compose where the emulated docker socket lives.
```bash
export DOCKER_HOST=unix:///run/user/$UID/podman/podman.sock
```
To have this environmental variable persistent across reboots, add the above line to the user's `.bash_profile`.
2024-02-02 15:00:51 -05:00
You'll need a configuration file `docker-compose.yml` defined. Here is a sample one that spins up an image updating service. Replace `$UID` with your user id which you can get from running `id -u` in the terminal.[^1]
2022-01-29 20:31:27 -05:00
```yaml
version: "3.3"
services:
watchtower:
image: docker.io/containrrr/watchtower
container_name: watchtower
hostname: watchtower
environment:
PUID: 1000
PGID: 1000
TZ: US/Eastern
volumes:
2024-02-02 15:00:51 -05:00
- /var/run/user/$UID/podman/podman.sock:/var/run/docker.sock:ro
2022-01-29 20:31:27 -05:00
restart: always
```
2022-11-27 15:14:41 -05:00
If you want to add to add more volumes to the container, make sure it has the appropriate SELinux label if
2024-02-02 15:00:51 -05:00
you're using a distribution with it enabled.[^2]
2022-11-27 15:14:41 -05:00
```bash
chcon -t container_file_t -R X
```
where `X` is the volume you wish to mount.
2022-01-29 20:31:27 -05:00
Now we can run `docker-compose`!
```bash
docker-compose ps
```
2022-11-27 15:14:41 -05:00
2024-02-02 15:20:50 -05:00
[^1]: Thanks to Ian Evans for sending in a correction to the volumes declaration.
2024-02-02 15:00:51 -05:00
[^2]: https://bugzilla.redhat.com/show_bug.cgi?id=2125878