blog: Podman and Docker Rootless in DDEV, fixes #453 #476
Conversation
|
🌐 Fork Preview for PR #476 https://pr-476.ddev-com-fork-previews.pages.dev This preview updates automatically when you push changes to your fork. |
stasadev
force-pushed
the
20251122_stasadev_podman
branch
2 times, most recently
from
4eb31c6 to
5dc0225
Compare
|
Just starting on this... Since this will come out before v1.25.0, it should mention the v1.25.0 or HEAD requirement to test, right? |
rfay
left a comment
rfay
left a comment
There was a problem hiding this comment.
Here's my first visit. Congrats on this milestone.
As mentioned, this should probably discourage people from using these options unless they know they need them. Early on it should have a link to normal setup and say "You don't need this unless you think you want it :) "
Now I'll experiment with the various options.
| - [Mounting a volume with rootless always assigns ownership to root](https://github.com/moby/moby/issues/45919) | ||
| - [Add ability to mount volume as user other than root](https://github.com/moby/moby/issues/2259) | ||
|
|
||
| The `root` user inside the container maps to your host user, but many services will not run as root: |
There was a problem hiding this comment.
It's interesting that this is the same classic problem we've had with Docker Desktop for Linux and for a time with virtiofs.
rfay
left a comment
rfay
left a comment
There was a problem hiding this comment.
Another comment: One reason people have often requested podman is the belief that it was the only open-source alternative to Docker Desktop. We should clear that up in here, pointing out the there are several other fully open source alternatives on every platform.
|
This and docs probably need a compatibility table showing all the options and what works etc. |
|
I'm not sure if you already have this in there, but the inability to bind to default ports 80/443 is a pretty significant liability for a web developer. |
|
Just tried installing rootless podman in a isolated WSL Ubuntu environment: I got a warning "Problem with your Docker provider: installed Podman version 4.9.3 is not supported, please update to version 5.0 or newer." But it seem Ubuntu old has older versions available(?) $ sudo nala search podman
...
podman 4.9.3+ds1-1ubuntu0.2 [Ubuntu/noble universe]
└── tool to manage containers and podsInstall Podman Desktop on windows got a "current" version though: ❯ podman -v
podman version 5.7.0 |
stasadev
force-pushed
the
20251122_stasadev_podman
branch
2 times, most recently
from
4dd642a to
ae5ec1b
Compare
Summary of Changes from Original Version
Content that was shortened or removed
Overall Impact
|
rfay
force-pushed
the
20251122_stasadev_podman
branch
from
bba5f65 to
ac6fe7e
Compare
rfay
left a comment
rfay
left a comment
There was a problem hiding this comment.
I think this should either be targeted at the v1.25.0 release, or alternately promote it earlier and try to get some people to use HEAD.
It's looking good, I added some more suggestions.
Now I'll try some more manual testing.
rfay
left a comment
rfay
left a comment
There was a problem hiding this comment.
I got it working fine on macOS and will use it for a while for daily use.
I didn't succeed with Fedora 43. The /mnt/ddev_config was always mounted as root and couldn't be copied at startup time.
I imagine this was something I did wrong.
stasadev
force-pushed
the
20251122_stasadev_podman
branch
from
920e6f0 to
ef39216
Compare
|
I edited the blog:
I'm not sure that macOS instructions are correct. |
rfay
left a comment
rfay
left a comment
There was a problem hiding this comment.
I tested on podman rootless and docker rootless, Ubuntu 25.10, WSL2 ARM64 and everything went OK. Minor comments. Congrats on all this.
| podman system reset | ||
| ``` | ||
|
|
||
| This removes all existing containers, images, and volumes (similar to `docker system prune -a`). |
There was a problem hiding this comment.
After podman system reset I was no longer able to docker ps (but after reboot I could)
rfay@ub2510:~/workspace/ddev.com$ podman system reset
WARNING! This will remove:
- all containers
- all pods
- all images
- all networks
- all build cache
- all machines
- all volumes
- the graphRoot directory: "/home/rfay/.local/share/containers/storage"
- the runRoot directory: "/run/user/1000/containers"
Are you sure you want to continue? [y/N] y
A "/home/rfay/.config/containers/storage.conf" config file exists.
Remove this file if you did not modify the configuration.
There was a problem hiding this comment.
I tested it on Arch Linux, and docker ps worked fine without reboot after podman system reset.
but after reboot I could
Maybe this command can help to do it without reboot:
systemctl --user restart podman.socket
|
I updated the instructions for macOS: https://pr-476.ddev-com-fork-previews.pages.dev/blog/podman-and-docker-rootless/#macos |
stasadev
force-pushed
the
20251122_stasadev_podman
branch
from
8d9c3b2 to
9d0ab90
Compare
stasadev
force-pushed
the
20251122_stasadev_podman
branch
2 times, most recently
from
2c48e2e to
aa3fbf5
Compare
Co-authored-by: Randy Fay <[email protected]>
Co-authored-by: Randy Fay <[email protected]>
Co-authored-by: Randy Fay <[email protected]>
stasadev
force-pushed
the
20251122_stasadev_podman
branch
from
01ed945 to
742ee23
Compare
3 participants
The Issue
How This PR Solves The Issue
Adds a blog.
Manual Testing Instructions
https://pr-476.ddev-com-fork-previews.pages.dev/blog/podman-and-docker-rootless/
Automated Testing Overview
Related Issue Link(s)
Release/Deployment Notes