containers
podman-system-service and docker-compose
podman-system-service provides docker compatible API. this may be a path to full support of docker-compose with podman.
this is what works:
# apt install podman
# systemctl start podman
# apt install --no-install-recommends docker-compose
# which docker || echo "no docker installed"
no docker installed
# cat docker-compose.yml
hello-world:
image: hello-world
# docker-compose -H unix:/run/podman/podman.sock pull
pulling hello-world ... done
# docker-compose -H unix:/run/podman/podman.sock up
Creating hello_hello-world_1 ... done
hello-world_1 | Hello from Docker!
hello_hello-world_1 exited with code 0
# podman ps -a
<shows exited container>
i've verified that this works with podman 2.0.6 and docker-compose 1.25.0 on debian bullseye.
of course, one of the appeals of podman is being able to run unprivileged. partial success:
$ systemctl start --user podman
$ docker-compose -H unix:/$XDG_RUNTIME_DIR/podman/podman.sock pull
pulling hello-world ... done
$ docker-compose -H unix:/$XDG_RUNTIME_DIR/podman/podman.sock up
ERROR: ... invalid configuration, cannot specify resource limits without cgroups v2 and --cgroup-manager=systemd
the pull was successful, and the socket is working fine:
$ podman -r images
REPOSITORY TAG IMAGE ID
docker.io/library/hello-world latest bf756fb1ae65
$ podman -r run --rm -ti hello-world
Hello from Docker!
launching the system service with --cgroup-manager=systemd or --cgroup-manager=cgroupfs has no impact.
possibly related to https://github.com/containers/podman/issues/5903
eureka! running as unprivileged user is now working.
the missing link was booting the kernel with systemd.unified_cgroup_hierarchy=1
i've written up a short tutorial here: https://khimaros.com/articles/docker-compose-podman/