Support Podman

[m4r1k]

Is your feature request related to a problem? Please describe. Today Harbor requires Docker and docker-compose for installations and upgrades.

https://github.com/goharbor/harbor/blob/master/make/common.sh#L78-L130 https://github.com/goharbor/harbor/blob/master/README.md#install--run

Red Hat has deprecated and removed Docker since RHEL8 :-( https://access.redhat.com/solutions/3696691

While Docker (the company) is still shipping CE and EE binaries for RHEL, the lack of official support from Red Hat may be a source of conflict.

This proposal is to support also Podman as a container Engine. This is not only in favor of Red Hat but more generally of the added security features of Podman. http://people.redhat.com/abach/OSAW/FILES/DAY1/5%20Moving%20on%20from%20Docker.pdf

Describe the solution you'd like Since Podman 3.0, docker-compose is fully supported https://www.redhat.com/sysadmin/podman-docker-compose

Perhaps the logic at check_docker in common.sh could be reworked to also support Podman

Describe the main design/architecture of your solution Podman supports docker alias but using Podman CLI would be best. The idea would be to first rework the logic in check_docker verifying whether Docker is present and meet the minimum version and same story to Podman.

Describe the development plan you've considered Assuming the proposal is acceptable, I can work on a prototype solution and have something available in a few weeks (the logic isn't that hard but perhaps there are all sort of documentation references to update)

[mohag]

Kubernetes works fine, there is no need to use docker-compose or docker...

[bitsf]

you can help submit a PR to fix this, we don't have such environment to test

[m4r1k]

On hold due to CentOS 8 Stream issue with lack of CAP_PERFMON https://bugzilla.redhat.com/show_bug.cgi?id=1946982

[m-yosefpor]

For docker-compose part, this project can also be used directly: https://github.com/containers/podman-compose , it does not need any additional podman-docker-compose setup.

[goshansp]

@m4r1k my target is also rhel8 but i am currently working on fedora34. using podman-3.3.1-1.fc34.x86_64 / podman-3.3.1-1.fc34.x86_64 i got ./install.sh to execute without error and containers spin up. docker version checks commented, renamed docker-compose to podman-compose, setenforce 0 and delete pg-database directory because permission issue. now see nginx: [emerg] bind() to 0.0.0.0:8080 failed (98: Unknown error) and suspect all 8080's sitting on the same interface as pods share net by design. remapping docker-compose.yml and env variables to use non-colliding portnumbers may do the trick. better suggestions?

[bpereto]

related pull request https://github.com/goharbor/harbor/pull/15986

[github-actions[bot]]

This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.

[leonidas-o]

What about this, at least as first step until more resources are available for an official podman support? https://github.com/goharbor/harbor/pull/15986#issuecomment-1301461025

[holgrrr]

Would also be much in favor of additional podman support, due to the need to run this in an RHEL-based HPC environment with no additional K8s infrastructure to deploy Harbor on.

[ijustworkhereshrug]

I was able to get it almost working with just Podman and docker-compose-plugin.

After creating needed folders and removing the version checks, it errors out on the logger. Podman doesn't support the rsyslog logger, so I modified the installation scripts, before runtime, to utilize the systemd logger. Unfortunately, the containers appear to rely heavily on rsyslog.

Therefore, I'm sure it's quite involved to utilize a different logger

[leonidas-o]

@ijustworkhereshrug yeah well, that's what I said in the following comment and asked for making the logger configurable: https://github.com/goharbor/harbor/pull/15986#issuecomment-1301461025