Skip to content

Containers - Docker, podman et al.


This wiki entry is incomplete and is under construction.

Yet another blog post on containers? Why?

  1. Because I write for myself first, so that I can understand stuff better and come back to refer it in future.
  2. It is so easy to get lost in the the “container” ecosystem with a lot of acronyms and confusing naming schemes. I want to aggregate all information up to date as of writing.
  3. Attempt to see past the hype and give practical examples that makes it obvious.

Containers != Docker

Containers != Virtual machines

Containers are an abstraction that is better than that is provided by a "process" in Linux and more flexible and efficient than that provided by a virtual machine running its own redundant kernel.

Lets pick one tool - podman and try to run some containers and see what they can do.

Podman primer

Podman is a container management tool that replaces Docker by overcoming a few common shortcomings. Podman allows you to run containers without needing a daemon process owned by root or needing to be a root user. For our intent to learn the basics of containers, treat podman == docker.


Run it!

podman run -it ubuntu:latest
-i stands for interactive mode - to give you a shell once this container is started.

-t stands for tty - to give you a pseudo tty.

The ^ command would try to find the ubuntu:latest image locally, since it is not present, pulls it from one of the available container registries and then runs it. It then connects the user to the shell inside the container.

Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
d51af753c3d3: Pull complete 
fc878cd0a91c: Pull complete 
6154df8ff988: Pull complete 
fee5db0ff82f: Pull complete 
Digest: sha256:747d2dbbaaee995098c9792d99bd333c6783ce56150d1b11e333bbceed5c54d7
Status: Downloaded newer image for ubuntu:latest

root@c3a7172fb543:/# uname -a     
Linux c3a7172fb543 4.19.76-linuxkit #1 SMP Fri Apr 3 15:53:26 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Lovely. We just run our first container.


Containers are ephemeral by default. Whatever we run in this root shell in the container will be lost when the container is stopped and restarted.

But, why?

The idea is to treat containers like cattle rather than pets. Always start new containers if you need something changed. Treat your infrastructure as code.

Container basic operations

Action Command
Run an interactive container podman run -it ubuntu:latest
Run a container in foreground podman run hello-world
Run a container in background podman run -d hello-world
Show running containers podman ps
Show containerID of recently ran container podman ps -lq
View logs of a container podman logs <container ID>
Stop a container
Kill a container
Show all containers(incl stopped)
Give container a name
Rename a container
Inspecting the configuration of a container
Execute a command inside a container
podman run hello-world

Run it as a daemon(background)

podman run -d hello-world

Show running containers

 podman ps
podman ps -lq
-lq shows the container ID of the last container that was started(useful for scripting purposes)

View logs of a container

podman logs 299b36c035e196ea8d4244fb05a10990aaa437edeac581a956ad869222b4fad2

Hello from Docker!

STOP a container

Kill a container

Show all your containers - even stopped ones

Give your container a name

Renaming your container

Inspecting the configuration of a container

Execute a command inside a container

Container crashed! What now?

Export a container filesystem to local

That was a controlled operation of containers using an images that we pulled from a registry like dockerhub. Lets understand how to work with images.


List all images

Search for images

Pull an image to the host

Image tags

Interactively build an image

configuratively build an image with Dockerfile

Since this is important, lets understand using Dockerfiles in detail.








Mapping directories to containers

Multi-stage builds

Container registry

Transporting containers

A deeper dive


Logging and observability

A group of containers