
Developed by RedHat, Podman is a free and open-source daemonless container engine designed to be a drop-in replacement for the popular Docker runtime engine. Just like Docker, it makes it easy to build, run, deploy and share applications using container images and OCI containers ( Open Container Initiative ). Podman uses user and network namespaces and In comparison to Docker, Podman is considered more isolated and secure. Most commands in Docker will work in Podman. and so if you are familiar with running Docker commands, using podman will be such a breeze.
In this guide, we learn how to install podman on Debian 11 Bullseye.
Install Podman on Debian 11
The podman packages, libraries, and dependencies are already hosted on the official Debian repositories. Therefore you can easily install podman using the APT package manager.
First, update the package lists:
$ sudo apt update
Next, install the podman container engine as follows:
$ sudo apt install podman
When prompted to continue, type 'Y' and hit ENTER.
To verify the version of Podman installed, run:
$ podman --version

To gather more details about the podman container engine, run the command:
$ sudo podman info
You should see a flurry of output displaying intricate details such as what we have below.

Configure the Podman registries
The registry file registry.conf
is a configuration file that specifies the container registries to be used whenever you want to push or pull an image. The full path to the file is /etc/containers/registries.conf
. There are various container registries out there including Docker hub, Quay.io, RedHat, and many more.
You can view the file using your text editor as shown
# sudo /etc/containers/registries.conf
In Docker, the only container registry is Docker Hub. Podman offers users more freedom to search and pull images from any registry. You can define the list of container registries by adding the following line.
unqualified-search-registries = [ 'registry.access.redhat.com', 'registry.redhat.io', 'docker.io']
When running the podman search
or podman pull
command, podman will contact these registries beginning with the first one in that order. Save the changes and exit the file.
Searching images
Before pulling container images, its prudent to search for their availability across various registries.
For example
$ sudo podman search nginx

The output presents you with a wealth of information including The registry name, Image name, and a brief description.
Logging into a registry
Before you start pulling or pushing images, you need to log in to a registry. In the example below, I am logging into my Redhat account which, in effect, gives me access to the registry.
$ sudo podman login registry.access.redhat.com

To logout of the registry, run the command:
$ sudo podman logout registry.access.redhat.com
Pulling an image
To pull an image, use the syntax:
$ sudo podman pull image_name
For example, to pull the Official build images of Nginx, run the command:
$ sudo podman pull docker.io/library/nginx

Let's try to pull another image. We will pull the Offical MongoDB image as follows.
$ sudo podman pull docker.io/library/mongo

Listing an image
To list all the images, issue the command.
$ sudo podman images

Create a container from an image
Now that we have our images residing on the Debian system, we can launch a container using the syntax shown. The -d option runs the container in the background and the --name
option specifies a custom name for the container
$ sudo podman run -d --name container_name image
For example, to launch a container in the background called webserv1 from the Nginx image, run the command:
$ sudo podman run -d --name webserv1 docker.io/library/nginx
You can launch multiple containers from the same image. Let us launch another container called webserv2 from the same Nginx image.
$ sudo podman run -d --name webserv2 docker.io/library/nginx

Listing containers
In this section, we will look at various commands that you can use with containers.
To check the containers that are currently running issue the command:
$ sudo podman ps
The output is presented in columns that provide information such as Container ID, IMAGE name, the command running the container, date of creation, and status.

To list all the containers including the ones that have exited run:
$ sudo podman ps -a
Stopping a container
To stop a container, use the syntax
$ sudo podman stop CONTAINER_ID
OR
$ sudo podman stop container_name
In the example, below, I have stopped the first container listed using its container ID
$ sudo podman stop 9daeaabdfdfc
You can verify that the container has been stopped using the podman ps
command. We can clearly see that after stopping the image, we only have 1 image running.

The podman ps -a
command will list both containers which comprise the container that was just stopped.
$ sudo podman ps -a

Starting a container
To start a container use the syntax:
$ sudo podman start CONTAINER_ID
OR
$ sudo podman start container_name
For example, to start webserv1, run:
$ sudo podman start webserv1

Access the shell of a container
Accessing the shell of a container is best demonstrated with a container of an Operating system.
Here, we are going to download or pull an Ubuntu image:
$ sudo podman pull docker.io/library/ubuntu
From the image, we will create or launch a container and gain access to the shell using the -it
option.
$ sudo podman run --name ubuntu -it docker.io/library/ubuntu /bin/bash

- -i, –interactive Keep STDIN open even if not attached
- -t, –tty Allocate a pseudo-TTY. The default is false
Check the logs of a container
To check the logs of a container use the syntax:
$ sudo podman logs container_name
For example:
$ sudo podman logs webserv2

Show container statistics
To display the statistics of all the running containers, run:
$ sudo podman stats

Inspect a container
To print out intricate details about a container, use the inspect option:
$ sudo podman inspect webserv2
This prints out a long output in JSON format.

Use the --format option to filter the output. For example to print out the IP address of the webserv2 container run
$ sudo podman inspect webserv2 --format '{{.NetworkSettings.IPAddress}}'
You can then perform additional information the IP, for example using curl to retrieve HTTP headers.
$ curl -I ip-address

Deleting a container
To remove or delete a container completely, first stop the container, in case it is running, and finally remove it. In this example, we have stopped and removed the websev1 container.
$ sudo podman stop webserv1
Then remove the stopped container.
$ sudo podman rm webserv1

Removing an image
To remove an image, first, ensure that you have stopped and removed all the containers that were launched from the image. Next, use the rmi
option as shown.
$ sudo podman rmi image_name
For example, to remove the ubuntu Image, run the command:
$ sudo podman rmi docker.io/library/ubuntu

Install latest Podman - Compile from source
You can test the latest version of Podman by installing the development version from the source.
01. Build and Run Dependencies
sudo apt-get install \
btrfs-progs \
git \
golang-go \
go-md2man \
iptables \
libassuan-dev \
libbtrfs-dev \
libc6-dev \
libdevmapper-dev \
libglib2.0-dev \
libgpgme-dev \
libgpg-error-dev \
libprotobuf-dev \
libprotobuf-c-dev \
libseccomp-dev \
libselinux1-dev \
libsystemd-dev \
pkg-config \
runc \
make \
libapparmor-dev \
gcc \
cmake \
uidmap \
libostree-dev
02. Install Conmon
The conmon is the container monitor which is a small C Program that’s job is to watch the primary process of the container.
git clone https://github.com/containers/conmon
cd conmon
make
sudo make podman
sudo cp /usr/local/libexec/podman/conmon /usr/local/bin/
03. Install runc
To install the latest version of runc
git clone https://github.com/opencontainers/runc.git $GOPATH/src/github.com/opencontainers/runc
cd $GOPATH/src/github.com/opencontainers/runc
make BUILDTAGS="selinux seccomp"
sudo cp runc /usr/bin/runc
03. Install Container Network Interface (CNI)
The CNI plugin is used to insert a network interface into the container network namespace.
git clone https://github.com/containernetworking/plugins.git $GOPATH/src/github.com/containernetworking/plugins
cd $GOPATH/src/github.com/containernetworking/plugins
./build_linux.sh
sudo mkdir -p /usr/libexec/cni
sudo cp bin/* /usr/libexec/cni
Setup the network
sudo mkdir -p /etc/cni/net.d
curl -qsSL https://raw.githubusercontent.com/containers/libpod/master/cni/87-podman-bridge.conflist | sudo tee /etc/cni/net.d/99-loopback.conf
Add the configuration
sudo mkdir -p /etc/containers
sudo curl -L -o /etc/containers/registries.conf https://src.fedoraproject.org/rpms/containers-common/raw/main/f/registries.conf
sudo curl -L -o /etc/containers/policy.json https://src.fedoraproject.org/rpms/containers-common/raw/main/f/default-policy.json
04. Install Podman from Source
git clone https://github.com/containers/podman/ $GOPATH/src/github.com/containers/podman
cd $GOPATH/src/github.com/containers/podman
make
sudo make install
$ podman --version
podman version 4.0.0-dev
Conclusion
We hope that we have provided a solid foundation on your journey towards becoming better a pro in using podman to create and manage containers. This guide walked you through the installation of podman on Debian 11 Buster.
Great article! I have a question... The default version of podman on Debian 11 is 3.0.1. Is there any possibility to upgrade the podman version or will the integrated debian package be updated automatically at some time? Podman in its latest version has a lot of more benefits than version 3.0.1 for example better support for podman compose in version 3.2. Therefore I am interested in upgrading it to the latest version on Debian...
Hi Dennis,
Repo mostly won't be updated with the latest version, take some time. You can compile podman from the source for testing the latest features.