A decade ago, when containers were the hot new thing in town, learning about them required lots of command typing on the terminal. These days, thanks to tools like Podman Desktop, the task is oh so much simpler than ever. In this article we’re going to learn some common container technology concepts, using the visual user interface of Podman Desktop to help us during the process.
Prerequisites
The first thing we need is, of course, to install Podman Desktop. On the website’s download page you will see versions for Windows (Intel and ARM), macOS (Intel and Apple Silicon), and Linux. On the website, at the moment, you can only download Linux builds of Podman Desktop for Intel machines, but there are Linux ARM builds ready for download via Flatpak, as explained in this issue on GitHub.
If you are familiar with executing commands on a terminal, the easiest way to get Podman Desktop is using the package manager of choice for your own platform:
flatpak install flathub io.podman_desktop.PodmanDesktop # Linux
brew install podman-desktop # macOS
winget install -e --id RedHat.Podman-Desktop # Windows
Podman Desktop works great on any computer, including most business laptops. You don’t need a super expensive computer to go through the contents of this article. This tutorial was prepared with version 1.13.3 of Podman Desktop.
For this tutorial I would also recommend you install Visual Studio Code, so that we can clone some code and edit some text files. This application is also freely available for Windows, macOS, and Linux.
Finally, some knowledge requirements: I’m not going to explain what Git is, so if you’re curious, you might want to read my article about the subject.
Tips and Tricks
Before we learn about containers, I suggest a few configuration options on Podman Desktop to make our life easier:
- Launch Podman Desktop.
- Click on the “Settings” icon at the bottom left of the main window, and select “Preferences” and “Appearance”. Set the zoom level to 2 if the fonts on screen are too small for you (they were for me, at least!)
- In the “Editor” screen, increase the font size to 14.
- In the “Exit on Close” screen, disable the feature (so that Podman Desktop will not shut down when you close the window, but will remain running, minimized in the “tray” of your operating system.)
- In the “Terminal” screen, increase again the font size to 14.
And now we’re ready to begin.
Images and Containers
The two most important concepts in container technology, and those that usually are most confusing to beginners, are those of “Images” and “Containers”, which in this tutorial will always appear capitalized.
To put it in simple terms, “Images” are templates, stored on disk, that are used to generate “Containers”. On the other hand, Containers are the running instances of Images, and you can create and run many containers out of the same image.
On the user interface of Podman Desktop we have separate sections for Images and Containers, as shown in the pictures below.
And as expected, when you first run Podman Desktop, they are empty.
Images
There are two ways to get images onto Podman Desktop: downloading, or building.
Pulling
Downloading an image is called “Pulling”, and the Images section of Podman Desktop has a button precisely with that name. Click it and enter the following text in the field “Image to Pull”:
registry.gitlab.com/vshn/applications/fortune-perl:latest
Click the “Pull image” button and watch Podman Desktop download an Image to your machine.
Now you will see your Image on the “Images” screen of Podman Desktop:
But from where are those Images pulled, anyway? Images are stored in “Registries”, which are special websites where users can upload (“Push”) Images to share with their colleagues, or download (“Pull”) Images created by other users. There are many well-known Registries available where you can pull containers from, and push containers to:
- Docker Hub, at hub.docker.com.
- Quay, at quay.io.
- GitHub has its own since 2020.
- Red Hat OpenShift is a Kubernetes distribution that includes a built-in container registry.
- Amazon Web Services offers its Elastic Container Registry.
- Sonatype has its own, called Nexus.
- There is an open-source registry called Harbor that you can install on your own cloud or hardware.
- And as we’ve seen above, GitLab offers an optional Registry per project. That’s where we’ve pulled our Image from.
Building
The second way to add Images to your Podman Desktop is by building them from scratch. Building an Image requires a special type of text file, usually named “Dockerfile” or “Containerfile”, the latter option becoming more and more popular lately.
Let’s use Podman Desktop to build an image for us. First, open Visual Studio Code and select the third item on the toolbar at the left, called “Source Control”. Click the button labeled “Clone Repository” and enter the value below:
https://gitlab.com/vshn/applications/fortune-perl.git
Select a folder on your computer to store the project, and click the “Select as Repository Destination” button on the dialog. Then, when prompted, select to “Open” the newly cloned repository.
Open the file called Dockerfile
, and you should see something similar to the image below:
The Dockerfile
contains all the information required to build a new Image:
- The “base Image” (in this case,
scottw/alpine-perl:5.32.0
) - A certain number of dependencies we need for our application.
- The code of our app (in this case, a program written in the Perl programming language).
- An HTTP port to expose our program to the outer world (8080).
- A non-root user (“1001”) to run the code.
- And the command that effectively launches the application.
# <1>
FROM scottw/alpine-perl:5.32.0
# <2>
RUN apk add fortune
RUN curl -L https://cpanmin.us | perl - -M https://cpan.metacpan.org -n Mojolicious
# <3>
WORKDIR /app
COPY main.pl /app/main.pl
COPY templates /app/templates
# <4>
EXPOSE 8080
# <5>
USER 1001:0
# <6>
CMD ["/bin/sh", "-c", "morbo /app/main.pl --listen http://0.0.0.0:8080"]
Let us build the image with Podman Desktop. In the “Images” section, click the “Build” button on the top right. Then browse for the Dockerfile in the “fortune-perl” project you cloned previously, and enter the name “tutorial-test” in the corresponding field.
Click the “Build” button and wait a few seconds.
Once this is done, click again the “Images” button on the toolbar on the left of the user interface of Podman Desktop, and you will see… 3 images!
But why 3? Well, in order to build our “tutorial-test” Image, we needed to pull another Image: the “base Image” we mentioned previously. Our Image simply extended that base Image with our custom application.
What’s in an Image?
Images seem to be complex and mysterious things, but they are not; let us click on the “three-dot-menu” at the far right end of the line representing our newly built image “tutorial-test”, and select the “Save Image” menu item.
Specify a location, and click the “Save Images” button. You will end up with a file called tutorial-test.tar
on whatever location you chose. That is a “tape archive” (TAR) file, very common on Linux, and which can be natively opened also on macOS. Windows users should use an application like 7-Zip or WinZip to open it.
In my particular case, the contents of the TAR file look like this after being extracted:
1d6307f1dd3a44cf1fb5a857106e9c2bfce272bbf8cd6e341c0c0ed9371a5b1f
6a37694ddf90aa1a48bc264db8ccf7dcbc78770f3425b6796d2fc04d450a2d91
7a7d347b1fa4a5fbc8e1934450c51c292cd0a8ab2fb6f45e033b2293dcb2ea67
7c8ba494afe1d99d89de1fc6c4c117a4d395947ef4ec23b7610ad616e761fcdd
ac9f2f697aafd69660673bfcc6bbeea5eb9bece363cf3ea0b4c4fad52ab95411
c9eceabff55e6592fda1b3ceb22561afd396ed87756d2f5e343750744b44f453
c548c4733e5c3ae36e2536cf2bb88601a130ad6b7ebd15b160be329c033d1d7d
df31d1a9a1cbfed867c78a331c2851a6cc4889a40104dd481c7bd62cccaeeab1
eefed186ea1918bc7e349061f01094ffa4f5458b23730a6b0f292b409f070278
efe80bc7296e5cf80142ae5b4b33f406458273f715a5b0454f775a7c73e99050
4da0387169e2bf5b7f0ac94455dc0651715f70b3d53229b2ed8c03670e46ff5c.tar
72bb7ab8c1e6828f2cb64658e18eaaa931b417fc5f88c82ecbd83c67674a829c.tar
95c3016785d89397f9dd490a1018e9ecf7c319d1ba8f94441eef824c2888dd22.tar
8274a4e133a62b7dddfdfe085cc740fc2923c608555014e3b6b300aae9323450.tar
414029eff607312d6451710b6d554c676519c8b690083246e29c40d5fff7c68f.tar
4799287ff2e2603e0658ca2bf93c045f7d7b1632653acf5b9fbb34db61fd86e0.tar
a81a52cc7931524b20329556bcda6a0c27fe96a322992e2fe4803ee85b460331.tar
adbb35ab049e1eb1d1d81cbe24305d0a965c3fe93c6c9a296a53525c9cc9f86e.tar
b53d7faf55ef69137c8c8394a5fbd4087b13d3aafd0f1eafd9f1f93f4873a415.tar
d9e7379124148a73a10a4c15ab18c56cf9f4d68ec5688cc1ff131f8fdb774441.json
f4666769fca7a1db532e3de298ca87f7e3124f74d17e1937d1127cb17058fead.tar
manifest.json
repositories
The first 10 entries are folders, each containing three files: json
, VERSION
, and layer.tar
, the latter being a symlink to one of the TAR files that appear below the TAR files.
And what about those TAR files inside the TAR file, precisely? Each one of them represents a “layer”, and roughly you can say that for each command on the Dockerfile, you will have one layer on your Image, and hence, one TAR file on the final image.
By the way, the filenames aren’t random; they are the cryptographic hash of their contents, which ensures their uniqueness, and that prevents unnecessary downloads from a Registry, since if Podman Desktop already has a particular layer, you don’t need to re-download it again. Smart, huh?
Containers
The final, and most important thing we’re going to learn today, is how to run an Image, or, in other words, to create a Container out of it. Remember: a Container is a running instance of an Image, the same way a process is a running instance of an executable on your hard disk.
It’s very easy to create a Container using Podman Desktop: just click the “Play” button (with the shape of a triangle) on the right side of the Image name, and you will see the dialog below.
This screen allows you to configure the settings of the Container you’re about to create; in our case, just select the default values and click the “Start Container” button at the bottom.
You will be taken to the “Container” tab of Podman Desktop, where you will see a new container name. This name is entirely random, and sometimes very funny, too.
If you click again on the “Container” button of the toolbar you will jump to the list of Containers, a screen that was previously empty.
This Container exposes port 8080 (remember the Dockerfile
?) so just open a browser window and navigate to localhost:8080 to see your application running, and interact with it.
When you’re done, you can stop the container using the small square button, and you can delete it using the trash button.
What is in a Container?
Just like with Images, you can export the contents of a Container selecting the three-dot-menu on the right of the container, and choosing the “Export Container” option. Select a location, and you’ll get a TAR file with the contents of your container.
If you open it, however, you won’t see any layers, but an actual Linux file system!
app bin dev etc home lib media mnt opt
proc root run sbin srv sys tmp usr var
The difference with the standard Linux file system in our case is the app
folder… which attentive readers will remember being explicitly mentioned on the Dockerfile:
# <3>
WORKDIR /app
COPY main.pl /app/main.pl
COPY templates /app/templates
Exporting a Container like this is a common debugging technique used by software developers to find errors in their Containers.
Conclusion
And there you have it! Now you know the major differences between Images and Containers, and you also know what they are made of. The knowledge of Containers and Images is the basis of most Cloud Native technologies, including Kubernetes and OpenShift.
Containers can be used not only to package web applications, just like we did in this tutorial, but any kind of executable! Check out my article “Reusing Apps Between Teams and Environments Through Containers” to learn exactly how you can use them to share code with your team.
A few weeks ago, Red Hat donated Podman and Podman Desktop, together with many other container-related utilities (bootc, Buildah, Composefs, and Skopeo) to the Cloud Native Computing Foundation (CNCF).
Finally, if you enjoyed using Podman Desktop, you also might want to try podman-tui, a Podman terminal UI for your command line.
You can learn more about Kubernetes in my article “Kubernetes for Non-Technical Readers” in this blog, and about OpenShift in my OpenShift Guide and my “Learning OpenShift” course on LinkedIn Learning.