Podman #5 - Pods - Rootless

We’ve already looked at .container and .network Quadlets. The next step is pods. Pods are multiple containers sharing the same localhost (network namespace), similar to how they work in Kubernetes. It’s a really handy feature.

Documentation is, as usual, a bit lacking. Googling gives you snippets and outdated examples from pre-Podman 5.x that won’t work. Here’s a working example:

Step 1: Create the Pod Quadlet

nano ~/.config/containers/systemd/podracer.pod

[Unit]
Description=It goes brrrrr

[Pod]
PublishPort=8080:80
Network=intisostrictnet.network

[Install]
WantedBy=default.target

Keep in mind that intisostrictnet.network was created in the previous post. Publishing a port from the pod is important, especially for production scenarios.

Step 2: Generate the Systemd Service

systemctl --user daemon-reload

Check if the service was created:

ls /run/user/$UID/systemd/generator/

If it isn’t there, troubleshoot using:

/usr/lib/systemd/user-generators/podman-user-generator -dryrun

Step 3: Start the Pod

systemctl --user start podracer-pod.service

Now podman pod ls will show your newly created pod.

Running podman ps -p also shows a dummy container called localhost/podman-pause. This container keeps the pod alive and is always present in the pod.

Step 4: Add Containers to the Pod

At this point, you have a rootless pod with a user-created network. You can now deploy one or more containers inside this pod, all sharing the same network namespace, just like in Kubernetes. This allows them to communicate over localhost, and you can also publish ports from the pod to your host.

podman run --rm -it --pod systemd-podracer docker.io/library/alpine:latest sh

This completes the setup of a basic rootless pod with Podman.

https://docs.podman.io/en/latest/markdown/podman-pod-create.1.html