Back to Details

podman

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Podman

Podman

Rootless container management compatible with Docker commands.
兼容Docker命令的无根容器管理工具。

Container Management

容器管理

Basic Lifecycle

基础生命周期管理

bash
undefined
bash
undefined

Run a container (detached)

运行容器(后台模式)

podman run -d --name my-app alpine sleep 1000
podman run -d --name my-app alpine sleep 1000

List running containers

列出运行中的容器

podman ps
podman ps

List all containers (including stopped ones)

列出所有容器(包括已停止的)

podman ps -a
podman ps -a

Stop and remove a container

停止并删除容器

podman stop my-app podman rm my-app
podman stop my-app podman rm my-app

Inspect container details

查看容器详细信息

podman inspect my-app
undefined
podman inspect my-app
undefined

Logs and Execution

日志与命令执行

bash
undefined
bash
undefined

View container logs (non-interactive)

查看容器日志(非交互模式)

podman logs my-app
podman logs my-app

Execute a command in a running container

在运行中的容器内执行命令

podman exec my-app ls /app
undefined
podman exec my-app ls /app
undefined

Image Management

镜像管理

bash
undefined
bash
undefined

Pull an image

拉取镜像

podman pull alpine:latest
podman pull alpine:latest

List local images

列出本地镜像

podman images
podman images

Build an image from a Containerfile (or Dockerfile)

从Containerfile(或Dockerfile)构建镜像

podman build -t my-custom-image .
podman build -t my-custom-image .

Remove an image

删除镜像

podman rmi my-custom-image
undefined
podman rmi my-custom-image
undefined

Pods (Unique to Podman)

Pod(Podman独有功能)

Pods allow grouping multiple containers together so they share the same network namespace (localhost).
bash
undefined
Pod可以将多个容器分组在一起,使它们共享同一个网络命名空间(localhost)。
bash
undefined

Create a pod

创建Pod

podman pod create --name my-stack -p 8080:80
podman pod create --name my-stack -p 8080:80

Run a container inside a pod

在Pod内运行容器

podman run -d --pod my-stack --name nginx nginx
podman run -d --pod my-stack --name nginx nginx

List pods

列出Pod

podman pod ps
undefined
podman pod ps
undefined

Maintenance and Cleanup

维护与清理

bash
undefined
bash
undefined

Remove all stopped containers, unused networks, and dangling images

删除所有已停止的容器、未使用的网络和悬空镜像

podman system prune -f
podman system prune -f

Show disk usage by containers/images

查看容器/镜像的磁盘占用

podman system df
undefined
podman system df
undefined

Headless / Non-Interactive Tips

无头/非交互模式技巧

  • Force Flag: Use 
    -f
    or 
    --force
    with 
    rm
    , 
    rmi
    , and 
    prune
    to avoid confirmation prompts.
  • Detached Mode: Always use 
    -d
    for long-running services to prevent the command from hanging. For interactive sessions, use: 
    tmux new -d 'podman run -it --name my-app alpine sh'
  • Rootless: Podman runs in rootless mode by default for the current user. Ensure subuid/subgid are configured if running complex workloads.
  • Docker Compatibility: Most 
    docker
    commands can be prefixed with 
    podman
    instead.
  • 强制标志:在
    rm
    rmi
    prune
    命令中使用
    -f
    --force
    参数,跳过确认提示。
  • 后台模式:对于长期运行的服务,始终使用
    -d
    参数避免命令挂起。如需交互式会话,可使用:
    tmux new -d 'podman run -it --name my-app alpine sh'
  • 无根模式:Podman默认以当前用户的无根模式运行。如果运行复杂工作负载,请确保已配置subuid/subgid。
  • Docker兼容性:大多数
    docker
    命令只需将前缀替换为
    podman
    即可使用。

Networking

网络管理

bash
undefined
bash
undefined

Create a network

创建网络

podman network create my-network
podman network create my-network

Run container on a network

在指定网络上运行容器

podman run --network my-network --name web nginx
podman run --network my-network --name web nginx

Connect existing container to network

将现有容器连接到网络

podman network connect my-network web
podman network connect my-network web

List networks

列出网络

podman network ls
podman network ls

Inspect network

查看网络详细信息

podman network inspect my-network
undefined
podman network inspect my-network
undefined

Secrets Management

密钥管理

bash
undefined
bash
undefined

Create a secret

创建密钥

echo "my-secret-value" | podman secret create my-secret -
echo "my-secret-value" | podman secret create my-secret -

List secrets

列出密钥

podman secret ls
podman secret ls

Use secret in container

在容器中使用密钥

podman run --secret my-secret,type=env,target=MY_SECRET alpine env
undefined
podman run --secret my-secret,type=env,target=MY_SECRET alpine env
undefined

Health Checks

健康检查

bash
undefined
bash
undefined

Run container with health check

运行带健康检查的容器

podman run -d --health-cmd "curl -f http://localhost/ || exit 1"
--health-interval 30s --health-retries 3
--name web nginx
podman run -d --health-cmd "curl -f http://localhost/ || exit 1"
--health-interval 30s --health-retries 3
--name web nginx

Check health status

检查健康状态

podman inspect web | grep -A 10 "Health"
undefined
podman inspect web | grep -A 10 "Health"
undefined

Auto Updates

自动更新

bash
undefined
bash
undefined

Run container with auto-update policy

运行带自动更新策略的容器

podman run -d --label "io.containers.autoupdate=registry"
--name web nginx
podman run -d --label "io.containers.autoupdate=registry"
--name web nginx

Check for updates

检查更新

podman auto-update
podman auto-update

Apply updates

应用更新

podman auto-update --dry-run=false
undefined
podman auto-update --dry-run=false
undefined

Systemd Integration (Quadlet)

Systemd集成(Quadlet)

Podman can generate systemd service files for containers:
bash
undefined
Podman可以为容器生成systemd服务文件:
bash
undefined

Create a .container file

创建.container文件

cat > ~/.config/containers/systemd/my-app.container << EOF [Container] Image=nginx:latest PublishPort=8080:80 EOF
cat > ~/.config/containers/systemd/my-app.container << EOF [Container] Image=nginx:latest PublishPort=8080:80 EOF

Generate systemd service

生成systemd服务

podman generate systemd --new --files --name my-app
podman generate systemd --new --files --name my-app

Enable and start

启用并启动服务

systemctl --user enable --now container-my-app.service
undefined
systemctl --user enable --now container-my-app.service
undefined

Docker Compose Compatibility

Docker Compose兼容

bash
undefined
bash
undefined

Native podman compose support

Podman原生支持compose

podman compose up -d podman compose down podman compose logs
podman compose up -d podman compose down podman compose logs

Or use podman-compose (third-party tool)

或使用第三方工具podman-compose

pip install podman-compose podman-compose up -d
undefined
pip install podman-compose podman-compose up -d
undefined

Kubernetes Integration

Kubernetes集成

bash
undefined
bash
undefined

Generate Kubernetes YAML from container/pod

从容器/Pod生成Kubernetes YAML文件

podman generate kube my-pod > pod.yaml
podman generate kube my-pod > pod.yaml

Play Kubernetes YAML

运行Kubernetes YAML

podman kube play pod.yaml
podman kube play pod.yaml

Stop and remove Kubernetes resources

停止并移除Kubernetes资源

podman kube down pod.yaml
undefined
podman kube down pod.yaml
undefined

Remote Builds (Farm)

远程构建(Farm)

bash
undefined
bash
undefined

Farm out builds to remote machines

将构建任务分发到远程机器

podman farm build -t myimage .
podman farm build -t myimage .

List configured farms

列出已配置的Farm

podman farm list
undefined
podman farm list
undefined

Artifact Management

制品管理

bash
undefined
bash
undefined

Push OCI artifacts

推送OCI制品

podman artifact push myartifact.tar oci://registry.example.com/artifact
podman artifact push myartifact.tar oci://registry.example.com/artifact

Pull OCI artifacts

拉取OCI制品

podman artifact pull oci://registry.example.com/artifact
undefined
podman artifact pull oci://registry.example.com/artifact
undefined

Related Skills

相关技能

  • tmux: Run containers in background sessions
  • nix: Alternative reproducible environments
  • tmux:在后台会话中运行容器
  • nix:可替代的可复现环境