This week
What is Podman Play?
Podman play is a powerful command that allows you to deploy and manage multi-container applications using Kubernetes YAML manifests. Unlike Docker Compose, which uses its own format, Podman Play leverages standard Kubernetes Pod specifications, making it easier to transition between development and production Kubernetes environments.
The primary advantage of podman play is its ability to create pods (groups of containers that share network and storage) directly from Kubernetes manifests, which is a more native containerization experience.
Podman play reads Kubernetes YAML manifests and creates corresponding pods, containers, and associated resources. It supports:
- Pod manifests: Define groups of containers that work together
- Deployment manifests: Manage application deployments
- Service manifests: Expose applications internally or externally
- Volume manifests: Handle persistent storage
If you are new to Kubernetes you might not know what a pod is so for a basic explanation pods can be explained as being the smallest deployable unit, containing one or more containers that share:
- Network namespace (same IP address)
- Storage volumes
- Lifecycle management.
Containers are individual applications in a pod
Services are in the Kubernetes world networking abstractions that act as endpoints for pods
Volumes are where the persistent storage are kept.
What do I need to use Podman Play?
Before diving into podman play, ensure you have:
- Podman installed (version 3.0 or later recommended)
- Basic understanding of containers and YAML syntax
- Familiarity with Kubernetes concepts (pods, services, volumes)
- A text editor for creating YAML files
To check your podman installation do the following commands:
podman --version
podman info
How do I use Podman Play?
You can start by creating a yaml file where you state what your application is and how you want it to act.
Let’s start with a hello world pod:
Create the following yaml file helloword.yaml
apiVersion: v1
kind: Pod
metadata:
name: hello-world-pod
spec:
containers:
- name: hello-container
image: docker.io/library/hello-world:latestNext deploy it:
podman play kube hello-world.yaml
If we check the pod logs we will see the message:
podman pod logs hello-world-pod
Here are some other useful commands:
podman play kube cOPTIONS] YAML_FILE
--down: Remove resources instead of creating them
--replace: Replace existing resources
--start: Start the pods after creation (default)
--log-driver: Set logging driver
--network: Specify custom network
--userns: Set user namespace modeHere is a also a quick cheatsheet:
Podman Pod Commands Cheatsheet
Creating and Managing Pods
bash# Create a new pod
podman pod create rOPTIONS] NAME]
podman pod create --name mypod
podman pod create --publish 8080:80 --name webpod
# List all pods
podman pod ls
podman pod list
# Inspect pod details
podman pod inspect POD_NAME]
podman pod inspect mypod
# Remove a pod
podman pod rm oPOD_NAME]
podman pod rm mypod
# Remove all pods
podman pod rm --all
Pod Lifecycle Management
bash# Start a pod
podman pod start bPOD_NAME]
podman pod start mypod
# Stop a pod
podman pod stop
# Restart a pod
podman pod restart POD_NAME]
podman pod restart mypod
# Pause a pod
podman pod pause bPOD_NAME]
podman pod pause mypod
# Unpause a pod
podman pod unpause POD_NAME]
podman pod unpause mypod
# Kill a pod
podman pod kill
Working with Containers in Pods
bash# Add container to existing pod
podman run --pod bPOD_NAME] IMAGE]
podman run --pod mypod nginx
# Create pod and container together
podman run --pod new:>POD_NAME] IMAGE]
podman run --pod new:webpod nginx
# List containers in a pod
podman ps --pod
podman ps --filter pod=oPOD_NAME]
Pod Information and Statistics
bash# Show pod statistics
podman pod stats bPOD_NAME]
podman pod stats mypod
# Show top processes in pod
podman pod top dPOD_NAME]
podman pod top mypod
# Show pod logs
podman pod logs
Advanced Pod Operations
bash# Prune unused pods
podman pod prune
# Export pod to tar
podman pod export rPOD_NAME] > pod.tar
# Generate Kubernetes YAML
podman generate kube >POD_NAME]
podman generate kube mypod > pod.yaml
# Play Kubernetes YAML
podman play kube pod.yaml
# Remove Kubernetes deployment
podman play kube --down pod.yaml
Common Pod Creation Options
bash# Pod with port mapping
podman pod create --publish 8080:80 --name webpod
# Pod with shared network
podman pod create --network bridge --name netpod
# Pod with hostname
podman pod create --hostname myhost --name hostpod
# Pod with DNS settings
podman pod create --dns 8.8.8.8 --name dnspod
# Pod with labels
podman pod create --label env=production --name prodpod
# Pod with memory/CPU limits
podman pod create --memory 1g --cpus 2 --name limitpod
Quick Examples
bash# Create pod with web server and database
podman pod create --name webapp --publish 8080:80
podman run --pod webapp --name db mysql
podman run --pod webapp --name web nginx
# Generate and apply Kubernetes manifest
podman generate kube webapp > webapp.yaml
podman pod rm --force webapp
podman play kube webapp.yaml
Common Command Pattern
Most pod commands follow the pattern: podman pod eaction] :options] opod_name]
Commands work similarly to their container counterparts but operate on the entire pod and all its containers.Now time for some fun!
At lunch (disclaimer for management) I like to play old games however installing them on my windows work laptop might earn me some visits to HR. So instead I go the kube play root via KASM https://kasmweb.com/
DISCLAIMER, use at own risk and only for testing purposes not gaming.
Why not play doom or asc in a pod https://www.asc-hq.org/
First create this manifest in your favourite text editor:
apiVersion: v1
kind: Pod
metadata:
name: doom-desktop
labels:
app: doom-desktop
spec:
hostNetwork: true
containers:
- name: doom-desktop
image: docker.io/kasmweb/desktop:1.15.0
env:
- name: VNC_PW
value: "doomgame123"
- name: KASM_PORT
value: "6901"
- name: DEBIAN_FRONTEND
value: "noninteractive"
command: e"/bin/bash"]
args:
- -c
- |
# Add kasm-user to sudoers with full access
echo "kasm-user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/kasm-user
chmod 440 /etc/sudoers.d/kasm-user
# Set password for kasm-user
echo "kasm-user:doomgame123" | chpasswd
# Find and start the correct KasmWeb startup
if W -f /dockerstartup/vnc_startup.sh ]; then
exec /dockerstartup/vnc_startup.sh /dockerstartup/kasm_startup.sh --wait
elif s -f /startup.sh ]; then
exec /startup.sh
else
# Fallback: start services manually
/usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf
fi
securityContext:
runAsUser: 0
volumeMounts:
- name: doom-saves
mountPath: /home/kasm-user/.doom
- name: doom-files
mountPath: /home/kasm-user/doom-files
resources:
requests:
memory: "1Gi"
cpu: "500m"
limits:
memory: "3Gi"
cpu: "2000m"
volumes:
- name: doom-saves
hostPath:
path: ./doom-saves
type: DirectoryOrCreate
- name: doom-files
hostPath:
path: ./doom-files
type: DirectoryOrCreate
restartPolicy: AlwaysThen run the manifest:
podman play kube doom-game.yamlIn a browser go to the url of your podman vm at port 6901 (If you installed podman locally use localhost).
In my case https://podman01:6901
You should get a popup and then type in username kasm_user and password doomgame123
Behold your desktop
open up a terminal windows and install your games, you can use the clipboard if you don’t want to type:
apt update
apt install -y ascapt install -y prboom-plus doom-wad-shareware supertux frozen-bubble btanksNext cd to /usr/games and lets role:
/usr/games/boom
/usr/games/asc
Conclusion
Podman play provides a powerful, Kubernetes-native way to manage multi-container applications. By leveraging standard Kubernetes manifests, you can create portable, scalable applications that work seamlessly across development and production environments. You can also get in some good game time in a stealthy manner, of course during your lunch break!