Podman Networking

podman(1) has different approaches to networking depending on whether the containers are run by root.

Contents

  1. Podman Networking
    1. Networks
      1. Custom Networks
    2. Communication
      1. From Host To Container
      2. Between Containers
    3. Pods

Networks

The default networking behavior of podman(1) is configured by /usr/share/containers/libpod.conf and /etc/containers/libpod.conf. Local configurations should be made to the latter only.

All networks, including the default network, are installed to /etc/cni/net.d/.

Non-root containers always use the default network and never have their own IP address.

Custom Networks

To create a new network, try: 

sudo podman network create my-net

A container can be created on a custom network by specifying the --network option. 

sudo podman run --detach --name my-nginx \
  --network=my-net \
  nginx:latest

A running container can be attached to a custom network like: 

sudo podman network connect my-net my-nginx

To list the currently-configured networks, try: 

sudo podman network ls

To destroy a network, try: 

sudo podman network rm my-net

Communication

From Host To Container

Containers listen on an ephemeral host port. To discover the the port number, try: 

sudo podman port my-container
sudo podman port --all

Between Containers

Within a network, root containers can communicate with one another using their LAN IP addresses. To discover the IP of a container, try: 

sudo podman inspect --format "{{.NetworkSettings.IPAddress}}" my-container

Beyond this singular case, communication between any two containers would require discovering the ephemeral port numbers and establishing iptables routing rules between them.

Pods

See here.

CategoryRicottone

Podman/Networking (last edited 2023-04-06 15:21:54 by DominicRicottone)