Podman Networking
podman(1) has different approaches to networking depending on whether the containers are run by root.
Networks
The default networking behavior of podman(1) is configured by /usr/share/containers/libpod.conf and /etc/containers/libpod.conf. Local configurations should be made to the latter only.
All networks, including the default network, are installed to /etc/cni/net.d/.
Non-root containers always use the default network and never have their own IP address.
Custom Networks
To create a new network, try:
sudo podman network create my-net
A container can be created on a custom network by specifying the --network option.
sudo podman run --detach --name my-nginx \ --network=my-net \ nginx:latest
A running container can be attached to a custom network like:
sudo podman network connect my-net my-nginx
To list the currently-configured networks, try:
sudo podman network ls
And to destroy a network, try:
sudo podman network rm my-net
Communication
Containers listen on an ephemeral host port. To discover the the port number, try:
sudo podman port my-container sudo podman port --all
Within a network, root containers can communicate with one another using their LAN IP addresses. To discover the IP of a container, try:
sudo podman inspect --format "{{.NetworkSettings.IPAddress}}" my-container
Pods
To facilitate communication between containers without exposing them to the full capabilities and insecurities of a network, podman(1) introduces the concept of pods.
Within a pod, containers act like they are running on the same machine. They can communicate to each other through localhost and conventional Linux networking.
$ podman run --detach --name my-nginx \
--pod new:my-pod \
nginx:latest
$ podman run --interactive --tty --name my-alpine \
--pod my-pod \
alpine:latest
# apk add curl
[ ... ]
# curl http://localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
[ ... ]Note that containers within a pod must avoid already-bound ports.